www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
104.26.0.198301 Moved Permanently 0 B URL HTTP/1.1 www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP 104.26.0.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 22:05:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 23:05:12 GMT
Location: https://www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikn66aMJNojKhEDGYWpP4gN5OCYy8ESyie5QA2fwxbXLgTPZSyyU71wwr6pmGW8hCkOqqcPmGAuCt8dCodSN6BJq1cyqujlWQ9YeuHhAJun9YgqdoklBLeqLesaMsvE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79154496e990b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14033
Expires: Mon, 30 Jan 2023 01:59:05 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13804
Expires: Mon, 30 Jan 2023 01:55:16 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 21:43:09 GMT
content-type: application/json
age: 1323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12658
Expires: Mon, 30 Jan 2023 01:36:10 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 292c5af624e04fab603cb51ff5554956
d41398e72833d298e2db086d7ff19e9ebd8f1c5a
92915f8ac15a26425f4786f06374c01cab9fc99b544a05c5424dea70644699c3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92915F8AC15A26425F4786F06374C01CAB9FC99B544A05C5424DEA70644699C3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 29 Jan 2023 23:41:59 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qJ/SCDrrZpQ0FRT70QM2OaTCKXiNTCz+sA91rN2Hu1JBWZilK4gv4wDQp/cmtTG6szArxNgBigpY8ZWsy5gPBg==
x-amz-request-id: AFQBVCRWB16QE3X0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 21:50:29 GMT
age: 883
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 292c5af624e04fab603cb51ff5554956
d41398e72833d298e2db086d7ff19e9ebd8f1c5a
92915f8ac15a26425f4786f06374c01cab9fc99b544a05c5424dea70644699c3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "92915F8AC15A26425F4786F06374C01CAB9FC99B544A05C5424DEA70644699C3"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 29 Jan 2023 23:41:59 GMT
Date: Sun, 29 Jan 2023 22:05:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:10:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:10:45 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
104.17.25.14200 OK 2.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (6986)
Hash d52d77d3d2509d28eb46447ac1b61c57
3974e3359a2bd83f267a483ef6e29f6acf5c3f4c
454f974335899785b7299c0d75bb8c443c6f3742699882f75c09e88b6c86b640
GET /ajax/libs/jquery-migrate/3.0.0/jquery-migrate.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 2382
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-1bab"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 926348
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rClz7rPuh6bLcnXRbvrnp5AFHYdicq8NbRfrwaF7rVQ9Xmi8QK%2FqdgvEqsTZO4f3WViApSCyUHjSKlli6%2FW8lD9FRWgOiZEM3fwgRa7TGXSLM0sPrGMlZ6vLHxKPy5GjqEicwlAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bcba81c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 256947
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do79L%2BgnRrOnwJtiKCzm2B5je68LCpV9Vrdffx1Tj3fPI%2FdlRJJXbGDOQ6YSa5V62wC5zkECknnBAvII4QmSgivKa3dlBHU0tW4OVto5qLS347v0LQ%2BOxW38beL75eqE5Z1CimP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bdbb11c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js
104.17.25.14200 OK 12 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (50758)
Hash d9631ece5b18b1e06f7522a52393b387
93403c9f97ebf85b129ece615058f494c00341bb
ce1a904c2a360c75e56e8059f8970fd1fc90058fb528ff3fe57fe2396f0f63ed
GET /ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 12265
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-c75f"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2089489
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41Hx6D3S52HKP%2BEZgz462kSRrcdgvC99Y5MdIDndZDwPPUKP5TRxVNFmrUZgxhY59wTO49nG6XjfIrUqrfdQRKJGTOpE9FbvaNn4ldke93qs0tLLBLhns4GkeJ3itMrDfDEdmYOZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bfbd21c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
104.17.25.14200 OK 5.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.form/4.2.2/jquery.form.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (16246)
Hash 0a2f468dfd31d876bf8b8b9af8531a4f
1f7983e3a69bc95a17e78ad7a691def0acc5c0e4
12e85b61a16b690e16f38d061cc19302a4419a3c1bf0f0214f05fb7fa283645a
GET /ajax/libs/jquery.form/4.2.2/jquery.form.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 5720
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-42d4"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 928605
expires: Fri, 19 Jan 2024 22:05:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LstcXaVom3vIjW6B1DtJgk3ovQQkGtFA9TAZhUtAfirShlzX8lHHhOtmDTaOvkOITaHNlrRMVwf%2FwEg2XzhtBHFRhlVK6Mqz2qFPGnEkkc03PV7FAaZm0fUvQ6ihUiuw%2BbD2no7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7915449bfbfab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Z1WP23B83V
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 081415e1c901f107948076e538918c55
6dd27eebcf49abacdec2de36e6340896684953a7
7bf135f59bc36b75d5476feae9ca66ced4fbf28a676e9a65f989b3697728d04e
GET /gtag/js?id=G-Z1WP23B83V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 22:05:12 GMT
expires: Sun, 29 Jan 2023 22:05:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77786
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d97de74ccf2a176dbb479781e670d3b
c7b9a2cc32b20ded7a7e51907ed35c5e864158f9
d1fc0a0068a630be8fd6e727903ba46edd91755a8ac9e8061a5d1662c8d80bc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2998
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:12 GMT
Last-Modified: Sun, 29 Jan 2023 21:15:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3a8009a5341494164af095f1d6da2135
88c78ab8317a5ed3471a7ea9373b324bfbcc2247
6923c67f06351d02fd0a0400dcfdc9e7f31e785d8003f176ac8a14c8fb1f161c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:35:30 GMT
Expires: Sat, 04 Feb 2023 02:35:29 GMT
Etag: "88c78ab8317a5ed3471a7ea9373b324bfbcc2247"
Cache-Control: max-age=447616,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449c092bb4ee-OSL
poweredby.jads.co/js/jads.js
185.94.237.102301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449ca9c8b4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cd86ab50f-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cedafb4fa-OSL
cdntube.b-cdn.net/sprite/fast-sprite.png
194.242.11.186200 OK 952 B URL HTTP/2 cdntube.b-cdn.net/sprite/fast-sprite.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash c34ba40ac9883424ecb72a803eb658f7
0ce32aa430af47ad16dc625a4e86d726aae48962
76beac271eb8e61cb2f2081e7e75e718b056e775ce8858c2ed22c08c69e734b9
GET /sprite/fast-sprite.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 952
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Tue, 23 Feb 2021 21:14:59 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 90
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
cdn-cachedat: 08/16/2022 04:39:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7592f61854d5ffc5fca76c65f3e3637e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg
194.242.11.186200 OK 2.9 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x711, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 97fc9a1b52b148c8d0d57f1b439f8ffe
4a1788624d4d05d0c55969f99ddc235b7da290a9
47afb9ef5ba63c029ccc2dae5d97ce368bd2d4b0845515f83f21b5a961c1af94
GET /thumbnails/c157ed60b15cdc5674c6bc58aacab84c106812ad.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2918
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 29 Apr 2021 07:16:04 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 91
