Report - www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7

Report Overview

Submitted URL
www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP
172.67.74.32
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-29 22:05:23
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	1.6 kB	52 kB	104.17.25.14
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	358 B	31 kB	172.64.202.23
roomimg.stream.highwebmedia.com	23037	2016-09-05T19:03:58Z	2023-03-13T08:27:48Z	1.3 kB	43 kB	104.19.242.83
static-assets.highwebmedia.com	16059	2021-01-19T22:46:26Z	2023-03-13T07:54:12Z	396 B	1.4 kB	104.16.94.42
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	415 B	92 kB	45.133.44.10
syndication.realsrv.com	9112	2019-07-03T23:39:52Z	2023-03-13T05:10:53Z	5.9 kB	20 kB	95.211.229.247
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	766 B	444 B	216.239.32.36
js-agent.newrelic.com	378	2018-06-22T06:15:37Z	2023-03-13T05:22:57Z	3.9 kB	32 kB	151.101.194.137
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	958 B	33 kB	216.58.207.227
cdntube2.b-cdn.net	745929	2020-07-01T09:44:50Z	2023-03-06T03:48:02Z	474 B	686 B	169.150.247.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.4 kB	12 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
a.realsrv.com	10080	2019-07-03T18:12:14Z	2023-03-13T07:46:54Z	723 B	25 kB	185.76.9.19
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	387 B	406 B	3.120.47.42
i.jads.co	46788	2019-12-04T09:50:06Z	2023-03-13T05:59:55Z	513 B	361 B	69.16.175.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	54 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	3.8 kB	6.7 kB	93.184.220.29
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	381 B	78 kB	142.250.74.168
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	371 B	21 kB	142.250.74.46
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	712 B	423 B	192.243.59.12
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	1.3 kB	7.8 kB	172.64.166.9
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	377 B	630 B	142.250.74.106
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	2.0 kB	4.4 kB	23.36.76.226
poweredby.jads.co	30525	2019-12-04T11:34:12Z	2023-03-13T05:59:54Z	1.2 kB	5.0 kB	185.94.237.102
uniqueflatlysorting.com	unknown	2022-05-12T03:38:15Z	2023-03-09T09:02:38Z	401 B	14 kB	173.233.137.36
chaturbate.com	6807	2012-05-23T01:11:36Z	2023-03-13T08:27:47Z	1.2 kB	12 kB	104.18.100.40
naveljutmistress.com	unknown	2023-01-24T03:32:25Z	2023-03-10T02:12:39Z	4.7 kB	6.7 kB	173.233.137.44
bam.nr-data.net	630	2015-02-10T01:06:27Z	2023-03-13T05:22:57Z	2.6 kB	514 B	162.247.241.14
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.7 kB	4.8 kB	172.64.155.188
cdntube.b-cdn.net	434051	2020-07-01T09:44:50Z	2023-03-12T22:25:54Z	2.5 kB	20 kB	194.242.11.186
s3t3d2y8.afcdn.net	unknown	2022-08-09T00:22:56Z	2023-03-13T07:33:58Z	2.3 kB	50 kB	185.76.9.15
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.100
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.216.49.139
www.redd.tube	unknown	2022-05-09T20:20:16Z	2023-03-12T23:08:58Z	880 B	1.7 kB	104.26.0.198
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	445 B	386 B	45.133.44.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	friendshipmale.com/sfp.js	Malware
2023-01-29	medium	cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	uniqueflatlysorting.com	Sinkholed
2023-01-29	medium	naveljutmistress.com	Sinkholed
2023-01-29	medium	naveljutmistress.com	Sinkholed
2023-01-29	medium	unseenreport.com	Sinkholed
2023-01-29	medium	naveljutmistress.com	Sinkholed
2023-01-29	medium	naveljutmistress.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (47)

	URL	Size	First Seen	Last Seen
	bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken	49 B	2023-03-07	2024-03-22
Pretty URL bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken IP 162.247.241.14 ASN #23467 NEWRELIC-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-03-22 06:11:42 Times Seen2776 Hash ada33e5b8877e743ff658bf4bfa1867c 5a78662243dac43c0ee48bcb7e05a536b84c2e38 dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Loading...

	www.redd.tube/assets/js/components/hs.header.min.js	22 kB	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/js/components/hs.header.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen46 Hash 594d5271588a42ded710016f3133692f d7729d8a2d3351c671c424cbeb20c0a9d76be90c 3afcc1030ff0b5ac7f542778c89f71c4d0a2c4e1c7dbcead25262f0e2c69d2ef Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	59 B	2023-03-07	2024-04-25
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-25 08:40:59 Times Seen3625 Hash de7507ad26c6c904109c87dd5dfac288 952cae1ce6ce1e74b010b31b4357424c12a5960c 09f81a5c463b570b389ce0b118a29bf489353d0ae7d47eefee9b9e7b703e0e02 Loading...

	a.realsrv.com/nativeads-v2.js	60 kB	2023-03-12	2023-03-13
Pretty URL a.realsrv.com/nativeads-v2.js IP 185.76.9.19 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:14:21 Last Seen2023-03-13 18:59:45 Times Seen1 Hash 928f088e509e23cb88cac3f8f1fdccfa 21b43fd9d304f2027f605b8ad4de7851887afe41 deaa8a23488f3ec963af726e638d457b43db40170b437a11afa5c1ae67b27161 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-25 12:40:28 Times Seen244067 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	www.redd.tube/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL www.redd.tube/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 12:33:13 Times Seen54925 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	js-agent.newrelic.com/859.95d4308d-1222.js	6.7 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/859.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen4 Hash b087387593417c0b63259918da3584e3 5a58a1f92613148f4b977236b1a6463934cc1f93 1de1594a678d9dcbd8d9367a11fef1812376de4f23105c2a480609caeb88efec Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	43 B	2023-03-07	2023-09-04
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2023-09-04 04:10:17 Times Seen23 Hash 67a9120093581a1ab4345446b6b979ef d1469a85337a01eda04a24f915a10179f314f1dc a82930acf900852742105129872a0a9aa6d71aaf87aa2d3f6aac1ef8f64d7dcd Loading...

	uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js	37 kB	2023-03-13	2023-03-13
Pretty URL uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js IP 173.233.137.36 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:43:54 Last Seen2023-03-13 11:43:54 Times Seen1 Hash d270bce2aa852f18398ba752dc50f2d8 79ebd333444be4f90846151bb6b9de3072257bac 5920e51de8182d31b7ba3a930a64dae9cca877ba203a5c902fab8996332d2634 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0	1.5 kB	2023-03-13	2023-03-13
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 IP 104.18.100.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:43:54 Last Seen2023-03-13 11:43:54 Times Seen1 Hash 0f70e34b72ab0d16e50d5718d821b394 8cca20240f17e433a12e5430d52be54cf3073187 c1ee220b3fbfb987afe703bf1cc80ece922b0f6055c31031fe26efd1dd6eac42 Loading...

	http:blank	664 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:43:54 Last Seen2023-03-13 11:43:54 Times Seen1 Hash 11cd3dbab1da2ab5f56fceead4ec794d bf8a50dc88c320cfce25c1aec5a77d74e9328c66 beeb76a93e6c3ded50fe8b3037a89cfb85b24d6bb78a7ed01e6386a667fcebf7 Loading...

	js-agent.newrelic.com/142.95d4308d-1222.js	2.0 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/142.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 082c9f0a95ce6870ed4d9266fa0e41e5 abd5e82b64ab22da4bfa2de9fa27e8ae27fede92 b658136fadc6fc8c259f717c518f3b5c14fbdf90ea299d36387f9681e772b6ea Loading...

	http:blank	659 B	2023-03-07	2023-04-19
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2023-04-19 23:00:14 Times Seen3 Hash cc71c17ef23518d60affcdeb9e8ad9be 57b2e935195a6d8d5e4b1b7512ec4f0921931856 d9afa6dc27c0dde8bb7a2a2771e1dd2d51b5ab094c6d3d2b1d2ceeb9577d4ba8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.redd.tube/assets/vendor/hs-megamenu/src/hs.megamenu.min.js	10 kB	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/vendor/hs-megamenu/src/hs.megamenu.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen44 Hash a8e7e68b24a4d834e13b393e7ac8f097 176d207a6c91a11e552a313df072104259a8e0bd dc1ab6780716ef716077d5026153d38e152260ed1b3d1c8cc470c9250beb816f Loading...

	www.redd.tube/assets/vendor/dzsparallaxer/dzsscroller/scroller.min.js	24 kB	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/vendor/dzsparallaxer/dzsscroller/scroller.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen44 Hash af8445b1281973070ff8b04f67b1f11c 35be8a77b0c3482550a5f90cb477eea2f85146fc 87652a33f4f4fc3ea4b4492a27dc015c22484b9d27ecb6654d000f9e9f680ad3 Loading...