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d064988bdcb7d1419fcbad0cb41952a3
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdntube.b-cdn.net/thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg
194.242.11.186200 OK 7.2 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x864, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dd0aedb963b874eee161b40014a7d879
ed785de83befb4bad220f6b9c2a52049055f9e74
623f2d1fdcf9d1569adffce8c89d79304efe2ddd97dc9ff94535183668309d28
GET /thumbnails/9860ad753f3934f213683ea2384a1f3752647ece.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 7246
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 14 May 2021 21:10:26 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 112
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1eb7cee85a26eea89857b7bb7adccf7b
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.237.102200 OK 2.0 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.237.102:0
Hash 64d90b7fb75fb0de26dbce0b9dc14bcc
857af6de92de5e4ff2776af51f8879851cfaad96
d161abccd8dfae20d6c981e2048c8fd97245e6a3725b7bb784e681a7ac7a85b2
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redd.tube/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
a.realsrv.com/ad-provider.js
185.76.9.19200 OK 24 kB URL HTTP/2 a.realsrv.com/ad-provider.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
Hash 04ef50d71a6af23a17e1ed56d05b0f24
49da297aa3ed675c8ccdf74e67d1d2c26b43d4e9
0c98f8ee0ae76c3db873bc796515fef45b8ec849d392675526d62375fb27205f
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript
etag: W/"c86623937323852b5fe82a29fcb"
expires: Tue, 24 Jan 2023 13:18:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675030828
server: CDN77-Turbo
x-77-nzt: AblMCQ2dTDr/nCYAAA
x-77-nzt-ray: c0a4cc28e14a58cd98edd6635db46d38
x-cache: HIT
x-age: 9884
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 6a379969ef0ca48cbd3f48b7d2aec071
3fb823b62a997c39b8987a95a71daae7d944a37f
de207a5bc79d9924d554e3f2c7a7504b1db4371808700394da3748af73812229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 14:30:26 GMT
Expires: Fri, 03 Feb 2023 14:30:25 GMT
Etag: "3fb823b62a997c39b8987a95a71daae7d944a37f"
Cache-Control: max-age=404111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7915449cefe40b69-OSL
syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
95.211.229.247200 OK 4.5 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (8764), with no line terminators
Hash c20fd5e673d73936068cd0f4b45c2067
96202bfe9b1ad4be52f02f3a906819c37b1bbd66
9a01ad54495192aae79db82ec8e06a7282e707c43efeccbb1d5d9e5aab2e2e72
GET /splash.php?native-settings=1&idzone=3651729&cookieconsent=true&&p=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99313a40.256892921638320713%22%3B%7D; expires=Tue, 28 Jan 2025 22:05:13 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
impressions=oslmrxbrnxgxamrexbxacgeicxbmsbcenxgxamclarlmmgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamreollxsgeicxbmsbocnxgxamclbraeegeimmccrlaonxgxamccxobsegeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamclrbcelgeioslmrxlrnxgxamslescrogeimmccrbxenxgxamclarlmmgeislsaroornxgxamccolacbgeioslmroemnxgxamclrbcrogeioslmrxlsnxgxamclrbcelgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamcberosogeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrexbxacgeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrexbxacgeimrblxebenxgxamselmborgeimcclsxconxgxamsbremaegeirbabxabbnxgxamcbexxbmgeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamcxbemmxgeimcclsoeonxgxamcbcebxbgeimcclsxlcnxgxamrexbxacgeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamsmoooeegeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamclrbcrogeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamreollxsgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamsbmrxregeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamclxcsocgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimxlbmosanrgxamclcasocgxcceimxlbmoconogxamclcasocgxcceicmarxbbonsgxamclcboecgxcceimclsaoxbncgxamclcbamegxcceimbbcemoancgxamclcbllogxcceimmraexoenxgxamclrexlegxcceimmraexxanxgxamclrexlegxcceimmraexsenxgxamclrexlegxcceimaooloranxgxamclrexlmgxcceimrsbrelonxgxamclrreosgxcceimabcabaonxgxamclrreosgxcceimsleoaronxgxamclrreosgxcceiceecmorsnxgxamclrassmgxcceimcclsxcanxgxamclrbcelgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeimxlbalcensgxamclrbcxbgxcceimxlbmxbbnsgxamclarlmmgxcceialbserxonxgxamclarlmmgeimcssmlronsgxamclarlmbgxcceimxlbalsbnsgxamclarlmbgxcceimrmaobxanxgxamclamoelgxcceimromobmenxgxamclamoxlgxcceimxlbmoobnogxamclabecmgxcceimaoolslanxgxamclabblogxcceimbmlselenxgxamclmmlcxgxcceimbamerlbnxgxamclmmlcxgxcceimexxlrbenxgxamclbsslxgxcceimbmlselonxgxamclbsbbcgxcceimbmlsebbnxgxamclbsbbcgxcceimbrsslsansgxamclbslcegxcceimrmbbobcnxgxamclbrralgxcceimxlbmoscnogxamclbraeegxcceiaaxcambbnxgxamclbraeegxcceimxxrecsanxgxamclbraeogxcceimxlbmosenogxamcllxaobgxcceimbclraronogxamcllxaobgxcceixaoossalnxgxamreerlargxcceimxeemlxcnxgxamreerlargxcceimbmmcllonxgxamreebbcogxcceimoobcomanxgxamreebbcogxcceimoobcobenxgxamreebbcogxcceialrexeoonxgxamreellmbgxcceircmbbroanxgxamrexxxaogxcceimbscxmxanxgxamrexxxaogxcceirrmlllronxgxamrexxxaogxcceimbscxmoanxgxamrexxxaogxcceimcssmlrcnsgxamrexxxaogxcceimeembecenxgxamrexslclgxcceimeembescnxgxamrexslclgxcceimbmmreecnxgxamrexrlsegxcceimxlbmosonogxamrexaoxsgxcceimboslabanxgxamrexaoxsgxcceimbsblroanogxamrexabcagcbeirreacmsbnxgxamrexabcagxcceimcssmlrensgxamrexabcagxcceimxlbmxlonsgxamrexmrecgxcceimxlbmxlcnogxamrexmrecgxcceimxxerrecnxgxamrexmrecgxcceimxxerreanxgxamrexmrxmgxcceimmraexoonxgxamrexmmccgxcceimeembesonxgxamrexmmccgxcceimmcmerrenxgxamrexmmccgxcceimxeemblanxgxamrexbxargxcceimromobacnxgxamrexbxmegxcceimaoolcoonsgxamrexblosgxcceimxlbmoaonxgxamrexblosgxcceimxlbmxlenogxamrexllbogxcceimbbmsoxanxgxamreoslobgxcceirarrrcaenxgxamreoceexgxcceimxxerrxenxgxamreoceexgxcceimsacexoonxgxamreoceexgxcceimamsorebnxgxamreorxblgxcceimxeoxsbenxgxamreollxsgxcceimcclosscnxgxamreollxsge; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C71021380%7C110382%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74493138%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C23975187%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74492334%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Mon, 30 Jan 2023 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 21:41:41 GMT
age: 1412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.247200 OK 8.3 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash f0a44bcce0cd169cd8c7e1dcb7d99cba
18c6299ebd3b9b4930b142619e13bc80a8dec322
7cc6da6ef6598bc8ed322db9c5a4079afe9e2e87e2fc4897b9875c18b41d7ea3
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 318
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99319550.048939092023935569%22%3B%7D; expires=Tue, 28-Jan-2025 22:05:13 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
cdntube.b-cdn.net/logo/logo-redd-2x.png
194.242.11.186200 OK 2.4 kB URL HTTP/2 cdntube.b-cdn.net/logo/logo-redd-2x.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 21c00320600e74873fd8f868869e86c0
50b86e653e75ad04fff2066446b1f58394f31a6f
8969cb3ece2e5ad806e2fe83fbf476679ae652e32b9a773eb9b6eda8f5de0020
GET /logo/logo-redd-2x.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2412
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 04 May 2022 02:04:27 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 290
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/10/2023 19:43:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 65b289fbafde6c2b1a437d865316cc2c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1e2911d9c76ecaceb9519d14a6be0bd
2187a27b3dfc08e4726171d34b901bc427871e25
d23b6087d605991326f1bbdc392d26d12e8eff6fa165aa332eb337733ecd30c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D23B6087D605991326F1BBDC392D26D12E8EFF6FA165AA332EB337733ECD30C2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12072
Expires: Mon, 30 Jan 2023 01:26:25 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive
cdntube.b-cdn.net/thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg
194.242.11.186200 OK 2.6 kB URL HTTP/2 cdntube.b-cdn.net/thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x864, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5157c8b78fa8fb6900bc412856cd2638
877c589b8fb8a926e32d877b53c96c28841a75e4
4fb235a7b41f1ad65d90ec16608665e72dff521bbd0cc4351e3c75a3688b6ddf
GET /thumbnails/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 2618
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sat, 08 May 2021 08:19:01 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 123
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f868c424908554becb881864d0d3546e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PS2pDMQxFt9INPHP18yfjjltI6QIcv2fopIM2hRS0+NgOhfogfG1J1jWDZQNtXJ4onWAnEi8UCoJyIFN/eT27kn8d+/5xDdefy+GqWY08muRinqkkLa7JUuLshhEcS6ToyUiVJbrCxTFgE9WpAkBe4O9vzytoMqqAGwHjMOc6w3Vo3GYvei+1o9sFvZG12E1abco95lLTfAHL58MlHgSYzRT/XQw2WttY8KXq9+9nc/9XMrHVNAyoTkeOXSrtaJ3y+OnOOGhMr1JFSIhxB8yFfUxMAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d6ed99319550.048939092023935569%22%3B%7D; impressions=oslmrxbrnxgxamrexbxacgeicxbmsbcenxgxamclarlmmgeimmccrbebnxgxamcbexxbmgeioslmrxbmnxgxamreollxsgeicxbmsbocnxgxamclbraeegeimmccrlaonxgxamccxobsegeimmccrlacnxgxamcmlarclgeicxbmsboenxgxamclrbcelgeioslmrxlrnxgxamslescrogeimmccrbxenxgxamclarlmmgeislsaroornxgxamccolacbgeioslmroemnxgxamclrbcrogeioslmrxlsnxgxamclrbcelgeicmmsxrbonxgxamsoeamlmgeimmccrlaenxgxamcberosogeimmccrbeanxgxamcssabxegeicaocmrmanxgxamolcrcergeimcclsxronxgxamsscrmclgeimcclsxmenxgxamrexbxacgeialbserebnxgxamccrrssogeimcclsxaonxgxamsxsxllxgeicxbmsbxcnxgxamrexbxacgeimrblxebenxgxamselmborgeimcclsxconxgxamsbremaegeirbabxabbnxgxamcbexxbmgeimcclsxacnxgxamsscrmclgeicmmsxaeenxgxamcmrmsrmgeialbsereanxgxamsoeabscgeicaxsscmbnxgxamsosomemgeimcclosconxgxamcxbemmxgeimcclsoeonxgxamcbcebxbgeimcclsxlcnxgxamrexbxacgeimcclossbnxgxamcscxaesgeimcclsxscnxgxamsmoooeegeimcclsxlenxgxamcbrorxbgeimaecseaenxgxamsmoooeegeimaecsxcbnxgxamsmoooeegeimcclsxoanxgxamclrbcelgeimcclsxlbnxgxamcrbalrageimccloscanxgxamclrbcrogeiclsmrbsonxgxamsmmrbmbgeiclsmarsenxgxamsmmrbmbgeiccmmllebnxgxamclarlmmgeimcclsxsbnxgxamreollxsgeiclsmrbxonxgxamsbebceegeiclsmrbxcnxgxamsbebceegeiclsmarscnxgxamsbebceegeiccmmlmlcnxgxamsbebceegeiclsmarrenxgxamsbebceegeicaormbaonxgxamsbxxbsrgeicaormlrenxgxamcememscgeimcclsxlonxgxamcsmlmxcgeimrblelronxgxamsbremaegeimaecsxobnxgxamsbremaegeiclsmrbrcnxgxamsbroemmgeiclsmrraanxgxamclsslaegeiclsmrmxbnxgxamsbroemmgeimccloscenxgxamsbmrxregeimcclsxxonxgxamslescrogeimrblelxbnxgxamslescrogeimcclsoeenxgxamclrbcelgeimrblelmonxgxamcxcrasxgeimrbleloenxgxamcxcrasxgeiclsmrrmanxgxamcxabcxbgeiclsmrbeonxgxamcxabcxbgeiclsmrrcenxgxamcxabcxbgeiclsmrmxanxgxamcxabcxbgeiclsmrbxenxgxamcxabcxbgeiclsmaroonxgxamcxabcxbgeialbserxenxgxamcosraregeimcclsxsenxgxamclxcsocgeimcclsxlanxgxamcblrlbcgeiccmmlleanxgxamccrrssogeicaormlabnxgxamcrllsmageicaormlconxgxamcrllsmageiclsmarsonxgxamclsslaegeiclsmrmlbnxgxamclsslaegeiclsmrmocnxgxamclsslaegeiccmmllecnxgxamclsslaegeimxlbmosanrgxamclcasocgxcceimxlbmoconogxamclcasocgxcceicmarxbbonsgxamclcboecgxcceimclsaoxbncgxamclcbamegxcceimbbcemoancgxamclcbllogxcceimmraexoenxgxamclrexlegxcceimmraexxanxgxamclrexlegxcceimmraexsenxgxamclrexlegxcceimaooloranxgxamclrexlmgxcceimrsbrelonxgxamclrreosgxcceimabcabaonxgxamclrreosgxcceimsleoaronxgxamclrreosgxcceiceecmorsnxgxamclrassmgxcceimcclsxcanxgxamclrbcelgeimrblelcenxgxamclrbcelgeimaecsxrcnxgxamclrbcelgeimxlbalcensgxamclrbcxbgxcceimxlbmxbbnsgxamclarlmmgxcceialbserxonxgxamclarlmmgeimcssmlronsgxamclarlmbgxcceimxlbalsbnsgxamclarlmbgxcceimrmaobxanxgxamclamoelgxcceimromobmenxgxamclamoxlgxcceimxlbmoobnogxamclabecmgxcceimaoolslanxgxamclabblogxcceimbmlselenxgxamclmmlcxgxcceimbamerlbnxgxamclmmlcxgxcceimexxlrbenxgxamclbsslxgxcceimbmlselonxgxamclbsbbcgxcceimbmlsebbnxgxamclbsbbcgxcceimbrsslsansgxamclbslcegxcceimrmbbobcnxgxamclbrralgxcceimxlbmoscnogxamclbraeegxcceiaaxcambbnxgxamclbraeegxcceimxxrecsanxgxamclbraeogxcceimxlbmosenogxamcllxaobgxcceimbclraronogxamcllxaobgxcceixaoossalnxgxamreerlargxcceimxeemlxcnxgxamreerlargxcceimbmmcllonxgxamreebbcogxcceimoobcomanxgxamreebbcogxcceimoobcobenxgxamreebbcogxcceialrexeoonxgxamreellmbgxcceircmbbroanxgxamrexxxaogxcceimbscxmxanxgxamrexxxaogxcceirrmlllronxgxamrexxxaogxcceimbscxmoanxgxamrexxxaogxcceimcssmlrcnsgxamrexxxaogxcceimeembecenxgxamrexslclgxcceimeembescnxgxamrexslclgxcceimbmmreecnxgxamrexrlsegxcceimxlbmosonogxamrexaoxsgxcceimboslabanxgxamrexaoxsgxcceimbsblroanogxamrexabcagcbeirreacmsbnxgxamrexabcagxcceimcssmlrensgxamrexabcagxcceimxlbmxlonsgxamrexmrecgxcceimxlbmxlcnogxamrexmrecgxcceimxxerrecnxgxamrexmrecgxcceimxxerreanxgxamrexmrxmgxcceimmraexoonxgxamrexmmccgxcceimeembesonxgxamrexmmccgxcceimmcmerrenxgxamrexmmccgxcceimxeemblanxgxamrexbxargxcceimromobacnxgxamrexbxmegxcceimaoolcoonsgxamrexblosgxcceimxlbmoaonxgxamrexblosgxcceimxlbmxlenogxamrexllbogxcceimbbmsoxanxgxamreoslobgxcceirarrrcaenxgxamreoceexgxcceimxxerrxenxgxamreoceexgxcceimsacexoonxgxamreoceexgxcceimamsorebnxgxamreorxblgxcceimxeoxsbenxgxamreollxsgxcceimcclosscnxgxamreollxsge; c-tag=%7B%22tag-banner%22%3A%22v3%7C%7CNOR%7C3651729%7C74492334%7C0%7C%7C508%7C41%7C3%7C40%7C0%7C0%7C0%7C25344%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C0ff9af0f5b0fc15c6f53cac42f689a71%7C0%7Credd.tube%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Tue, 28 Jan 2025 22:05:13 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12346
Expires: Mon, 30 Jan 2023 01:30:59 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
185.76.9.15206 Partial Content 12 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 96ad52c24f7c0e4db3bf8e6c12b35a4d
b55663983b553c9f9adb0e1ada3af807a55715ec
f31922b7651e0582b68857a63239cc02dc53c0e30565fa5d11b74bf43e85527a
GET /library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: video/mp4
content-length: 12161
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-2f81"
expires: Wed, 09 Aug 2023 11:37:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1691581143
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2Xbxz/QqbkAA
x-77-nzt-ray: c0a4cc28304190d399edd663c6e21c21
x-cache: HIT
x-age: 14984770
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-12160/12161
X-Firefox-Spdy: h2
uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 uniqueflatlysorting.com/d4/53/67/d45367c1e1a2457563c268888ecb3001.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37162), with no line terminators
Hash f52681b535dcdabcd3d245a126fa8ebf
76aca31c5db7cf20a0bb0d35132b55bd1e295cab
906da2635e9a5588a16e494495bfce7475e80ac268d69b010b964729e3975898
Analyzer Verdict Alert quad9 Sinkholed
GET /d4/53/67/d45367c1e1a2457563c268888ecb3001.js HTTP/1.1
Host: uniqueflatlysorting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac154e4f8021474e1e70693b03b0cdaa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp
185.76.9.15200 OK 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e4867359692ea09486c09307f5db054
aff16dc44b7afe6bc9c40ebc15af039a96c09055
c860932ff98f21366a4861ea670b31fd0a8383327cbfc09040647cefd7889970
GET /library/761560/aff16dc44b7afe6bc9c40ebc15af039a96c09055.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 10414
last-modified: Thu, 03 Mar 2022 12:22:53 GMT
etag: "6220b31d-28ae"