	a.realsrv.com/ad-provider.js	80 kB	2023-03-13	2023-03-13
Pretty URL a.realsrv.com/ad-provider.js IP 185.76.9.19 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:50:03 Last Seen2023-03-13 13:32:37 Times Seen1 Hash a9cbf71f7da45407dc22d38c0554aabb c86623937323852b5fe82a29fcb4473a501a4693 220753ac285aac028acbae225635aa9af8af1b92e568814e61881495122a72e5 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js	17 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:55 Last Seen2024-04-23 12:48:22 Times Seen762 Hash 9e3333ab37cbd7849dc647669aa0ca12 6f676b2df2717b03559df71c149ac55b9ddd74ad d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80 Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	3.0 kB	2023-03-07	2023-09-04
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2023-09-04 04:10:17 Times Seen23 Hash 02dfb32aa04f1447feca6475fbb8c73d a17a259ca9006428b733ec00084e502230f733c9 c6c25fd12f0efa6ac09c9ba74e64f7a6be0d7eb85a86a91417fc20e09e888c74 Loading...

	poweredby.jads.co/adshow.php?adzone=972163	1.9 kB	2023-03-07	2023-04-05
Pretty URL poweredby.jads.co/adshow.php?adzone=972163 IP 185.94.237.102 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2023-04-05 02:10:48 Times Seen259 Hash 5cd62169649c11f1057fd71c875fdd2f 6abb31f47f4927bf56249c39a3ef728c57385b68 1fdcbb5a37d7a7fb4938ab8f8a73fc7b68cadb81aecacdf7ad490525e6aea3fa Loading...

	js-agent.newrelic.com/569.95d4308d-1222.js	7.5 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/569.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:55 Times Seen4 Hash e97726ab932639fed09971b1d682788c 006828b20763e0c2357cb8fedf63b9e8c0440d97 5442d1b4e5503e7bf898d26807bda51d7bdbc22dd34f545d3c3cc91688f98021 Loading...

	poweredby.jads.co/js/jads.js	3.8 kB	2023-03-07	2024-04-25
Pretty URL poweredby.jads.co/js/jads.js IP 185.94.237.102 ASN #42567 Mojohost B.v. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-04-25 05:06:20 Times Seen8254 Hash bc8141c4650030c41f6a98026b12ce80 af5618f7e467a207d4c64627be580283ab5640cd 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0	252 B	2023-03-07	2023-06-16
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 IP 104.18.100.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2023-06-16 00:28:24 Times Seen370 Hash 7876c33a3d31f846f83cdbf48fae5117 3d71290e5c89e9405df07497355fcd4c4c7dca0a 12f6a2b97d2936e09b70d99a11212255551237c0abda6e9dcd0a71c27b57d0b9 Loading...

	js-agent.newrelic.com/457.95d4308d-1222.js	4.8 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/457.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash c16abc7fa2e34cbb7baf3e290120ad5a 9490809ae455b4ff698465990466bbc239a8d593 4f1c6499f6a30c6286a56fdf68659e09c40a44ca315ca91fe6a46bc953998dd2 Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	161 B	2023-03-07	2024-02-24
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen25 Hash 7b30dd0470cc5cfde0b7ddabd0144789 0b5b371abbe22808a070bc04c4936cd7b3ba67f8 86f3e704b34e7d21eb2393de7745902af54b34546e7304e2bb56e783994103ae Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	63 B	2023-03-07	2023-08-12
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2023-08-12 12:02:53 Times Seen22 Hash c09dc63827691c2925447ecbd4237f00 7ab6d91ee8b14e63dae5e476e78b7277103fbce6 2a90342766b0aed8f1678c4ee5a778f39888b4928dd273145c647c8294a0d20b Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	71 B	2023-03-07	2023-09-04
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2023-09-04 04:10:17 Times Seen23 Hash 8aaa7ecfb2b9270745b83f28c2447354 1006ff8cb7da11896c9544181466ca1cc3e34ddc d1472d7c5e0a061fbeffe55c1bb641da42df1254256ad18f296ec33b2c210585 Loading...

	www.redd.tube/assets/js/helpers/hs.hamburgers.min.js	518 B	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/js/helpers/hs.hamburgers.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen37 Hash 59d0db42a48c92b5c35346537458717b 339b675bcbbab29f2edf0380bf0d00d6fc239d66 d15020bafc805a03e76f112a3f846c8c4192ddb6c48f9976e399b4af5c5917c8 Loading...

	www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7	542 B	2023-03-07	2023-10-14
Pretty URL www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 IP 104.26.0.198 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:29 Last Seen2023-10-14 03:55:58 Times Seen182 Hash 4260fa3e21992d6c606cb1f1bf3d2ff8 1904901f13b59cff253ea6a73deb322b1994c7a3 4d3fa6a2f8132a2fa1cb9cbe462bf817a52d915d24103c06a277b5b394f011c7 Loading...

	static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js	316 B	2023-03-07	2023-06-16
Pretty URL static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js IP 104.16.94.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2023-06-16 00:28:25 Times Seen895 Hash a708027bfbbde438a72a93082d4bc4b5 600505d2d7b91de7713c13c15f4aa5f2a619b094 6f6724a00cb858aa73759829289a3593ec992eb2ce720825bd2239e53dca4d3f Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0	51 kB	2023-03-13	2023-03-13
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 IP 104.18.100.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 04:36:44 Last Seen2023-03-13 15:17:53 Times Seen1 Hash ae4b3f5853aa07f866a6ef16f2a836dc 0d1bf624bb285a6cd93bdf798a1954ec99567c6d 0bc6e95b3a2db8cd4585a83636b5cc6ff0024b8685918e3f313c2ba8bbe4e87d Loading...

	js-agent.newrelic.com/885.95d4308d-1222.js	16 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/885.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:48 Last Seen2023-05-04 15:49:56 Times Seen5 Hash fb9bb822463bccec4200657d3ae33dc0 08fc8d2b13be18fc53b51dd3c061278e87251e5b 93c7daa7232fea589edaf300f5ee521efa219138e047a7ae870dd74d9487f9ea Loading...

	js-agent.newrelic.com/620.95d4308d-1222.js	3.0 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/620.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash ca9b029ff66dd9146273984d16e20abc 6d97560ee6a096a95b04c91087c2c3a5d59a2f24 f30303e41262ed1ae693c03b4ebd0b8ef04eee3e46163bc5ae376e019905524b Loading...

	js-agent.newrelic.com/736.95d4308d-1222.js	4.7 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/736.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash def1dc24974c16a4e78c08e349b92860 27147ec38011c7b26fd8b2f08a9751db254c828d 221b0e5f79285115e0fbcec94120508a341186223526a9553048046530818612 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js	7.1 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:23 Last Seen2024-04-25 09:19:53 Times Seen1073 Hash b2d4316164f47c0c1064e7e83dd72167 714c992e91da6ede8bad97f87375ca2e3b89be1a 26494360e0db8345fef2c3e22a47055116f9cfb46f94d308684dd1036cfdeefc Loading...

	www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:43:55 Last Seen2023-03-13 11:43:55 Times Seen1 Hash 9ec97acb3406f63d55f05250cc65b90a 87578400a7970359000083d639ebd7c3bde78476 9c7740a9298807a9a8eebe33149996a4398a7e8fb4d68b022ca1c26032e34184 Loading...

	chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0	1.9 kB	2023-03-13	2023-03-13
Pretty URL chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 IP 104.18.100.40 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:43:55 Last Seen2023-03-13 11:43:55 Times Seen1 Hash 0ddb2b5d31a8d45b2ff03e94819b3aa8 e49c8079f8b9ee14c168f54f5ffcea85bbcf0ace 9ed13b10e7cf03187beebfbea8e4b04d19777ca4fe5fab41d49c3ea58ed4afa6 Loading...

	js-agent.newrelic.com/244.95d4308d-1222.js	6.9 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/244.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash a24fd7e602a6b44ab4c03cab69c843c6 57157918ba70de0486aa2f52efcae2ff0c465993 94d7e0d89806dad5b38503db570b3154cdfc886a6fca65cc0897bb4c2c18e648 Loading...

	js-agent.newrelic.com/41.95d4308d-1222.js	828 B	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/41.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 29dd8aef66100e4c69e07fd60fc88b12 782578a4e84457c0a5295be82741ac611a6f522d 334dc34df8944a7cec9a7f00e250fac46113625e9a8c5dd176caf8bcef5bb676 Loading...

	www.redd.tube/assets/vendor/dzsparallaxer/advancedscroller/plugin.min.js	27 kB	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/vendor/dzsparallaxer/advancedscroller/plugin.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen45 Hash 1822451b6f845744533d2f1baddd8fd2 3a28acb160e77405b314ce84a5bbc75c5131394a c4f111c528c0541845e09725778178cf51b4a5488b9ef5276063921a1062be2a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 12:28:35 Times Seen62334 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.redd.tube/assets/js/hs.core.min.js	2.3 kB	2023-03-07	2024-02-24
Pretty URL www.redd.tube/assets/js/hs.core.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:20 Last Seen2024-02-24 10:59:25 Times Seen35 Hash b43939500af4a826bc0aa0a630b7004e 014600274651e42e35d52ce6c76a0b1e4dabf713 38b12894cd3a353d5a916fc09c9316819573e7eaa7bbc9be6135913d361bc2ea Loading...

	js-agent.newrelic.com/466.95d4308d-1222.js	6.8 kB	2023-03-13	2023-05-04
Pretty URL js-agent.newrelic.com/466.95d4308d-1222.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:42:49 Last Seen2023-05-04 15:49:56 Times Seen5 Hash 2b339e4b3b0435de10496ee00de8446a 79f268e9f3a219853b3ac8ef5bb30b46de0d39b3 65d385b4c059f3ff75a6c54cc09fe0fd32ea3a2487a11589285627684b7f7211 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ee96ee0ff39d06ee46967ea0a4f38920	18 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 23:55:23 Times Seen10 Hash ee96ee0ff39d06ee46967ea0a4f38920 c9845dff70a7e5a84a3fa809492b79ed7205d595 84492b52082c1892214a926abf2277177e728654043d52ccc5421de3250d13fb Loading...