expires: Sat, 09 Sep 2023 00:34:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694772112
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ07S43/ifWzAA
x-77-nzt-ray: c0a4cc28304190d399edd663d24a4b29
x-cache: HIT
x-age: 11793801
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp
185.76.9.15200 OK 9.0 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 03a466116a5e875e0bd4dfa768d88d94
d12ccb590ad00f4923f36212a376a907910dcbf6
1095a12ca3638c3d19f40704809776f1f6349a7b06e35cba865e2126ed6ba52c
GET /library/802444/d12ccb590ad00f4923f36212a376a907910dcbf6.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 9022
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-233e"
expires: Sat, 15 Jul 2023 11:38:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689614225
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2fVUj/iKkCAQ
x-77-nzt-ray: c0a4cc28304190d399edd6636a5c5829
x-cache: HIT
x-age: 16951688
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
185.76.9.15200 OK 9.6 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 070a232d0b0e025bfc65d90c1f5ece91
b69b0ad953e27d2318d3b7783f89b2f03cac130e
bd774d7c7edcc81fd3f49a59ed1ef48868b2531bba2ee9762213e2b023f4c5de
GET /library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 9562
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-255a"
expires: Fri, 30 Jun 2023 11:09:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195383
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0bqUP/4k8YAQ
x-77-nzt-ray: c0a4cc28304190d399edd663a5d75b29
x-cache: HIT
x-age: 18370530
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp
185.76.9.15200 OK 6.3 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08f0d637a8bece01677b78c56c3477b5
8d556f01a0a027fd5743a851458a0c2fa83388ba
07698e284ebdc9b08584215029b7bc35b2424b91f52e0a30c8e50bec44e59ad2
GET /library/802444/8d556f01a0a027fd5743a851458a0c2fa83388ba.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 6324
last-modified: Fri, 15 Jul 2022 11:08:07 GMT
etag: "62d14a97-18b4"
expires: Sat, 15 Jul 2023 11:43:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1689440333
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1EE7D/zFAFAQ
x-77-nzt-ray: c0a4cc28304190d399edd663d1b0f829
x-cache: HIT
x-age: 17125580
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9683
Expires: Mon, 30 Jan 2023 00:46:36 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144762
Date: Sun, 29 Jan 2023 22:05:13 GMT
Etag: "63d67516-1d7"
Expires: Tue, 31 Jan 2023 14:17:55 GMT
Last-Modified: Sun, 29 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _KaWpHtjDqk7Fgt3qHGfMvkc4fPgmB5p4ZUbr_jwKuvk7xbdJuc69A==
Age: 2813
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash be67904369bfcfd0891a347cc0566e5d
51a6f26c529e54401a5804e325473befe45decd9
b2102abfda38fc4a3cf9fcbc5d31f57fe99e2b48627bc48a0785fde52c07b03f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.redd.tube
access-control-allow-credentials: true
set-cookie: uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; expires=Wed, 26 Jan 2033 22:05:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.216.49.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.49.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OaoGabpTa6enOwmZ82WjnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2MF0mHi9bAvXMtPKzNxf1ITngdM=
poweredby.jads.co/adshow.php?adzone=972163
185.94.237.102200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=972163
IP 185.94.237.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1576), with CRLF, LF line terminators
Hash ab4e8ab24e07b8b887ea82d2634bb2ad
9535d8dfbe693b80d4272d998a62cf63757c73b2
c1cc522d6fd4e9000507adfb39ccf245f48017c40723742d8e255bec30ed00dd
GET /adshow.php?adzone=972163 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 22:05:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0c60d5edb1d1dea2cb949bd17bcd81df; expires=Mon, 29-Jan-2024 22:05:13 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Wed, 01-Feb-2023 22:05:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 01-Feb-2023 22:05:13 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V>m=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Z1WP23B83V>m=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z1WP23B83V>m=2oe1p0&_p=1833447662&cid=1954351921.1675029922&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675029922&sct=1&seg=0&dl=https%3A%2F%2Fwww.redd.tube%2Fvideo%2Fc6d7acad3e4ba1a946ad81fe676c6b2c690a4be7&dt=%F0%9F%94%A5%20SaucyNatt%20whole%20OnlyFans%20account..%20Going%20For%20da%20lowww!%20...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.redd.tube
date: Sun, 29 Jan 2023 22:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.202.23200 OK 30 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 0bb4478891b9dbc409e01ebcbec51bbf
97cebc2fa565dc240f730f809ea1cc8616a5e32b
395b0f79e1bcd18ae9b6f5d42122a02fd954ade1bb979177e12f17d1dbcf6270
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9fa6aecc10ad143fdfee1e1488206286
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Jan 2023 22:05:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0V0RG6GgbibP%2FrT7Ro5a37rDsCsP7y9pK%2B%2FWvg3i2OL2JNgmCMDoqfkQgALO4xbW7BkcH3MsszAhn2KQb44W3wZ53q%2Ft5M5yZ8c0IqkcYdlM7OxTNzLWPCxPahlHqgaZacitzKQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a0eabb71a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntube.b-cdn.net/favicon/favicon-16x16.png
194.242.11.186200 OK 332 B URL HTTP/2 cdntube.b-cdn.net/favicon/favicon-16x16.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash ded2b1ef88b4c1826be4981640b88802
1bfcdd5bc5652deab6f80a6c891753507c5eac91
263b1585ee8fad3076fc9599ab934ccbe42d25628a9df35689480a1453c24c99
GET /favicon/favicon-16x16.png HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: image/webp
content-length: 332
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 19 Feb 2021 03:57:29 GMT
cdn-storageserver: DE-164
cdn-requestpullsuccess: True
cdn-fileserver: 113
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 206
cdn-cachedat: 11/29/2022 21:20:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 59f840b45af0dd22f2d24a3b41068285
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash bf4ae949000bdac674fa80403cf14c6b
bba8a737893ad3e4aa0c6403fc275a5dae9c949c
b7f7c733815cc4fa7d7ee5a9fb45f71e7532a858855ebb808d561bb0ce8b62ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4496
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:13 GMT
Last-Modified: Sun, 29 Jan 2023 20:50:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
i.jads.co/1x1.gif
69.16.175.10200 OK 43 B IP 69.16.175.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0c60d5edb1d1dea2cb949bd17bcd81df; juicy_data_1=YTowOnt9; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:13 GMT
etag: "1457030838"
cache-control: max-age=12195353
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1675029913.dop020.sk1.t,1675029913.cds245.sk1.hn,1675029913.cds264.sk1.c
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89231e8fe1afd89090e6a09d61430e11
11b471e4821cade1ea075b8835c892d455bfdaa2
8c78cce8f98a69e9c1c2bf45d12879b40c784288b4e79dabb296c24f94025c12
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8C78CCE8F98A69E9C1C2BF45D12879B40C784288B4E79DABB296C24F94025C12"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9683
Expires: Mon, 30 Jan 2023 00:46:36 GMT
Date: Sun, 29 Jan 2023 22:05:13 GMT
Connection: keep-alive
chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
104.18.100.40302 Found 314 B URL HTTP/2 chaturbate.com/in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
IP 104.18.100.40:0
Hash bf4ae949000bdac674fa80403cf14c6b