	#2 Eval - 131234ef281e470acdb8d4d686e0d230	19 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 22:27:20 Times Seen9 Hash 131234ef281e470acdb8d4d686e0d230 ff6857e18a2f94655d03f11697056004e644d0f7 12bcfb40473c701ab657dde154c8e364c145365470bb95f387fc2d1560913b20 Loading...

	#3 Eval - 8968e6d216aa62e38a80e768b3e9fcd8	12 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 22:27:20 Times Seen8 Hash 8968e6d216aa62e38a80e768b3e9fcd8 976da752c84b3f621cc714c5f1e49ae3f22b3b36 55e5ccfd18460fb0b3fee6c4078508343f02478673dfa1cad44931f3e0db3281 Loading...

	#4 Eval - 0ad2ecb1f29007854df2c43fecfec81a	29 B	2023-03-12	2023-09-17
Pretty Observations First Seen2023-03-12 20:00:33 Last Seen2023-09-17 23:55:23 Times Seen9 Hash 0ad2ecb1f29007854df2c43fecfec81a bb96cc6c92df6c07343e0348b494551081efd03c 8ab0e3d5ddf5be4b8c4dd05937db01f37799d273b153fd38345fb1f62dfd8854 Loading...

HTTP Transactions (116)

URL IP Response Size

www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7

104.26.0.198

301 Moved Permanently

0 B

URL HTTP/1.1
www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP
104.26.0.198:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 22:05:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 23:05:12 GMT
Location: https://www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikn66aMJNojKhEDGYWpP4gN5OCYy8ESyie5QA2fwxbXLgTPZSyyU71wwr6pmGW8hCkOqqcPmGAuCt8dCodSN6BJq1cyqujlWQ9YeuHhAJun9YgqdoklBLeqLesaMsvE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79154496e990b506-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14033
Expires: Mon, 30 Jan 2023 01:59:05 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13804
Expires: Mon, 30 Jan 2023 01:55:16 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 21:43:09 GMT
content-type: application/json
age: 1323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12658
Expires: Mon, 30 Jan 2023 01:36:10 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
292c5af624e04fab603cb51ff5554956
d41398e72833d298e2db086d7ff19e9ebd8f1c5a
92915f8ac15a26425f4786f06374c01cab9fc99b544a05c5424dea70644699c3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92915F8AC15A26425F4786F06374C01CAB9FC99B544A05C5424DEA70644699C3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 29 Jan 2023 23:41:59 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: qJ/SCDrrZpQ0FRT70QM2OaTCKXiNTCz+sA91rN2Hu1JBWZilK4gv4wDQp/cmtTG6szArxNgBigpY8ZWsy5gPBg==
x-amz-request-id: AFQBVCRWB16QE3X0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 21:50:29 GMT
age: 883
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
292c5af624e04fab603cb51ff5554956
d41398e72833d298e2db086d7ff19e9ebd8f1c5a
92915f8ac15a26425f4786f06374c01cab9fc99b544a05c5424dea70644699c3

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92915F8AC15A26425F4786F06374C01CAB9FC99B544A05C5424DEA70644699C3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 29 Jan 2023 23:41:59 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:10:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:10:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js

104.17.25.14

200 OK

2.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6986)
Size
2.4 kB (2382 bytes)
Hash
d52d77d3d2509d28eb46447ac1b61c57
3974e3359a2bd83f267a483ef6e29f6acf5c3f4c
454f974335899785b7299c0d75bb8c443c6f3742699882f75c09e88b6c86b640

HTTP Headers

GET /ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 2382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1bab"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 926348
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rClz7rPuh6bLcnXRbvrnp5AFHYdicq8NbRfrwaF7rVQ9Xmi8QK%2FqdgvEqsTZO4f3WViApSCyUHjSKlli6%2FW8lD9FRWgOiZEM3fwgRa7TGXSLM0sPrGMlZ6vLHxKPy5GjqEicwlAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bcba81c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 256947
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do79L%2BgnRrOnwJtiKCzm2B5je68LCpV9Vrdffx1Tj3fPI%2FdlRJJXbGDOQ6YSa5V62wC5zkECknnBAvII4QmSgivKa3dlBHU0tW4OVto5qLS347v0LQ%2BOxW38beL75eqE5Z1CimP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bdbb11c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js

104.17.25.14

200 OK

12 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (50758)
Size
12 kB (12265 bytes)
Hash
d9631ece5b18b1e06f7522a52393b387
93403c9f97ebf85b129ece615058f494c00341bb
ce1a904c2a360c75e56e8059f8970fd1fc90058fb528ff3fe57fe2396f0f63ed

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 12265
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-c75f"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2089489
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41Hx6D3S52HKP%2BEZgz462kSRrcdgvC99Y5MdIDndZDwPPUKP5TRxVNFmrUZgxhY59wTO49nG6XjfIrUqrfdQRKJGTOpE9FbvaNn4ldke93qs0tLLBLhns4GkeJ3itMrDfDEdmYOZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bfbd21c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js

104.17.25.14

200 OK

5.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16246)
Size
5.7 kB (5720 bytes)
Hash
0a2f468dfd31d876bf8b8b9af8531a4f
1f7983e3a69bc95a17e78ad7a691def0acc5c0e4
12e85b61a16b690e16f38d061cc19302a4419a3c1bf0f0214f05fb7fa283645a

HTTP Headers

GET /ajax/libs/jquery.form/4.2.2/jquery.form.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 5720
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-42d4"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 928605
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LstcXaVom3vIjW6B1DtJgk3ovQQkGtFA9TAZhUtAfirShlzX8lHHhOtmDTaOvkOITaHNlrRMVwf%2FwEg2XzhtBHFRhlVK6Mqz2qFPGnEkkc03PV7FAaZm0fUvQ6ihUiuw%2BbD2no7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bfbfab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V

142.250.74.168

200 OK

78 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21849)
Size
78 kB (77786 bytes)
Hash
081415e1c901f107948076e538918c55
6dd27eebcf49abacdec2de36e6340896684953a7
7bf135f59bc36b75d5476feae9ca66ced4fbf28a676e9a65f989b3697728d04e

HTTP Headers

GET /gtag/js?id=G-Z1WP23B83V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 22:05:12 GMT
expires: Sun, 29 Jan 2023 22:05:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
3a8009a5341494164af095f1d6da2135
88c78ab8317a5ed3471a7ea9373b324bfbcc2247
6923c67f06351d02fd0a0400dcfdc9e7f31e785d8003f176ac8a14c8fb1f161c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:35:30 GMT
Expires: Sat, 04 Feb 2023 02:35:29 GMT
Etag: "88c78ab8317a5ed3471a7ea9373b324bfbcc2247"
Cache-Control: max-age=447616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449c092bb4ee-OSL

poweredby.jads.co/js/jads.js

185.94.237.102

301 Moved Permanently

178 B

URL HTTP/1.1
poweredby.jads.co/js/jads.js
IP
185.94.237.102:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449ca9c8b4ee-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cd86ab50f-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cedafb4fa-OSL

cdntube.b-cdn.net/sprite/fast-sprite.png

194.242.11.186

200 OK

952 B

URL HTTP/2
cdntube.b-cdn.net/sprite/fast-sprite.png
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
952 B (952 bytes)
Hash
c34ba40ac9883424ecb72a803eb658f7
0ce32aa430af47ad16dc625a4e86d726aae48962
76beac271eb8e61cb2f2081e7e75e718b056e775ce8858c2ed22c08c69e734b9

HTTP Headers

GET /sprite/fast-sprite.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 952
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 23 Feb 2021 21:14:59 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 90
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
cdn-cachedat: 08/16/2022 04:39:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7592f61854d5ffc5fca76c65f3e3637e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdntube.b-cdn.net/thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg

194.242.11.186

200 OK

2.9 kB

URL HTTP/2
cdntube.b-cdn.net/thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x711, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.9 kB (2918 bytes)
Hash
97fc9a1b52b148c8d0d57f1b439f8ffe
4a1788624d4d05d0c55969f99ddc235b7da290a9
47afb9ef5ba63c029ccc2dae5d97ce368bd2d4b0845515f83f21b5a961c1af94

HTTP Headers

GET /thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2918
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 29 Apr 2021 07:16:04 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 91
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d064988bdcb7d1419fcbad0cb41952a3
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdntube.b-cdn.net/thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg

194.242.11.186

200 OK

7.2 kB

URL HTTP/2
cdntube.b-cdn.net/thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x864, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.2 kB (7246 bytes)
Hash
dd0aedb963b874eee161b40014a7d879
ed785de83befb4bad220f6b9c2a52049055f9e74
623f2d1fdcf9d1569adffce8c89d79304efe2ddd97dc9ff94535183668309d28

HTTP Headers

GET /thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 7246
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 14 May 2021 21:10:26 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 112
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1eb7cee85a26eea89857b7bb7adccf7b
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

poweredby.jads.co/js/jads2.js

185.94.237.102

200 OK

2.0 kB

URL HTTP/1.1
poweredby.jads.co/js/jads2.js
IP
185.94.237.102:0
ASN
#42567 Mojohost B.v.

File type
data
Size
2.0 kB (1956 bytes)
Hash
64d90b7fb75fb0de26dbce0b9dc14bcc
857af6de92de5e4ff2776af51f8879851cfaad96
d161abccd8dfae20d6c981e2048c8fd97245e6a3725b7bb784e681a7ac7a85b2

HTTP Headers

GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redd.tube/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip

a.realsrv.com/ad-provider.js

185.76.9.19

200 OK

24 kB

URL HTTP/2
a.realsrv.com/ad-provider.js
IP
185.76.9.19:0
ASN
#60068 Datacamp Limited

File type
data
Size
24 kB (23619 bytes)
Hash
04ef50d71a6af23a17e1ed56d05b0f24
49da297aa3ed675c8ccdf74e67d1d2c26b43d4e9
0c98f8ee0ae76c3db873bc796515fef45b8ec849d392675526d62375fb27205f

HTTP Headers

GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript
etag: W/"c86623937323852b5fe82a29fcb"
expires: Tue, 24 Jan 2023 13:18:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675030828
server: CDN77-Turbo
x-77-nzt: AblMCQ2dTDr/nCYAAA
x-77-nzt-ray: c0a4cc28e14a58cd98edd6635db46d38
x-cache: HIT
x-age: 9884
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cefe40b69-OSL

syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7

95.211.229.247

200 OK

4.5 kB

URL HTTP/1.1
syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
JSON data\012- , ASCII text, with very long lines (8764), with no line terminators
Size
4.5 kB (4535 bytes)
Hash
c20fd5e673d73936068cd0f4b45c2067
96202bfe9b1ad4be52f02f3a906819c37b1bbd66
9a01ad54495192aae79db82ec8e06a7282e707c43efeccbb1d5d9e5aab2e2e72

HTTP Headers

GET /splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99313a40.256892921638320713%22%3B%7D; expires=Tue, 28 Jan 2025 22:05:13 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
impressions=oslmrxbrnxgxamrexbxacgeicxbmsbcenxgxamclarlmmgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamreollxsgeicxbmsbocnxgxamclbraeegeimmccrlaonxgxamccxobsegeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamclrbcelgeioslmrxlrnxgxamslescrogeimmccrbxenxgxamclarlmmgeislsaroornxgxamccolacbgeioslmroemnxgxamclrbcrogeioslmrxlsnxgxamclrbcelgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamcberosogeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrexbxacgeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrexbxacgeimrblxebenxgxamselmborgeimcclsxconxgxamsbremaegeirbabxabbnxgxamcbexxbmgeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamcxbemmxgeimcclsoeonxgxamcbcebxbgeimcclsxlcnxgxamrexbxacgeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamsmoooeegeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamclrbcrogeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamreollxsgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamsbmrxregeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamclxcsocgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimxlbmosanrgxamclcasocgxcceimxlbmoconogxamclcasocgxcceicmarxbbonsgxamclcboecgxcceimclsaoxbncgxamclcbamegxcceimbbcemoancgxamclcbllogxcceimmraexoenxgxamclrexlegxcceimmraexxanxgxamclrexlegxcceimmraexsenxgxamclrexlegxcceimaooloranxgxamclrexlmgxcceimrsbrelonxgxamclrreosgxcceimabcabaonxgxamclrreosgxcceimsleoaronxgxamclrreosgxcceiceecmorsnxgxamclrassmgxcceimcclsxcanxgxamclrbcelgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeimxlbalcensgxamclrbcxbgxcceimxlbmxbbnsgxamclarlmmgxcceialbserxonxgxamclarlmmgeimcssmlronsgxamclarlmbgxcceimxlbalsbnsgxamclarlmbgxcceimrmaobxanxgxamclamoelgxcceimromobmenxgxamclamoxlgxcceimxlbmoobnogxamclabecmgxcceimaoolslanxgxamclabblogxcceimbmlselenxgxamclmmlcxgxcceimbamerlbnxgxamclmmlcxgxcceimexxlrbenxgxamclbsslxgxcceimbmlselonxgxamclbsbbcgxcceimbmlsebbnxgxamclbsbbcgxcceimbrsslsansgxamclbslcegxcceimrmbbobcnxgxamclbrralgxcceimxlbmoscnogxamclbraeegxcceiaaxcambbnxgxamclbraeegxcceimxxrecsanxgxamclbraeogxcceimxlbmosenogxamcllxaobgxcceimbclraronogxamcllxaobgxcceixaoossalnxgxamreerlargxcceimxeemlxcnxgxamreerlargxcceimbmmcllonxgxamreebbcogxcceimoobcomanxgxamreebbcogxcceimoobcobenxgxamreebbcogxcceialrexeoonxgxamreellmbgxcceircmbbroanxgxamrexxxaogxcceimbscxmxanxgxamrexxxaogxcceirrmlllronxgxamrexxxaogxcceimbscxmoanxgxamrexxxaogxcceimcssmlrcnsgxamrexxxaogxcceimeembecenxgxamrexslclgxcceimeembescnxgxamrexslclgxcceimbmmreecnxgxamrexrlsegxcceimxlbmosonogxamrexaoxsgxcceimboslabanxgxamrexaoxsgxcceimbsblroanogxamrexabcagcbeirreacmsbnxgxamrexabcagxcceimcssmlrensgxamrexabcagxcceimxlbmxlonsgxamrexmrecgxcceimxlbmxlcnogxamrexmrecgxcceimxxerrecnxgxamrexmrecgxcceimxxerreanxgxamrexmrxmgxcceimmraexoonxgxamrexmmccgxcceimeembesonxgxamrexmmccgxcceimmcmerrenxgxamrexmmccgxcceimxeemblanxgxamrexbxargxcceimromobacnxgxamrexbxmegxcceimaoolcoonsgxamrexblosgxcceimxlbmoaonxgxamrexblosgxcceimxlbmxlenogxamrexllbogxcceimbbmsoxanxgxamreoslobgxcceirarrrcaenxgxamreoceexgxcceimxxerrxenxgxamreoceexgxcceimsacexoonxgxamreoceexgxcceimamsorebnxgxamreorxblgxcceimxeoxsbenxgxamreollxsgxcceimcclosscnxgxamreollxsge; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C71021380%7C110382%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74493138%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C23975187%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74492334%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 21:41:41 GMT
age: 1412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

syndication.realsrv.com/v1/api.php

95.211.229.247

200 OK

8.3 kB

URL HTTP/1.1
syndication.realsrv.com/v1/api.php
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
8.3 kB (8296 bytes)
Hash
f0a44bcce0cd169cd8c7e1dcb7d99cba
18c6299ebd3b9b4930b142619e13bc80a8dec322
7cc6da6ef6598bc8ed322db9c5a4079afe9e2e87e2fc4897b9875c18b41d7ea3

HTTP Headers

POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 318
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99319550.048939092023935569%22%3B%7D; expires=Tue, 28-Jan-2025 22:05:13 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

cdntube.b-cdn.net/logo/logo-redd-2x.png

194.242.11.186

200 OK

2.4 kB

URL HTTP/2
cdntube.b-cdn.net/logo/logo-redd-2x.png
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.4 kB (2412 bytes)
Hash
21c00320600e74873fd8f868869e86c0
50b86e653e75ad04fff2066446b1f58394f31a6f
8969cb3ece2e5ad806e2fe83fbf476679ae652e32b9a773eb9b6eda8f5de0020

HTTP Headers

GET /logo/logo-redd-2x.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2412
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 04 May 2022 02:04:27 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 290
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/10/2023 19:43:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 65b289fbafde6c2b1a437d865316cc2c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d1e2911d9c76ecaceb9519d14a6be0bd
2187a27b3dfc08e4726171d34b901bc427871e25
d23b6087d605991326f1bbdc392d26d12e8eff6fa165aa332eb337733ecd30c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D23B6087D605991326F1BBDC392D26D12E8EFF6FA165AA332EB337733ECD30C2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12072
Expires: Mon, 30 Jan 2023 01:26:25 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive

cdntube.b-cdn.net/thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg

194.242.11.186

200 OK

2.6 kB

URL HTTP/2
cdntube.b-cdn.net/thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x864, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
2.6 kB (2618 bytes)
Hash
5157c8b78fa8fb6900bc412856cd2638
877c589b8fb8a926e32d877b53c96c28841a75e4
4fb235a7b41f1ad65d90ec16608665e72dff521bbd0cc4351e3c75a3688b6ddf