bba8a737893ad3e4aa0c6403fc275a5dae9c949c
b7f7c733815cc4fa7d7ee5a9fb45f71e7532a858855ebb808d561bb0ce8b62ea
GET /in/?track=reddit&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Fri, 03 Feb 2023 22:05:14 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJyrVipRslJQqjAMSlHSUVBKzi0Acf2SHStDQfySomwQvyg1JSWzBCRQBOJmlJQUFFvp6xfkl6cCpZIq9bISU4r1kvP1QUoS09JAinITKyoqclNTMhONDAwtQBJgo40MlWoBrNohbw=="; Domain=.chaturbate.com; expires=Tue, 28 Feb 2023 22:05:14 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Mon, 30 Jan 2023 04:05:14 GMT; Max-Age=21600; Path=/
stcki="R2oKO-=0"; expires=Tue, 28 Feb 2023 22:05:14 GMT; HttpOnly; Max-Age=2592000; Path=/
sbr=sec:sbr712ecba0-58b4-410a-82a2-ebabd0f06ff4:1pMFnW:kGPtd1M7F-Zd5aNLpwVb3OaVbL0; Domain=.chaturbate.com; expires=Fri, 24 Oct 2025 22:05:14 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=lQ0Yp32ZJ5SzYoFdlFSxE8kLsH2lJ1IcrNS_4jW5aK8-1675029914-0-AVSDV12pHAYD0ybtQPvq4ZYgP4lVNB3n6PucKPp9+ILAp1Cue9Js6eubCoJOJcYZZDjpxSIFQWcEM8XsT2uRhbo=; path=/; expires=Sun, 29-Jan-23 22:35:14 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791544a24dc0b4f7-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29c3aadcd47a30f32512235085897891
4aeb872839929bdf0a10d2fddf3e65a9191b23bf
2514a4d02f01ccbe0c9a16be16bfe12da644971ea6d1f58c7effbf7965a30e99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2514A4D02F01CCBE0C9A16BE16BFE12DA644971EA6D1F58C7EFFBF7965A30E99"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1408
Expires: Sun, 29 Jan 2023 22:28:42 GMT
Date: Sun, 29 Jan 2023 22:05:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=88220
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:35:34 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=90252
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 23:09:26 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3021
Cache-Control: max-age=87373
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:21:27 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314
roomimg.stream.highwebmedia.com/riw/newmollybrooke.jpg?1675029900
104.19.242.83200 OK 14 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/newmollybrooke.jpg?1675029900
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 0aab8eeb39f95371d284b17a53edd3cc
c8a76a60ac0e28abf99295bb22378a45a245e622
0a173ea1be390abc0014e45573ac40fff9733dc814bb899b62c08175ee1b6d74
GET /riw/newmollybrooke.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 14251
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14475
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 7
last-modified: Sun, 29 Jan 2023 22:05:07 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgnj6i%2FwNHPNi9h9E51gViPoagGuJvroP8A7ECoBsloDgPm0U1%2BxdCfsjsKOo5IMp7uus2562XJWt%2BvvxBvS1iqjplRCimDZWPorFTtEp4gujwqrnx1tUBwGH1wl6ruvShJNNppgWA4MGefGZQ%2BcZ7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=o2ztGSw1xlRvOmk7I.jGsEjnaHCc4dGZb0qnHfrtWWI-1675029914437-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a52981b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/claire_moulin.jpg?1675029900
104.19.242.83200 OK 10 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/claire_moulin.jpg?1675029900
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash 2416309a10dce60532edaa401a5a6faa
6326b9673eedbd02995c9b3530e112bffa35074b
e2be7d36d75dfe461774ff9b330a2d3949f5b9f3cb0fa7ce22d3a99266ccfc7b
GET /riw/claire_moulin.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 10016
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13
last-modified: Sun, 29 Jan 2023 22:05:01 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9MV7SHgOtDmgTI5Esy0PeYztOg1aI425znZ4dPqfkoL2awPD1A7gvztmLd3WAixPYrkn1fAWmSst6%2F8GE6%2BwqnbOsXxc0dg6kPCnFMbUTCY1Dy6W7QT%2B0mlRFVbobdS4YeIKIj5q5sskeXwlGUnt%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=lGmguDtaE5bSsXOoWNDVt4snYELu6Yfz3O2mfp2NzbU-1675029914438-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a53985b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/kalisa_pearl.jpg?1675029900
104.19.242.83200 OK 14 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/kalisa_pearl.jpg?1675029900
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 49b198a312c39c31bd26b367537eaadd
38ab111d4ce2bbd56729e385647a5847788eca41
7b9f789f725806e8a74a7a7da7d24f415ebdd42fb80577e257eb39cc75c26d5b
GET /riw/kalisa_pearl.jpg?1675029900 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: image/jpeg
content-length: 14493
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14528
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 14
last-modified: Sun, 29 Jan 2023 22:05:00 GMT
expires: Sun, 29 Jan 2023 22:05:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLob%2Ft%2FrKbdxUtLarmNvnYM9BxhNch4fIKwE2%2B2BZKm3BTM5DnaB1Cng9WQTOamtlR4BvfENYDW54rjm9WNwJCpmbXsdPjCmFLRszMqrpSB4fqvWIzMG5yL362pPAlvERbsuM%2BQbABL3udr6OwZdWn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=aOzdIJ4ZIrXWaSP2Owjg771aSKgYMmq4yBIx.7UXzkk-1675029914440-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a52984b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 80ba85c699072a289fb928b31939a659
ba63aa41a098ae437c4a3e57f1a1e8cf8b05f2e8
91cc8e9cb6d6a0ffd13197e01ef57b4a470e6536b806b334d1416c52d03b29f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3867
Cache-Control: max-age=88220
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5941b-13a"
Expires: Mon, 30 Jan 2023 22:35:34 GMT
Last-Modified: Sat, 28 Jan 2023 21:31:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 21:45:20 GMT
expires: Sun, 29 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 1194
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js-agent.newrelic.com/859.95d4308d-1222.js
151.101.194.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/859.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6657), with no line terminators
Hash 364ac85aef21ab784eeec8f55116dff7
82089547d57defc88e114832b7eb9919a8876e31
255295be519de9a2d1040b1c547c25756b63310e2d7234bcf252ed41d5278c0b
GET /859.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PAOkWJ6WiOdnSUVZHZQv79Edy7uPwU81uM9fUJQx6T8UpQupKV3O9whnAR+3HGoYTBPmehtRe7k=
x-amz-request-id: WFN4FJZ1XN6DZ8EG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "b087387593417c0b63259918da3584e3"
x-amz-version-id: GtNmis6Y3zB4SbtciuRtabFzp3T7wBIy
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2562
x-timer: S1675029915.620338,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2975
X-Firefox-Spdy: h2
js-agent.newrelic.com/569.95d4308d-1222.js
151.101.194.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/569.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (7513), with no line terminators
Hash 8d0953404ce6fdf0926ef6bf37d7e041
8cec9d9883f8b7720721bb33bffb4afe45193b1d
83966eef1899edd421692b78cda8df58dfb9b0b2b27a7485183c5b4cb44a336d
GET /569.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: v+E2uK5EOShfz1aeDzYcwNWitGv9mKnF6hMwgfWjfoR/qfIZPK6AF+v3z+by8JUQg3fSUYcltK4=
x-amz-request-id: WFNFJ5TESSHD3FE6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "e97726ab932639fed09971b1d682788c"
x-amz-version-id: umZj.yHws5JPiBHG1j096ELWHEKx7rh0
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2581
x-timer: S1675029915.677440,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3173
X-Firefox-Spdy: h2
js-agent.newrelic.com/620.95d4308d-1222.js
151.101.194.137200 OK 1.3 kB URL HTTP/2 js-agent.newrelic.com/620.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (2989), with no line terminators
Hash 7094c3f93699a846fe91edd766391f01
25e8c79409acc2bb73a728c0768e1eda66019255
85eb01219e8aaa7c7968aa175c2421454f99615ae66350b15c60465f4616826f