HTTP Headers

GET /thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2618
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sat, 08 May 2021 08:19:01 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 123
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f868c424908554becb881864d0d3546e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA

95.211.229.247

200 OK

20 B

URL HTTP/1.1
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99319550.048939092023935569%22%3B%7D; impressions=oslmrxbrnxgxamrexbxacgeicxbmsbcenxgxamclarlmmgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamreollxsgeicxbmsbocnxgxamclbraeegeimmccrlaonxgxamccxobsegeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamclrbcelgeioslmrxlrnxgxamslescrogeimmccrbxenxgxamclarlmmgeislsaroornxgxamccolacbgeioslmroemnxgxamclrbcrogeioslmrxlsnxgxamclrbcelgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamcberosogeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrexbxacgeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrexbxacgeimrblxebenxgxamselmborgeimcclsxconxgxamsbremaegeirbabxabbnxgxamcbexxbmgeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamcxbemmxgeimcclsoeonxgxamcbcebxbgeimcclsxlcnxgxamrexbxacgeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamsmoooeegeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamclrbcrogeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamreollxsgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamsbmrxregeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamclxcsocgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimxlbmosanrgxamclcasocgxcceimxlbmoconogxamclcasocgxcceicmarxbbonsgxamclcboecgxcceimclsaoxbncgxamclcbamegxcceimbbcemoancgxamclcbllogxcceimmraexoenxgxamclrexlegxcceimmraexxanxgxamclrexlegxcceimmraexsenxgxamclrexlegxcceimaooloranxgxamclrexlmgxcceimrsbrelonxgxamclrreosgxcceimabcabaonxgxamclrreosgxcceimsleoaronxgxamclrreosgxcceiceecmorsnxgxamclrassmgxcceimcclsxcanxgxamclrbcelgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeimxlbalcensgxamclrbcxbgxcceimxlbmxbbnsgxamclarlmmgxcceialbserxonxgxamclarlmmgeimcssmlronsgxamclarlmbgxcceimxlbalsbnsgxamclarlmbgxcceimrmaobxanxgxamclamoelgxcceimromobmenxgxamclamoxlgxcceimxlbmoobnogxamclabecmgxcceimaoolslanxgxamclabblogxcceimbmlselenxgxamclmmlcxgxcceimbamerlbnxgxamclmmlcxgxcceimexxlrbenxgxamclbsslxgxcceimbmlselonxgxamclbsbbcgxcceimbmlsebbnxgxamclbsbbcgxcceimbrsslsansgxamclbslcegxcceimrmbbobcnxgxamclbrralgxcceimxlbmoscnogxamclbraeegxcceiaaxcambbnxgxamclbraeegxcceimxxrecsanxgxamclbraeogxcceimxlbmosenogxamcllxaobgxcceimbclraronogxamcllxaobgxcceixaoossalnxgxamreerlargxcceimxeemlxcnxgxamreerlargxcceimbmmcllonxgxamreebbcogxcceimoobcomanxgxamreebbcogxcceimoobcobenxgxamreebbcogxcceialrexeoonxgxamreellmbgxcceircmbbroanxgxamrexxxaogxcceimbscxmxanxgxamrexxxaogxcceirrmlllronxgxamrexxxaogxcceimbscxmoanxgxamrexxxaogxcceimcssmlrcnsgxamrexxxaogxcceimeembecenxgxamrexslclgxcceimeembescnxgxamrexslclgxcceimbmmreecnxgxamrexrlsegxcceimxlbmosonogxamrexaoxsgxcceimboslabanxgxamrexaoxsgxcceimbsblroanogxamrexabcagcbeirreacmsbnxgxamrexabcagxcceimcssmlrensgxamrexabcagxcceimxlbmxlonsgxamrexmrecgxcceimxlbmxlcnogxamrexmrecgxcceimxxerrecnxgxamrexmrecgxcceimxxerreanxgxamrexmrxmgxcceimmraexoonxgxamrexmmccgxcceimeembesonxgxamrexmmccgxcceimmcmerrenxgxamrexmmccgxcceimxeemblanxgxamrexbxargxcceimromobacnxgxamrexbxmegxcceimaoolcoonsgxamrexblosgxcceimxlbmoaonxgxamrexblosgxcceimxlbmxlenogxamrexllbogxcceimbbmsoxanxgxamreoslobgxcceirarrrcaenxgxamreoceexgxcceimxxerrxenxgxamreoceexgxcceimsacexoonxgxamreoceexgxcceimamsorebnxgxamreorxblgxcceimxeoxsbenxgxamreollxsgxcceimcclosscnxgxamreollxsge; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74492334%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Tue, 28 Jan 2025 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12346
Expires: Mon, 30 Jan 2023 01:30:59 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive

s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4

185.76.9.15

206 Partial Content

12 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
IP
185.76.9.15:0
ASN
#60068 Datacamp Limited

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
12 kB (12161 bytes)
Hash
96ad52c24f7c0e4db3bf8e6c12b35a4d
b55663983b553c9f9adb0e1ada3af807a55715ec
f31922b7651e0582b68857a63239cc02dc53c0e30565fa5d11b74bf43e85527a

HTTP Headers

GET /library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: video/mp4
content-length: 12161
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-2f81"
expires: Wed, 09 Aug 2023 11:37:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581143
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2Xbxz/QqbkAA
x-77-nzt-ray: c0a4cc28304190d399edd663c6e21c21
x-cache: HIT
x-age: 14984770
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-12160/12161
X-Firefox-Spdy: h2

uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js

173.233.137.36

200 OK

13 kB

URL HTTP/1.1
uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js
IP
173.233.137.36:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37162), with no line terminators
Size
13 kB (13430 bytes)
Hash
f52681b535dcdabcd3d245a126fa8ebf
76aca31c5db7cf20a0bb0d35132b55bd1e295cab
906da2635e9a5588a16e494495bfce7475e80ac268d69b010b964729e3975898

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /d4/53/67/d45367c1e1a2457563c268888ecb3001.js HTTP/1.1
Host: uniqueflatlysorting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac154e4f8021474e1e70693b03b0cdaa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

s3t3d2y8.afcdn.net/library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp

185.76.9.15

200 OK

10 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp
IP
185.76.9.15:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10414 bytes)
Hash
0e4867359692ea09486c09307f5db054
aff16dc44b7afe6bc9c40ebc15af039a96c09055
c860932ff98f21366a4861ea670b31fd0a8383327cbfc09040647cefd7889970

HTTP Headers

GET /library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 10414
last-modified: Thu, 03 Mar 2022 12:22:53 GMT
etag: "6220b31d-28ae"
expires: Sat, 09 Sep 2023 00:34:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694772112
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ07S43/ifWzAA
x-77-nzt-ray: c0a4cc28304190d399edd663d24a4b29
x-cache: HIT
x-age: 11793801
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp

185.76.9.15

200 OK

9.0 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp
IP
185.76.9.15:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.0 kB (9022 bytes)
Hash
03a466116a5e875e0bd4dfa768d88d94
d12ccb590ad00f4923f36212a376a907910dcbf6
1095a12ca3638c3d19f40704809776f1f6349a7b06e35cba865e2126ed6ba52c

HTTP Headers

GET /library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 9022
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-233e"
expires: Sat, 15 Jul 2023 11:38:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689614225
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2fVUj/iKkCAQ
x-77-nzt-ray: c0a4cc28304190d399edd6636a5c5829
x-cache: HIT
x-age: 16951688
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp

185.76.9.15

200 OK

9.6 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
IP
185.76.9.15:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.6 kB (9562 bytes)
Hash
070a232d0b0e025bfc65d90c1f5ece91
b69b0ad953e27d2318d3b7783f89b2f03cac130e
bd774d7c7edcc81fd3f49a59ed1ef48868b2531bba2ee9762213e2b023f4c5de

HTTP Headers

GET /library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 9562
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-255a"
expires: Fri, 30 Jun 2023 11:09:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195383
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0bqUP/4k8YAQ
x-77-nzt-ray: c0a4cc28304190d399edd663a5d75b29
x-cache: HIT
x-age: 18370530
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

s3t3d2y8.afcdn.net/library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp

185.76.9.15

200 OK

6.3 kB

URL HTTP/2
s3t3d2y8.afcdn.net/library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp
IP
185.76.9.15:0
ASN
#60068 Datacamp Limited

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.3 kB (6324 bytes)
Hash
08f0d637a8bece01677b78c56c3477b5
8d556f01a0a027fd5743a851458a0c2fa83388ba
07698e284ebdc9b08584215029b7bc35b2424b91f52e0a30c8e50bec44e59ad2

HTTP Headers

GET /library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 6324
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-18b4"
expires: Sat, 15 Jul 2023 11:43:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689440333
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1EE7D/zFAFAQ
x-77-nzt-ray: c0a4cc28304190d399edd663d1b0f829
x-cache: HIT
x-age: 17125580
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9683
Expires: Mon, 30 Jan 2023 00:46:36 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144762
Date: Sun, 29 Jan 2023 22:05:13 GMT
Etag: "63d67516-1d7"
Expires: Tue, 31 Jan 2023 14:17:55 GMT
Last-Modified: Sun, 29 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _KaWpHtjDqk7Fgt3qHGfMvkc4fPgmB5p4ZUbr_jwKuvk7xbdJuc69A==
Age: 2813

simplewebanalysis.com/stats

3.120.47.42

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.120.47.42:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
be67904369bfcfd0891a347cc0566e5d
51a6f26c529e54401a5804e325473befe45decd9
b2102abfda38fc4a3cf9fcbc5d31f57fe99e2b48627bc48a0785fde52c07b03f

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.redd.tube
access-control-allow-credentials: true
set-cookie: uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; expires=Wed, 26 Jan 2033 22:05:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.216.49.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.49.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OaoGabpTa6enOwmZ82WjnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2MF0mHi9bAvXMtPKzNxf1ITngdM=

poweredby.jads.co/adshow.php?adzone=972163

185.94.237.102

200 OK

1.7 kB

URL HTTP/1.1
poweredby.jads.co/adshow.php?adzone=972163
IP
185.94.237.102:0
ASN
#42567 Mojohost B.v.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1576), with CRLF, LF line terminators
Size
1.7 kB (1715 bytes)
Hash
ab4e8ab24e07b8b887ea82d2634bb2ad
9535d8dfbe693b80d4272d998a62cf63757c73b2
c1cc522d6fd4e9000507adfb39ccf245f48017c40723742d8e255bec30ed00dd

HTTP Headers

GET /adshow.php?adzone=972163 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0c60d5edb1d1dea2cb949bd17bcd81df; expires=Mon, 29-Jan-2024 22:05:13 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 01-Feb-2023 22:05:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 01-Feb-2023 22:05:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip

region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V&gtm=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V&gtm=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-Z1WP23B83V&gtm=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.redd.tube
date: Sun, 29 Jan 2023 22:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

172.64.202.23

200 OK

30 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.202.23:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
30 kB (29785 bytes)
Hash
0bb4478891b9dbc409e01ebcbec51bbf
97cebc2fa565dc240f730f809ea1cc8616a5e32b
395b0f79e1bcd18ae9b6f5d42122a02fd954ade1bb979177e12f17d1dbcf6270

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9fa6aecc10ad143fdfee1e1488206286
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Jan 2023 22:05:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V0RG6GgbibP%2FrT7Ro5a37rDsCsP7y9pK%2B%2FWvg3i2OL2JNgmCMDoqfkQgALO4xbW7BkcH3MsszAhn2KQb44W3wZ53q%2Ft5M5yZ8c0IqkcYdlM7OxTNzLWPCxPahlHqgaZacitzKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a0eabb71a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdntube.b-cdn.net/favicon/favicon-16x16.png

194.242.11.186

200 OK

332 B

URL HTTP/2
cdntube.b-cdn.net/favicon/favicon-16x16.png
IP
194.242.11.186:0
ASN
#34989 ServeTheWorld AS

File type
RIFF (little-endian) data, Web/P image\012- data
Size
332 B (332 bytes)
Hash
ded2b1ef88b4c1826be4981640b88802
1bfcdd5bc5652deab6f80a6c891753507c5eac91
263b1585ee8fad3076fc9599ab934ccbe42d25628a9df35689480a1453c24c99

HTTP Headers

GET /favicon/favicon-16x16.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 332
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 19 Feb 2021 03:57:29 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 113
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 11/29/2022 21:20:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 59f840b45af0dd22f2d24a3b41068285
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
bf4ae949000bdac674fa80403cf14c6b
bba8a737893ad3e4aa0c6403fc275a5dae9c949c
b7f7c733815cc4fa7d7ee5a9fb45f71e7532a858855ebb808d561bb0ce8b62ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:13 GMT
Last-Modified: Sun, 29 Jan 2023 20:50:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314

i.jads.co/1x1.gif

69.16.175.10

200 OK

43 B

URL HTTP/2
i.jads.co/1x1.gif
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

HTTP Headers

GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0c60d5edb1d1dea2cb949bd17bcd81df; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
etag: "1457030838"
cache-control: max-age=12195353
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1675029913.dop020.sk1.t,1675029913.cds245.sk1.hn,1675029913.cds264.sk1.c
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9683
Expires: Mon, 30 Jan 2023 00:46:36 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive

chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f

104.18.100.40

302 Found

314 B

URL HTTP/2
chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
IP
104.18.100.40:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
314 B (314 bytes)
Hash
bf4ae949000bdac674fa80403cf14c6b
bba8a737893ad3e4aa0c6403fc275a5dae9c949c
b7f7c733815cc4fa7d7ee5a9fb45f71e7532a858855ebb808d561bb0ce8b62ea

HTTP Headers

GET /in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ;  style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com;  img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ;  font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ;  connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ;  media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com;  object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ;  frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ;  child-src 'self' blob: blob ;  worker-src 'self' blob: blob ;  form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ;  manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ;  report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Fri, 03 Feb 2023 22:05:14 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJyrVipRslJQqjAMSlHSUVBKzi0Acf2SHStDQfySomwQvyg1JSWzBCRQBOJmlJQUFFvp6xfkl6cCpZIq9bISU4r1kvP1QUoS09JAinITKyoqclNTMhONDAwtQBJgo40MlWoBrNohbw=="; Domain=.chaturbate.com; expires=Tue, 28 Feb 2023 22:05:14 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Mon, 30 Jan 2023 04:05:14 GMT; Max-Age=21600; Path=/
stcki="R2oKO-=0"; expires=Tue, 28 Feb 2023 22:05:14 GMT; HttpOnly; Max-Age=2592000; Path=/
sbr=sec:sbr712ecba0-58b4-410a-82a2-ebabd0f06ff4:1pMFnW:kGPtd1M7F-Zd5aNLpwVb3OaVbL0; Domain=.chaturbate.com; expires=Fri, 24 Oct 2025 22:05:14 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=lQ0Yp32ZJ5SzYoFdlFSxE8kLsH2lJ1IcrNS_4jW5aK8-1675029914-0-AVSDV12pHAYD0ybtQPvq4ZYgP4lVNB3n6PucKPp9+ILAp1Cue9Js6eubCoJOJcYZZDjpxSIFQWcEM8XsT2uRhbo=; path=/; expires=Sun, 29-Jan-23 22:35:14 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791544a24dc0b4f7-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29c3aadcd47a30f32512235085897891
4aeb872839929bdf0a10d2fddf3e65a9191b23bf
2514a4d02f01ccbe0c9a16be16bfe12da644971ea6d1f58c7effbf7965a30e99

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2514A4D02F01CCBE0C9A16BE16BFE12DA644971EA6D1F58C7EFFBF7965A30E99"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1408
Expires: Sun, 29 Jan 2023 22:28:42 GMT
Date: Sun, 29 Jan 2023 22:05:14 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=88220
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:35:34 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=90252
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 23:09:26 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3021
Cache-Control: max-age=87373
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:21:27 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314

roomimg.stream.highwebmedia.com/riw/newmollybrooke.jpg?1675029900

104.19.242.83

200 OK

14 kB

URL HTTP/2
roomimg.stream.highwebmedia.com/riw/newmollybrooke.jpg?1675029900
IP
104.19.242.83:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size
14 kB (14251 bytes)
Hash
0aab8eeb39f95371d284b17a53edd3cc
c8a76a60ac0e28abf99295bb22378a45a245e622
0a173ea1be390abc0014e45573ac40fff9733dc814bb899b62c08175ee1b6d74

HTTP Headers

GET /riw/newmollybrooke.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 14251
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14475
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 7
last-modified: Sun, 29 Jan 2023 22:05:07 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgnj6i%2FwNHPNi9h9E51gViPoagGuJvroP8A7ECoBsloDgPm0U1%2BxdCfsjsKOo5IMp7uus2562XJWt%2BvvxBvS1iqjplRCimDZWPorFTtEp4gujwqrnx1tUBwGH1wl6ruvShJNNppgWA4MGefGZQ%2BcZ7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=o2ztGSw1xlRvOmk7I.jGsEjnaHCc4dGZb0qnHfrtWWI-1675029914437-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a52981b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

roomimg.stream.highwebmedia.com/riw/claire_moulin.jpg?1675029900

104.19.242.83

200 OK

10 kB

URL HTTP/2
roomimg.stream.highwebmedia.com/riw/claire_moulin.jpg?1675029900
IP
104.19.242.83:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Size
10 kB (10016 bytes)
Hash
2416309a10dce60532edaa401a5a6faa
6326b9673eedbd02995c9b3530e112bffa35074b
e2be7d36d75dfe461774ff9b330a2d3949f5b9f3cb0fa7ce22d3a99266ccfc7b