GET /620.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: QggJtv+14rx8wEd4C6ZTDmmxUSe6+8jiYhTGnWcIRu6DC5pRiaL5fPRx8/lgChduQ7GqRSlO6xY=
x-amz-request-id: WFN5FXFSJTZYM7K6
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "ca9b029ff66dd9146273984d16e20abc"
x-amz-version-id: HYguQMwVKEHCmodKuQRUzW1qxlElK9Xr
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2583
x-timer: S1675029915.678547,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1342
X-Firefox-Spdy: h2
js-agent.newrelic.com/457.95d4308d-1222.js
151.101.194.137200 OK 2.0 kB URL HTTP/2 js-agent.newrelic.com/457.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (4809), with no line terminators
Hash 09c0cca8d2a9fd69f1892a1c2d1319b9
b46f4fe3b0adc98785d22a092818b74145a91cc0
593022809e272793157f8280bae176bfa74a02f9f9a6d3269384e2dd434be046
GET /457.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 6YLQBRWWkaavoi6QR5dS+9cRhXVrpaQK5v3G9/iqQ5oKPUxxFI0Uv2tN9ar51sQUG2xwVmTWBnY=
x-amz-request-id: WFN1Z9NXJZGF8XE5
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "c16abc7fa2e34cbb7baf3e290120ad5a"
x-amz-version-id: qROfxBD9CF8WXmbywdhvCmImuu9HvRNA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2574
x-timer: S1675029915.680579,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1953
X-Firefox-Spdy: h2
js-agent.newrelic.com/244.95d4308d-1222.js
151.101.194.137200 OK 2.6 kB URL HTTP/2 js-agent.newrelic.com/244.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6871), with no line terminators
Hash f3fa38d9e10cf246f158644ebd64b342
c2730a8b130475b903b30148ea5cf79eb7de1873
6aea0ff08f0ed145b42d52f81d167df30a300f3da22b687fa2de3be48df1badb
GET /244.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: HqAuLbtc4kLXjp/HM/sZyPqsDbRk1eMZXQl1gAv0l9/yRrGf//JiuVcahDTT5bis4NqiPxfG4OQ=
x-amz-request-id: D866GB1QGPTYVJ4R
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "a24fd7e602a6b44ab4c03cab69c843c6"
x-amz-version-id: wm7C04ehQ1WMJgMW5R_.Vg0x6NJINoji
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1619
x-timer: S1675029915.684486,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2607
X-Firefox-Spdy: h2
js-agent.newrelic.com/142.95d4308d-1222.js
151.101.194.137200 OK 880 B URL HTTP/2 js-agent.newrelic.com/142.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (2014), with no line terminators
Hash c962fb555005bf74b5010cd5c748c721
5c7c22b348a994aad18e8162bb1f78b9fd49c491
077c18d946bf505b4efe75b1b3c3d9c6b3ad6af3e5b5d08a41fedf7aceb84233
GET /142.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: /ZtX43ynOvSaYlrJ/LhlDymHqsr4/Ext49IQ1RQZxLK2MPDMHv59yC5Li6+9oNRuTnKxUqkvJhI=
x-amz-request-id: MFEMFHWSJ1CY7RPR
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "082c9f0a95ce6870ed4d9266fa0e41e5"
x-amz-version-id: ed_.QNbbUDaLQJRSZtC0TghsoJcp2gVk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1613
x-timer: S1675029915.689267,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 880
X-Firefox-Spdy: h2
js-agent.newrelic.com/885.95d4308d-1222.js
151.101.194.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/885.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (16348), with no line terminators
Hash 2414f7dbfd0e2cb3d826fc02a8b608dc
550db9b7abbcd2e5a0d4ab9c414933e1a0bd36fc
8239519b8bff793ad186f4ab9017f8a6ed34edc1df3361958075077ee7677b3d
GET /885.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: iuZsFv406u1sMvs0ma20vGvuMApZWTFFZj+faC5P7Ry157RP7v+m+H8/pYueXH7fkGpYpHbtGFk=
x-amz-request-id: 99ZMGE3ZKMAWH9CW
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "fb9bb822463bccec4200657d3ae33dc0"
x-amz-version-id: PKmhKUoshrjILDxYc6QEKM_sGJ.F4FNB
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1096
x-timer: S1675029915.695421,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5930
X-Firefox-Spdy: h2
js-agent.newrelic.com/41.95d4308d-1222.js
151.101.194.137200 OK 439 B URL HTTP/2 js-agent.newrelic.com/41.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (828), with no line terminators
Hash 46946da829a2257cd8bdeb75bc6f8ff9
bfb81d0ebb2c5a2c0fe666f6a9c4c09cc5a545b3
50e164f0b5274f88ecc28c833729663593b3380aed5a4ac3a06d29106332a544
GET /41.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2TG7kVMnt5x5EwbcjDgF/pAaH/jmgGXStlMFEbvOUPNYaRTe14pFRmwb0VQGFJQN7uXfEncHoqkNLs4TYWl92Q==
x-amz-request-id: MFEHG5GPGK6ZYQVP
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "29dd8aef66100e4c69e07fd60fc88b12"
x-amz-version-id: 6FOFyXAonMoqJqLGEMhx7HWIp32cv4MT
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 2589
x-timer: S1675029915.699629,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 439
X-Firefox-Spdy: h2
js-agent.newrelic.com/736.95d4308d-1222.js
151.101.194.137200 OK 2.1 kB URL HTTP/2 js-agent.newrelic.com/736.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (4688), with no line terminators
Hash a0dd1bd64e5912ed2b69ab00c181333c
9f4001e3f6c7fd3105972022cde6a67638ba8083
2ea47cc022696e899accbc531bbb7e3abc01f1598cedaa9f23e071d47ee510a0
GET /736.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: wZ5lT7Qk1E9hmsxWDncLcs+Ic+aBtWHWGPUcVxaeVym/k+6uixaPTXfOiP+keWUZ+GKP0xL2SDo=
x-amz-request-id: MFESCF9VXQC5P35J
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "def1dc24974c16a4e78c08e349b92860"
x-amz-version-id: i.8rfLhEckzO44oBXwNAK9an0lbXu.5p
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1618
x-timer: S1675029915.699928,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2132
X-Firefox-Spdy: h2
js-agent.newrelic.com/466.95d4308d-1222.js
151.101.194.137200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/466.95d4308d-1222.js
IP 151.101.194.137:0
File type ASCII text, with very long lines (6842), with no line terminators
Hash 0545743760ba9995e8efbe879105162f
889887ac56edaf2cfe41752ec0893a9ac5d23db0
91a431e85d69e797b8a8817bb15aee94a9fbe38355a6890f75e8947a55386ee0
GET /466.95d4308d-1222.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Y3xfvlvSw36CE9GOKklvJeG0iBkCsl/ss+e4vNwZhrKvjIdjtQLayCw3yQPVxbIyEllIzLdCgUw=
x-amz-request-id: MFEHC9QF926X2AZG
last-modified: Wed, 18 Jan 2023 20:22:30 GMT
etag: "2b339e4b3b0435de10496ee00de8446a"
x-amz-version-id: joCLqMlafBXUuB094SKQ5Jhlrbz7F.ON
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 22:05:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1616
x-timer: S1675029915.700290,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2
naveljutmistress.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1
173.233.137.44200 OK 3.7 kB URL HTTP/1.1 naveljutmistress.com/sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6264), with no line terminators
Hash 90b25eb99c198c0ae831d4985eb552e4
0d7db0f3db24487bc616be0d127320ae5244e893
32e7673136aeef8f62eca18beb1451ddc652b7d34aaaa10b07673f7f14233863
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d45367c1e1a2457563c268888ecb3001&uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15%3A3%3A1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.redd.tube
Access-Control-Allow-Origin: https://www.redd.tube
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17176328; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; expires=Sun, 05 Feb 2023 22:05:14 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uncs=1; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 30 Jan 2023 22:05:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41f6cda831c2ee81c136e7d3c0243c9b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c46e3a648cf6a599551b7274d238bffc
b0f6e34a83ef52a888aa34b8ed16b238b230cc8d
f7dbad660ede299c6cf774380f065b17efbe9566a35103a6fa2e5331c6ed03df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1853
Cache-Control: max-age=91234
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:14 GMT
Etag: "63d5a7bf-1d7"
Expires: Mon, 30 Jan 2023 23:25:48 GMT
Last-Modified: Sat, 28 Jan 2023 22:54:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e34c204daf6f65e512d7168b01268c76
793aacf3316ca30d6bef3acaaf097e42e2013e49
a748e66ab50d8c910a381a0e653c9b3e95c15043c5c52e91fbaeb20282b9fd49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A748E66AB50D8C910A381A0E653C9B3E95C15043C5C52E91FBAEB20282B9FD49"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10063
Expires: Mon, 30 Jan 2023 00:52:57 GMT
Date: Sun, 29 Jan 2023 22:05:14 GMT
Connection: keep-alive
naveljutmistress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 naveljutmistress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRuu3h8fH3pZV0E8iIN4WMHMdk9Pz%2FTsIsuuazQYs2F3JSAerK6qnpTp6WqquqcnOQVXliyIO%2BpFPHWeSTaoQdw%2FQFk6XiQX04KSgzkIHj2JnmUmA9H3UO9T9bwFz%2Fu8793N7IjYyOjh4ptqTUYRvejV7dqFJRlzlZvawu2aY9fty7UlGbeal2uD8aH7lxzbq9sv1l4TbEVdbNiObTu2U5uVWoRqcHHCQia7HafesevNRt3xmhjo%2F95NZsFQC7x%2FRM5D8urs8g8PIVmJuPfNdWFWUpW89Govi2iqNPp85614JVZ5jN4JDLWFMN6ZVkOZipDPTkHFO9MOoPpb4w4QyIpYvzgI4p2pTAT97WOlQQQRI%2BCPI%2B%2BXEFEJSUswdQeSHxCAcSzcQNx7sKB0TlePWTpmK3Lm7z8h84qc%2BfUpxL2vr0VyULuloiyVKjYYhAXkoITslkiyPaRrFmS%2BB5a%2BD8kJ4l4ByQ9f8JyGzwPfnXG9sD3T7DRaM9QP%2BIzvh8xhni9Cx5tYI2UJGZaIxBDUnEZmLGTSQhZayBILPX5Yo14ntO12GISu6zcZY67LmOe3uMfdph%2FayNhY%2BxBpMgSLhmB6HYlex4r89MA7XxHyydsH3m%2FQ2SOY5QKGWzApQZ8XyAVBbghySpBLgjwlyPvFNo9MwxQPeGSywJnmxjS7xUil3U26rdKuiMlmckSeGHtn%2Fe%2Fp%2F2NFHNZ403NbbeYIhzaaXttruazR8n3fFyxwbduBkQWkOQVqLKzJijz5%2BndIZEVO3buLgO7BRHtg8hxo9ixoPmo3bNDlUdO3sRbvUj4wQvdFnakeuCqQpGeRrlqb0RF5ZjLDSy%2Bfg2D7V6r771z4q7wPpgskusB78nuCbrQxuqlysnVT5YY8vJGksifX6Hi%2Bt1KaitNfviFWc6X53HUz%2FOIqGxNjuHtbmHSexlzGXUO%2BuiY5F3pWaSbIt3NmSQSLmVm%2Bluk4S%2BYXX5md6yVaGCNVXILKA%2FMhmKzIYxsfTTb3uec1pC6hswK9bJ9MA1KVYMk6THKi3igCHZ3UBImFPCtGuhGcPEayIs0PfkQk9q88%2Bv3dq%2Ffa86BBASP%2B9fEEb5oNdLUFmt6Z7GxfF%2BhHBWg0hMlOj9JE71%2F5yZ0EgsgaBZG2toJIRx8f22vkYU14oR0KuyGCsBOEbWrzTtjsBLTjiHbgUQepqdjPf3z%2BDwAAAP%2F%2FAQAA%2F%2F%2FfkcPTlQQAAA%3D%3D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d21835d03674b3eee628444994d871b7
Strict-Transport-Security: max-age=0; includeSubdomains
bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1222.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=890&ck=0&s=34229564c6861920&ref=https://chaturbate.com/tours/3/&ap=29&be=456&fe=202&dc=111&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1675029923065,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:245,%22rp%22:431,%22rpe%22:439,%22dl%22:442,%22di%22:566,%22ds%22:567,%22de%22:572,%22dc%22:657,%22l%22:657,%22le%22:661%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=592&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF8IAA0FAAIPB1FWBlcADhh2Yi0TFUMhJTshCU0XAwlYHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwAIQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEw4EBlVXUlcLGFhUVAMUVVJQAU5fXVNYHFkFD1ADAVRTVl8BXxNNE0sEBAYWBhQbDxtZFUVJElhMSxMJTlBLVAVTQE8IAgAQSFpaFhNNE0sEExYBEBJmWFxFCV5dQ1hBIyYyGxkbQRhFUQ4MPBIGFEpcVl9DCxtSTFRGT0RMVGZVBEdQAgc8AgILUFlAE1sTdhUKBhZBShtAWG4FVE8IAQY7Fx9JUBsLQ1VcEgkXCxNEFRdMUD5eSj4EAgkKCkAXAxM2WFcFDRQXQUobQFhuDkJmFwcRFwoJVxcDE1ABG01AFgU8BEtaTkIEQ2YHAw4NDx8bDxt3CENcBw0bRk9ETFRmUxNeThIHETsVA0tGUF4PEwNDU1NRTVYbGRtEAG5KFRAKCgREAxd0XhtYVQ0DTFFNVhkdblgPVVYWEUMqN0YIBRcBWhFuCAxVUFhGQQMNCkFDT1tTU1FNVhAVflQCWlZOUFNVU1YIBQgRJ1hLBAQMHExXCQAXAUMdGwYLFzsACVRYUEVDCxsHV1tQUAdbBF8DWAEbTUATBREHVEYbC0NKZUMWDBEROhsPGW1DSQgzBj9GT0ZlF1pQDEFYCAUNOEFcGWkbfwJwQDQ%2BQUhDOhtWZRNbEWVDUT9GT0ZlF0ltQwsZPUBTOEFKGWkbVgRfXQQQP0ZZRmUXX21DHRk9QAcNEAdbWVxuEl5MDwY/RllGZRcJbUNMG01ABggKAVBXVVQ%2BQkkNCxc7FwNKQUoTWxMZNBERJwwJUlB4cEETFUMHDw0ED1tZXG4SQVUIFjwQBhVNRmZfEhMDQ0IWFwYUZlpLbgJeVgoLBjsCBxkXREw%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 22:05:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 791544a7df6a1c16-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9201
Expires: Mon, 30 Jan 2023 00:38:36 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba712b809d1107138674cd304e041068
cb7ed5692720084e2b66e724712685d1d56dbe94
1624708856cbcf339b6acc2d31268b693af742aa1b0c699391dddbb09c493347
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1624708856CBCF339B6ACC2D31268B693AF742AA1B0C699391DDDBB09C493347"
Last-Modified: Sat, 28 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Sun, 29 Jan 2023 23:42:08 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8505
Expires: Mon, 30 Jan 2023 00:27:00 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: a13a8181-5783-42c1-9fda-1fcf8db4f0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVpetFv-oAMF_Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d222c4-68165b34525ca2a054f0b505;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:50:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rJbdYq3bZDatEVvC83VR5WiWOFwNwVZEB16ez21KdnQJJrgJ-yKPCg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 14:55:48 GMT
age: 25767
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 4738
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 77241ca1-d7d1-4133-bc06-e89a8db93aef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbANlFiSoAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44723-0b07156624f03d47665f2d4f;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iZuCuhMd6Qh4_ullCXneuwDyB6EXdLof37qhrLCe6U4WpeGIUPl73A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:03:45 GMT
age: 90
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 04:01:15 GMT
age: 65040
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 54946
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.94.42200 OK 219 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.94.42:0
File type ASCII text, with very long lines (316), with no line terminators
Hash 24046196c939cba420a122038ae0b0b9
0db1ee1b83f8bf864dc157917271c46961c0f188
e2671f3ac4334088fa27d34d8f54406de0936fe6f4ec45af375d3bb2c5c9fc9b
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: 8ewmTI2jy/M5oxfm1Zo8bv1SqrieGnfrMfmtZmR336jUoc4rRdbotq/wectU+HY8mdvt156QxDvmJAhJfohIWQ==
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: CHGKMTPSKZ4AFT0N
cf-cache-status: HIT
age: 928669
expires: Tue, 28 Feb 2023 22:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk7IDZqT6I9K%2B0UrAHxOiLVBobAepGcoZ4iOBGP%2BJOwuND7Zq%2Bc%2BfR7NXrD9kN9HjkDZ3DYjApQaqx5SzmmnSOSzcTj264upXkLLzuRQxHL0ez7GYOgFBvGKD6olSKlX8JHqbCMsi8TUKQQ%2FPFk3Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ck2QqvOgw5V0BG6fwZHKIYdRKbWyR2avTAg7MNWBNK0-1675029914424-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 791544a51f601c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 509
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 92150eb32d9db49422cf29f24536530f
ee14343bc6797e6e4004aa93002e20e82ede365f
a3d92b83c5e18e8b559d0830a26ef62410a5922a213a1508ebb9f177ebdb8f51
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3D92B83C5E18E8B559D0830A26EF62410A5922A213A1508EBB9F177EBDB8F51"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9201
Expires: Mon, 30 Jan 2023 00:38:36 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62452129bb8dec065bf82af1cd2325a0
9b32f067ac26364f2cd578bcdd40c50d18fd03d7
0d2f762553a22b9679301179d107a4a8f2e01efd82c6f432a806d4810481a08c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D2F762553A22B9679301179D107A4A8F2E01EFD82C6F432A806D4810481A08C"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4283
Expires: Sun, 29 Jan 2023 23:16:38 GMT
Date: Sun, 29 Jan 2023 22:05:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=5128db83-35f7-4926-a8bd-88fc1c58ef15&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d45367c1e1a2457563c268888ecb3001&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e77aea9a770eb08252fc25051e8e2e2
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png
45.133.44.10200 OK 91 kB URL HTTP/2 cdn.cloudimagesb.com/si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c1718772ca810c6c121fa1d02672bb44
22c20701dcd78b1bd41ada8b04576f73d3e42253
91561b48a3e4957afb6aaefbfa5c6463534db30a9bdc2a0f0aabbeef28486a33
GET /si/ae/aa/f6/aeaaf64c11bf62877f097a925a641d6b/1669388807.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: image/png
content-length: 91434
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:06:56 GMT
etag: "6380da10-1652a"
expires: Tue, 31 Jan 2023 22:05:15 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.166.9200 OK 5.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.166.9:0
Hash efcd04a49b2d904d4fa1a8a3fa67b89b
b6c8d6940cd59290adfae72adaf8f3e6227cc096
0a4113a8cdf592f5cd5f2ee0fde6baa77dd96ab9be3321e23f0737d4f53d6f21
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtIMr842%2BAL1dlMkpF5H8BbpQnyLfgmjsr3JitKKkpG55U0Hd0AsmATabFvPFKgc1lWJa4ys9V%2Bwy77GqxMHPomy4ecmbmNoaMF8ElZKrB61m0yHqgSrrC17a6j1AT8wvNOUdD2nVwF7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a908ca24f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 464169
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 22:05:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
naveljutmistress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 naveljutmistress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsePH3qJURAP4iAeIriT%2FpzpSZCQGKPBmIQkEhAPVldVz5bb09VUdU9P9hSMhA2IGfUinnqf2c2iLmL%2BACX0epG9uC0oe3APgkdPomeZ2YHV91DvU%2FW8Bc%2F7vO%2Fd1WKP2Cjo7tU31bJMEnoyaNutEzdlylVpWpdvtBy7bZ9u3ZRpxz%2FdGk0PPTzl2EHbfrH1mmBL6qRrO7bt2E7rgtQiVqOTMxYy2%2Bw57Z7d9t22E%2FgY6f%2FeTWHBUAt8uEeOQ%2FLm6OIPDyFZjXTwzXlhlnKVvfTqoEhorjSGfOOtdClVZYrBAYy1hTjdmFdDmYaQzw5BpRvzDqCGa9MOEMmGWL84iNKNuUxEw%2FV9pVECkSLij6Mc1hBJDUlrMHUHku8QgHFcvoJ08OCy0iW9tc%2FSKduQI3%2F%2FCVk25MivTyEdfH0ukaPWdZUUuVSpwSiuIEc1ZL9GVmwhX7Ygyy2w%2FH1ITpAOKki%2B%2B0LguCGPQm%2FBC%2BLugt9zOws0jPhCGMbMYUEoYieYWSNlDRnXSMQY1BxGYSwU0kIRWygyCwO%2B26JBL7btbhzFnhf6jDHPYywIOzzgnh%2FGNgo21T5Gno3BkjGYvo1M38aS%2FHQnON4Q8snbO8Fv0MUjmMUKhlswOcGQVygFQWkISkpQSoIyJyiH1TpPjGuqBzwxReTMszvPXjVReX%2BVrqu8L1Kymu2RJ6beWf97%2Bv9YErst7gdep8sc4VDXD7pBx2NuJwzDULDIs20HRlaQ5hCosbAsG%2FLk698hkw05dO8uIroFk2yByWOgxbOg5aTr2qCLEz%2B0sZxuUj4yQg9Fm6kBuKqQ5UeR37JWkz3yzGyGp14%2BBsG2zzT33znxV30fTFfIdIX35PcE%2FWRlck2VZO2aKg15eCXL5UAu0%2Bl8r%2Bc0F4e%2FfEPcKpXmF8%2Bb8Rdn2ZSYws0bwuSXaMpl2jfkq3OSc6EvKM0E%2BfaiuSmiq4VZPFfotMguXX3lwsVBpoUxUqU1qNwxH4LJhjy28tFsc597XkPqGrqoMCi2yTwgVQ2W3YbJDtQbRaCTg5oos1AW1US70cFjIhvif%2FAjErF95tHv7569170EGlUw4l8fD%2FCqWUFfW6D5ndnODnWFYVKBJmOY4vAkz%2FT2mZ%2B8WSBKrEmUaGstSnTy8b69Ru62AscXYRR2GeeRYNzpul7o2bbLud%2FtCaeH3DTs5z8%2B%2FwcAAP%2F%2FAQAA%2F%2F%2FLmU01lQQAAA%3D%3D HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9aea03c88dcd9d2422908fd92662fdb2
Strict-Transport-Security: max-age=0; includeSubdomains
naveljutmistress.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 naveljutmistress.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Cookie: u_pl=17176328; uid_id2=5128db83-35f7-4926-a8bd-88fc1c58ef15:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Jan 2023 22:05:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eU5Ma7lqLPZvVp9eelBjFwClyQ95xmCFKfnK2Gv%2F5B6nkZdl7BcfcVBkgZ%2BIvLY6aReAfoEGJXSt6iJK3ktZOYZtSQN93i8tj1j32fz1K2SRxCPusQldAzc4Nc2c%2BHWC37KWdSI3smJr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a908d724f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 22:05:15 GMT
date: Sun, 29 Jan 2023 22:05:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdntube2.b-cdn.net/mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000
169.150.247.35206 Partial Content 0 B URL HTTP/2 cdntube2.b-cdn.net/mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000
IP 169.150.247.35:0
GET /mp4/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7.mp4?v=19700101120000 HTTP/1.1
Host: cdntube2.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 29 Jan 2023 22:05:13 GMT
content-type: video/mp4
content-length: 1107688
server: BunnyCDN-DE1-1078
cdn-pullzone: 116943
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sat, 08 May 2021 00:27:30 GMT
cdn-storageserver: DE-199
cdn-fileserver: 149
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/29/2023 22:05:13
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: b72cff424b822e44f5ab145800229397
cdn-cache: MISS
content-disposition: attachment;
content-range: bytes 0-1107687/1107688
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 29 Jan 2023 23:05:14 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
104.18.100.40200 OK 0 B URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
IP 104.18.100.40:0
GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://poweredby.jads.co/
Connection: keep-alive
Cookie: __cf_bm=lQ0Yp32ZJ5SzYoFdlFSxE8kLsH2lJ1IcrNS_4jW5aK8-1675029914-0-AVSDV12pHAYD0ybtQPvq4ZYgP4lVNB3n6PucKPp9+ILAp1Cue9Js6eubCoJOJcYZZDjpxSIFQWcEM8XsT2uRhbo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
set-cookie: stcki="R2oKO-=0"; expires=Tue, 28 Feb 2023 22:05:14 GMT; HttpOnly; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tcvyC9PLUpNSarUy0pMKdZLztdXqgUA0FML6A=="; Domain=.chaturbate.com; expires=Tue, 28 Feb 2023 22:05:14 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr7ed63112-ae52-403e-9dfa-8461ab000f4f:1pMFnW:Wam0SQjCQe7YmrhjNoEd3ifvqUc; Domain=.chaturbate.com; expires=Fri, 24 Oct 2025 22:05:14 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791544a36f35b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redd.tube
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:15 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4812040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jlKxNTu%2BGmLrHEouJMbN3ERSAKpGU%2BWZsNc7HIlDapfiq8MIXFby%2FnzvKJVlUxu1s5hTHl2Q3XDpPUwZvqtBS1dB%2B4HjS0nk%2FYvewIrnRsZNpRFxLdAnQcwRmiAA6senEqfxobg0XXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791544a8f8ae24f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
104.26.1.198200 OK 0 B URL HTTP/2 www.redd.tube/video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7
IP 104.26.1.198:0
GET /video/c6d7acad3e4ba1a946ad81fe676c6b2c690a4be7 HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: Deny
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
ischrome: false
country-code: NO
x-name: Mozilla Firefox
x-profile-qry-related-count: 0.00041079521179199
ismobile: false
vary: Accept-Encoding
set-cookie: PHPSESSID=eb8fcad9584baba76141755df2a6042a; expires=Sun, 05-Feb-2023 22:05:12 GMT; Max-Age=604800; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vozvW9DyW7limbH2fY2bPy3mXwV0no2vCjFDHVjJpDFR%2Ba%2FpIvoVEaYBBWPJgBZdam%2B1aMfiqSfGXQqP33gfddY9NPcI06jmI6zMCbGSpbQNpshzxaWljYQUoqfy9D0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791544997c65b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/nativeads-v2.js
185.76.9.19200 OK 0 B URL HTTP/2 a.realsrv.com/nativeads-v2.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /nativeads-v2.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redd.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 22:05:12 GMT
content-type: application/javascript
etag: W/"21b43fd9d304f2027f605b8ad4d"
expires: Tue, 24 Jan 2023 13:18:50 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675030828
server: CDN77-Turbo
x-77-nzt: AblMCQ3uzub/nCYAAA
x-77-nzt-ray: c0a4cc28e14a58cd98edd66380ba3838
x-cache: HIT
x-age: 9884
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2