HTTP Headers

GET /riw/claire_moulin.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 10016
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13
last-modified: Sun, 29 Jan 2023 22:05:01 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9MV7SHgOtDmgTI5Esy0PeYztOg1aI425znZ4dPqfkoL2awPD1A7gvztmLd3WAixPYrkn1fAWmSst6%2F8GE6%2BwqnbOsXxc0dg6kPCnFMbUTCY1Dy6W7QT%2B0mlRFVbobdS4YeIKIj5q5sskeXwlGUnt%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lGmguDtaE5bSsXOoWNDVt4snYELu6Yfz3O2mfp2NzbU-1675029914438-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a53985b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

roomimg.stream.highwebmedia.com/riw/kalisa_pearl.jpg?1675029900

104.19.242.83

200 OK

14 kB

URL HTTP/2
roomimg.stream.highwebmedia.com/riw/kalisa_pearl.jpg?1675029900
IP
104.19.242.83:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size
14 kB (14493 bytes)
Hash
49b198a312c39c31bd26b367537eaadd
38ab111d4ce2bbd56729e385647a5847788eca41
7b9f789f725806e8a74a7a7da7d24f415ebdd42fb80577e257eb39cc75c26d5b

HTTP Headers

GET /riw/kalisa_pearl.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 14493
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14528
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14
last-modified: Sun, 29 Jan 2023 22:05:00 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLob%2Ft%2FrKbdxUtLarmNvnYM9BxhNch4fIKwE2%2B2BZKm3BTM5DnaB1Cng9WQTOamtlR4BvfENYDW54rjm9WNwJCpmbXsdPjCmFLRszMqrpSB4fqvWIzMG5yL362pPAlvERbsuM%2BQbABL3udr6OwZdWn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=aOzdIJ4ZIrXWaSP2Owjg771aSKgYMmq4yBIx.7UXzkk-1675029914440-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a52984b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=88220
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:35:34 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 21:45:20 GMT
expires: Sun, 29 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 1194
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js-agent.newrelic.com/859.95d4308d-1222.js

151.101.194.137

200 OK

3.0 kB

URL HTTP/2
js-agent.newrelic.com/859.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6657), with no line terminators
Size
3.0 kB (2975 bytes)
Hash
364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b

HTTP Headers

GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2562
x-timer: S1675029915.620338,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2

js-agent.newrelic.com/569.95d4308d-1222.js

151.101.194.137

200 OK

3.2 kB

URL HTTP/2
js-agent.newrelic.com/569.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (7513), with no line terminators
Size
3.2 kB (3173 bytes)
Hash
8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d

HTTP Headers

GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2581
x-timer: S1675029915.677440,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2

js-agent.newrelic.com/620.95d4308d-1222.js

151.101.194.137

200 OK

1.3 kB

URL HTTP/2
js-agent.newrelic.com/620.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2989), with no line terminators
Size
1.3 kB (1342 bytes)
Hash
7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f

HTTP Headers

GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2583
x-timer: S1675029915.678547,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2

js-agent.newrelic.com/457.95d4308d-1222.js

151.101.194.137

200 OK

2.0 kB

URL HTTP/2
js-agent.newrelic.com/457.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4809), with no line terminators
Size
2.0 kB (1953 bytes)
Hash
09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046

HTTP Headers

GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2574
x-timer: S1675029915.680579,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2

js-agent.newrelic.com/244.95d4308d-1222.js

151.101.194.137

200 OK

2.6 kB

URL HTTP/2
js-agent.newrelic.com/244.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6871), with no line terminators
Size
2.6 kB (2607 bytes)
Hash
f3fa38d9e10cf246f158644ebd64b342
c2730a8b130475b903b30148ea5cf79eb7de1873
6aea0ff08f0ed145b42d52f81d167df30a300f3da22b687fa2de3be48df1badb

HTTP Headers

GET /244.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: HqAuLbtc4kLXjp/HM/sZyPqsDbRk1eMZXQl1gAv0l9/yRrGf//JiuVcahDTT5bis4NqiPxfG4OQ=
x-amz-request-id: D866GB1QGPTYVJ4R
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "a24fd7e602a6b44ab4c03cab69c843c6"
x-amz-version-id: wm7C04ehQ1WMJgMW5R_.Vg0x6NJINoji
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1619
x-timer: S1675029915.684486,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2607
X-Firefox-Spdy: h2

js-agent.newrelic.com/142.95d4308d-1222.js

151.101.194.137

200 OK

880 B

URL HTTP/2
js-agent.newrelic.com/142.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2014), with no line terminators
Size
880 B (880 bytes)
Hash
c962fb555005bf74b5010cd5c748c721
5c7c22b348a994aad18e8162bb1f78b9fd49c491
077c18d946bf505b4efe75b1b3c3d9c6b3ad6af3e5b5d08a41fedf7aceb84233

HTTP Headers

GET /142.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: /ZtX43ynOvSaYlrJ/LhlDymHqsr4/Ext49IQ1RQZxLK2MPDMHv59yC5Li6+9oNRuTnKxUqkvJhI=
x-amz-request-id: MFEMFHWSJ1CY7RPR
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "082c9f0a95ce6870ed4d9266fa0e41e5"
x-amz-version-id: ed_.QNbbUDaLQJRSZtC0TghsoJcp2gVk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1613
x-timer: S1675029915.689267,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 880
X-Firefox-Spdy: h2

js-agent.newrelic.com/885.95d4308d-1222.js

151.101.194.137

200 OK

5.9 kB

URL HTTP/2
js-agent.newrelic.com/885.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (16348), with no line terminators
Size
5.9 kB (5930 bytes)
Hash
2414f7dbfd0e2cb3d826fc02a8b608dc
550db9b7abbcd2e5a0d4ab9c414933e1a0bd36fc
8239519b8bff793ad186f4ab9017f8a6ed34edc1df3361958075077ee7677b3d

HTTP Headers

GET /885.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: iuZsFv406u1sMvs0ma20vGvuMApZWTFFZj+faC5P7Ry157RP7v+m+H8/pYueXH7fkGpYpHbtGFk=
x-amz-request-id: 99ZMGE3ZKMAWH9CW
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "fb9bb822463bccec4200657d3ae33dc0"
x-amz-version-id: PKmhKUoshrjILDxYc6QEKM_sGJ.F4FNB
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1096
x-timer: S1675029915.695421,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5930
X-Firefox-Spdy: h2

js-agent.newrelic.com/41.95d4308d-1222.js

151.101.194.137

200 OK

439 B

URL HTTP/2
js-agent.newrelic.com/41.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (828), with no line terminators
Size
439 B (439 bytes)
Hash
46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544

HTTP Headers

GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2589
x-timer: S1675029915.699629,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2

js-agent.newrelic.com/736.95d4308d-1222.js

151.101.194.137

200 OK

2.1 kB

URL HTTP/2
js-agent.newrelic.com/736.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4688), with no line terminators
Size
2.1 kB (2132 bytes)
Hash
a0dd1bd64e5912ed2b69ab00c181333c
9f4001e3f6c7fd3105972022cde6a67638ba8083
2ea47cc022696e899accbc531bbb7e3abc01f1598cedaa9f23e071d47ee510a0

HTTP Headers

GET /736.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: wZ5lT7Qk1E9hmsxWDncLcs+Ic+aBtWHWGPUcVxaeVym/k+6uixaPTXfOiP+keWUZ+GKP0xL2SDo=
x-amz-request-id: MFESCF9VXQC5P35J
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "def1dc24974c16a4e78c08e349b92860"
x-amz-version-id: i.8rfLhEckzO44oBXwNAK9an0lbXu.5p
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1618
x-timer: S1675029915.699928,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2132
X-Firefox-Spdy: h2

js-agent.newrelic.com/466.95d4308d-1222.js

151.101.194.137

200 OK

2.8 kB

URL HTTP/2
js-agent.newrelic.com/466.95d4308d-1222.js
IP
151.101.194.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6842), with no line terminators
Size
2.8 kB (2760 bytes)
Hash
0545743760ba9995e8efbe879105162f
889887ac56edaf2cfe41752ec0893a9ac5d23db0
91a431e85d69e797b8a8817bb15aee94a9fbe38355a6890f75e8947a55386ee0

HTTP Headers

GET /466.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: Y3xfvlvSw36CE9GOKklvJeG0iBkCsl/ss+e4vNwZhrKvjIdjtQLayCw3yQPVxbIyEllIzLdCgUw=
x-amz-request-id: MFEHC9QF926X2AZG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "2b339e4b3b0435de10496ee00de8446a"
x-amz-version-id: joCLqMlafBXUuB094SKQ5Jhlrbz7F.ON
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1616
x-timer: S1675029915.700290,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2

naveljutmistress.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1

173.233.137.44

200 OK

3.7 kB

URL HTTP/1.1
naveljutmistress.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6264), with no line terminators
Size
3.7 kB (3655 bytes)
Hash
90b25eb99c198c0ae831d4985eb552e4
0d7db0f3db24487bc616be0d127320ae5244e893
32e7673136aeef8f62eca18beb1451ddc652b7d34aaaa10b07673f7f14233863

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.redd.tube
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17176328; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; expires=Sun, 05 Feb 2023 22:05:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uncs=1; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41f6cda831c2ee81c136e7d3c0243c9b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c46e3a648cf6a599551b7274d238bffc
b0f6e34a83ef52a888aa34b8ed16b238b230cc8d
f7dbad660ede299c6cf774380f065b17efbe9566a35103a6fa2e5331c6ed03df

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1853
Cache-Control: max-age=91234
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5a7bf-1d7"
Expires: Mon, 30 Jan 2023 23:25:48 GMT
Last-Modified: Sat, 28 Jan 2023 22:54:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e34c204daf6f65e512d7168b01268c76
793aacf3316ca30d6bef3acaaf097e42e2013e49
a748e66ab50d8c910a381a0e653c9b3e95c15043c5c52e91fbaeb20282b9fd49

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A748E66AB50D8C910A381A0E653C9B3E95C15043C5C52E91FBAEB20282B9FD49"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10063
Expires: Mon, 30 Jan 2023 00:52:57 GMT
Date: Sun, 29 Jan 2023 22:05:14 GMT
Connection: keep-alive

naveljutmistress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D

173.233.137.44

200 OK

7 B

URL HTTP/1.1
naveljutmistress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d21835d03674b3eee628444994d871b7
Strict-Transport-Security: max-age=0; includeSubdomains

bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken

162.247.241.14

200 OK

77 B

URL HTTP/1.1
bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef

HTTP Headers

GET /1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 791544a7df6a1c16-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9201
Expires: Mon, 30 Jan 2023 00:38:36 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Sun, 29 Jan 2023 23:42:08 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5594 bytes)
Hash
4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 25767
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 4738
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8739 bytes)
Hash
d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 77241ca1-d7d1-4133-bc06-e89a8db93aef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbANlFiSoAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44723-0b07156624f03d47665f2d4f;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iZuCuhMd6Qh4_ullCXneuwDyB6EXdLof37qhrLCe6U4WpeGIUPl73A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:03:45 GMT
age: 90
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11470 bytes)
Hash
10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 65040
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8652 bytes)
Hash
43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 54946
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js

104.16.94.42

200 OK

219 B

URL HTTP/2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP
104.16.94.42:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (316), with no line terminators
Size
219 B (219 bytes)
Hash
24046196c939cba420a122038ae0b0b9
0db1ee1b83f8bf864dc157917271c46961c0f188
e2671f3ac4334088fa27d34d8f54406de0936fe6f4ec45af375d3bb2c5c9fc9b

HTTP Headers

GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: 8ewmTI2jy/M5oxfm1Zo8bv1SqrieGnfrMfmtZmR336jUoc4rRdbotq/wectU+HY8mdvt156QxDvmJAhJfohIWQ==
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: CHGKMTPSKZ4AFT0N
cf-cache-status: HIT
age: 928669
expires: Tue, 28 Feb 2023 22:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk7IDZqT6I9K%2B0UrAHxOiLVBobAepGcoZ4iOBGP%2BJOwuND7Zq%2Bc%2BfR7NXrD9kN9HjkDZ3DYjApQaqx5SzmmnSOSzcTj264upXkLLzuRQxHL0ez7GYOgFBvGKD6olSKlX8JHqbCMsi8TUKQQ%2FPFk3Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ck2QqvOgw5V0BG6fwZHKIYdRKbWyR2avTAg7MNWBNK0-1675029914424-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a51f601c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 509
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9201
Expires: Mon, 30 Jan 2023 00:38:36 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4283
Expires: Sun, 29 Jan 2023 23:16:38 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

unseenreport.com/pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e77aea9a770eb08252fc25051e8e2e2
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png

45.133.44.10

200 OK

91 kB

URL HTTP/2
cdn.cloudimagesb.com/si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
91 kB (91434 bytes)
Hash
c1718772ca810c6c121fa1d02672bb44
22c20701dcd78b1bd41ada8b04576f73d3e42253
91561b48a3e4957afb6aaefbfa5c6463534db30a9bdc2a0f0aabbeef28486a33

HTTP Headers

GET /si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: image/png
content-length: 91434
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:06:56 GMT
etag: "6380da10-1652a"
expires: Tue, 31 Jan 2023 22:05:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css

172.64.166.9

200 OK

5.3 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
5.3 kB (5286 bytes)
Hash
efcd04a49b2d904d4fa1a8a3fa67b89b
b6c8d6940cd59290adfae72adaf8f3e6227cc096
0a4113a8cdf592f5cd5f2ee0fde6baa77dd96ab9be3321e23f0737d4f53d6f21

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtIMr842%2BAL1dlMkpF5H8BbpQnyLfgmjsr3JitKKkpG55U0Hd0AsmATabFvPFKgc1lWJa4ys9V%2Bwy77GqxMHPomy4ecmbmNoaMF8ElZKrB61m0yHqgSrrC17a6j1AT8wvNOUdD2nVwF7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a908ca24f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 464169
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

naveljutmistress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D

173.233.137.44

200 OK

7 B

URL HTTP/1.1
naveljutmistress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9aea03c88dcd9d2422908fd92662fdb2
Strict-Transport-Security: max-age=0; includeSubdomains

naveljutmistress.com/pixel/sbs?c=1

173.233.137.44

200 OK

0 B

URL HTTP/1.1
naveljutmistress.com/pixel/sbs?c=1
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg

172.64.166.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU5Ma7lqLPZvVp9eelBjFwClyQ95xmCFKfnK2Gv%2F5B6nkZdl7BcfcVBkgZ%2BIvLY6aReAfoEGJXSt6iJK3ktZOYZtSQN93i8tj1j32fz1K2SRxCPusQldAzc4Nc2c%2BHWC37KWdSI3smJr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a908d724f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 22:05:15 GMT
date: Sun, 29 Jan 2023 22:05:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdntube2.b-cdn.net/mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000

169.150.247.35

206 Partial Content

0 B

URL HTTP/2
cdntube2.b-cdn.net/mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000
IP
169.150.247.35:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000 HTTP/1.1
Host: cdntube2.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 206 Partial Content
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: video/mp4
content-length: 1107688
server: BunnyCDN-DE1-1078
cdn-pullzone: 116943
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sat, 08 May 2021 00:27:30 GMT
cdn-storageserver: DE-199
cdn-fileserver: 149
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: b72cff424b822e44f5ab145800229397
cdn-cache: MISS
content-disposition: attachment;
content-range: bytes 0-1107687/1107688
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html

45.133.44.3

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP
45.133.44.3:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 29 Jan 2023 23:05:14 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0

104.18.100.40

200 OK

0 B

URL HTTP/2
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
IP
104.18.100.40:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=lQ0Yp32ZJ5SzYoFdlFSxE8kLsH2lJ1IcrNS_4jW5aK8-1675029914-0-AVSDV12pHAYD0ybtQPvq4ZYgP4lVNB3n6PucKPp9+ILAp1Cue9Js6eubCoJOJcYZZDjpxSIFQWcEM8XsT2uRhbo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self';  script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ;  style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com;  img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ;  font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ;  connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ;  media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com;  object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ;  frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ;  child-src 'self' blob: blob ;  worker-src 'self' blob: blob ;  form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ;  manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ;  report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="R2oKO-=0"; expires=Tue, 28 Feb 2023 22:05:14 GMT; HttpOnly; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tcvyC9PLUpNSarUy0pMKdZLztdXqgUA0FML6A=="; Domain=.chaturbate.com; expires=Tue, 28 Feb 2023 22:05:14 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr7ed63112-ae52-403e-9dfa-8461ab000f4f:1pMFnW:Wam0SQjCQe7YmrhjNoEd3ifvqUc; Domain=.chaturbate.com; expires=Fri, 24 Oct 2025 22:05:14 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791544a36f35b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js

172.64.166.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP
172.64.166.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jlKxNTu%2BGmLrHEouJMbN3ERSAKpGU%2BWZsNc7HIlDapfiq8MIXFby%2FnzvKJVlUxu1s5hTHl2Q3XDpPUwZvqtBS1dB%2B4HjS0nk%2FYvewIrnRsZNpRFxLdAnQcwRmiAA6senEqfxobg0XXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a8f8ae24f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7

104.26.1.198

200 OK

0 B

URL HTTP/2
www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP
104.26.1.198:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: Deny
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
ischrome: false
country-code: NO
x-name: Mozilla Firefox
x-profile-qry-related-count: 0.00041079521179199
ismobile: false
vary: Accept-Encoding
set-cookie: PHPSESSID=eb8fcad9584baba76141755df2a6042a; expires=Sun, 05-Feb-2023 22:05:12 GMT; Max-Age=604800; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vozvW9DyW7limbH2fY2bPy3mXwV0no2vCjFDHVjJpDFR%2Ba%2FpIvoVEaYBBWPJgBZdam%2B1aMfiqSfGXQqP33gfddY9NPcI06jmI6zMCbGSpbQNpshzxaWljYQUoqfy9D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791544997c65b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

a.realsrv.com/nativeads-v2.js

185.76.9.19

200 OK

0 B

URL HTTP/2
a.realsrv.com/nativeads-v2.js
IP
185.76.9.19:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript
etag: W/"21b43fd9d304f2027f605b8ad4d"
expires: Tue, 24 Jan 2023 13:18:50 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675030828
server: CDN77-Turbo
x-77-nzt: AblMCQ3uzub/nCYAAA
x-77-nzt-ray: c0a4cc28e14a58cd98edd66380ba3838
x-cache: HIT
x-age: 9884
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (47)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML