www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
172.67.208.97200 OK 7.4 kB URL HTTP/1.1 www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
IP 172.67.208.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3735), with CRLF, LF line terminators
Hash 6e1e0f7792d9551510d722acac3ac310
5a01603fbafce9aa6c966b793effcbadbd52b7f3
9a806f90cade09659f5ffc4ec393bd72ed4d76605244dfe63644d1ab0f31568b
GET /lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.0.33
cache-control: public, max-age=2592000
expires: Sun, 08 Jan 2023 15:24:59 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN4MH3ErzNqq5oUBGDZsm2Dq6G3WTtLlUw%2FvqFH0NYY%2Bzkj3zq35WkLqrwSf2zSA61G3SZepIZSmLba9pnE6wMqXTO94AWqzCcPHzvSiHuRpzE%2FsUGbMIB4GgAQNGg%2Bzh%2BxoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec0353ea6fabc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2442
Expires: Fri, 09 Dec 2022 16:05:41 GMT
Date: Fri, 09 Dec 2022 15:24:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12055
Expires: Fri, 09 Dec 2022 18:45:54 GMT
Date: Fri, 09 Dec 2022 15:24:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 15:08:19 GMT
content-type: application/json
age: 1000
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2286
Expires: Fri, 09 Dec 2022 16:03:05 GMT
Date: Fri, 09 Dec 2022 15:24:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GMmjM0O44g30etEO0N9d0wCfc7caQxmBh4pqj6XhnCcJLlGtdw78HgUIP+fETcsw8OF+MoynAcw=
x-amz-request-id: 8Y5FZ0G4CJANWC70
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 14:48:22 GMT
age: 2197
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/age-verification.css
172.67.208.97200 OK 982 B URL HTTP/1.1 www.hotzxgirl.com/themes/age-verification.css
IP 172.67.208.97:0
File type ASCII text, with very long lines (2602), with no line terminators
Hash 742ec2a59b2f871ca0c00c1041fe0207
f56217ef88f03829c1e64dfcf6a3de1592c0d91e
e2be7b9ee43a0b52094fe5c3c020fdab035f517173b9faeed848e438be54075b
GET /themes/age-verification.css HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=4596
cache-control: public, max-age=2592000
expires: Wed, 04 Jan 2023 22:15:54 GMT
last-modified: Sat, 11 Jun 2022 14:14:43 GMT
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 320945
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZwRTL05OwTdfbpwGKcgX%2FhFSeV%2FHwiOuCJ9iC8HxO%2Fh6WocrcUZVhHqqjGRBnkvwHTR5IipH0GTraDUyAD5pToUxMkS9NoSnLJgNfEon0CCJWuvjyDjgg9itJkOjnEk2Z8zKg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec0376d061c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.hotzxgirl.com/themes/javascript/jquery.min.js
172.67.208.97200 OK 30 kB URL HTTP/1.1 www.hotzxgirl.com/themes/javascript/jquery.min.js
IP 172.67.208.97:0
File type ASCII text, with very long lines (65451)
Hash 628e53571a558477be736601f745f86c
55832b31010c287ee8d9d3d0199f9f59aad0d569
a15da7be302fcc9f295102e18316cf9b810447c4e2b50ca1056d7e50c77b1804
GET /themes/javascript/jquery.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/x-javascript
Content-Length: 30358
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 22:18:39 GMT
last-modified: Tue, 23 Mar 2021 09:05:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 579980
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4EGixoSRjiOM9IOtlR4L6lOviVWrbDpsOJCIoTRWfSFV6HQNl5DCAOu7VKXSxSSMfgu%2BC44Lwi7iBRHxchkR5%2FcKeJX8oJljVR85Cc5%2FcGLipfPAVIDFtNraVTMcEOhJnVF7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec037582bfabc-OSL
alt-svc: h2=":443"; ma=60
www.hotzxgirl.com/themes/javascript/jquery.imagesloaded.min.js
172.67.208.97200 OK 2.3 kB URL HTTP/1.1 www.hotzxgirl.com/themes/javascript/jquery.imagesloaded.min.js
IP 172.67.208.97:0
File type ASCII text, with very long lines (6832), with CRLF line terminators
Hash 00824a5deee183464554e388f4d187b4
d615b3e040a8adcee929cb00098aca7f27696aac
656b38a7d8ed9079cec2d19fc8db3e273da789d3d4b6985c5fbfcfc1cf7b2894
GET /themes/javascript/jquery.imagesloaded.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/x-javascript
Content-Length: 2342
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 22:18:39 GMT
last-modified: Fri, 16 Oct 2020 05:13:16 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 579980
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tjIjBHhJJiqGyYMTgAuM5DDJ5cfXb95scdhnz1cHUd9n0BAzDcg5uF2q4Ug%2B6HDFIwhLfPUzWsSDWTtpyVREfbR9ViW7cwe1vY5WYIZIoQtlXJi9ftto086RpDBxOPKPMRHwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec0376e9ab500-OSL
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 15:24:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/javascript/age-verification.js
172.67.208.97200 OK 1.2 kB URL HTTP/1.1 www.hotzxgirl.com/themes/javascript/age-verification.js
IP 172.67.208.97:0
File type HTML document, ASCII text
Hash d63589ae988d1ed93860b87866751f7a
87ff65067196be2f79872847581a0cb11dd56469
05032c82e191ceb310c40d0d706c86d99589d1f67612d71833cce47a645e02a9
GET /themes/javascript/age-verification.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/x-javascript
Content-Length: 1171
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 22:18:39 GMT
last-modified: Wed, 31 Aug 2022 03:50:01 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 579980
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDoWQvDIFZujv4n32UH2%2FnS%2FL3Mk8MWnOHQIgsiym4cJaIbMBnEdPPqJ8iAJHS6r34%2FgwsBWoN1MmgOAhkBS2jQk67jizrvY7358ScBmLbnAa5cA8UUfuDiJjNEY%2FEJhb088jw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec0376d910b02-OSL
alt-svc: h2=":443"; ma=60
www.hotzxgirl.com/themes/javascript/jquery.masonry.min.js
172.67.208.97200 OK 7.6 kB URL HTTP/1.1 www.hotzxgirl.com/themes/javascript/jquery.masonry.min.js
IP 172.67.208.97:0
File type ASCII text, with very long lines (25114), with CRLF line terminators
Hash 61adef2ff6612912c7abcc7219ca1962
3b8f6e0d009f5d0f66b0f716f4154423626cf10c
eed5a077357cfdab83ea7cc216ff7cc6d1fbe429bfc6c0859dc97156eb6e6237
GET /themes/javascript/jquery.masonry.min.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/lara/lara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/x-javascript
Content-Length: 7623
Connection: keep-alive
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 22:18:39 GMT
last-modified: Fri, 16 Oct 2020 05:12:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 579980
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDsDlLZEMzHWQ2KTurNrE2QInG3pLtJTTZC3RnX%2BLTZ9IYgCA32go%2BfL9CYHat7v7%2Fn54KZZ8qV8sKAnphiY%2B5ld1T1aJt2Logkj9aq36jghsEHNZ%2Be%2Bl8NtUG69S23vz4beyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 776ec0376c03fab8-OSL
alt-svc: h2=":443"; ma=60
cdn.jsdelivr.net/jquery.cookie/1.4.1/jquery.cookie.min.js
151.101.1.229200 OK 697 B URL HTTP/2 cdn.jsdelivr.net/jquery.cookie/1.4.1/jquery.cookie.min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (1266)
Hash bac86a22d09cf057b53c6a659592ac0d
ef2ead822e3f5f7b7a7f02a42cd3827fa6d2a8de
2101ba9e0de744be0095602363ed2be7a6bef00d9961a78165ccea15be4b215f
GET /jquery.cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"514-wnOWCqh0qH3QIrXll4hxQvG4408"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:24:59 GMT
age: 6882786
x-served-by: cache-fra19163-FRA, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 697
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash afea83ccf37278b38e386b91d0736946
49a9380a555eeeeaf2fffae112b6ae5dc652d880
94c45c0b4fa3f23ad9bc981119e42278abaf9c09cd1bde6faac3677a84f42937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=168463
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:24:59 GMT
Etag: "63932922-116"
Expires: Sun, 11 Dec 2022 14:12:42 GMT
Last-Modified: Fri, 09 Dec 2022 12:25:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash afea83ccf37278b38e386b91d0736946
49a9380a555eeeeaf2fffae112b6ae5dc652d880
94c45c0b4fa3f23ad9bc981119e42278abaf9c09cd1bde6faac3677a84f42937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4633
Cache-Control: max-age=166640
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:24:59 GMT
Etag: "63932922-116"
Expires: Sun, 11 Dec 2022 13:42:19 GMT
Last-Modified: Fri, 09 Dec 2022 12:25:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
tse4.mm.bing.net/th?id=OIP.wRKkXEpJbUEtPDML835IoAHaJl&pid=15.1
204.79.197.200200 OK 54 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.wRKkXEpJbUEtPDML835IoAHaJl&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Hash 2a3542cbf57cc0c865a8222ca57fbc6e
67a1a032e998696f0aaf27ad6a6845422cc668bd
2d24ebd978eecdb9294200367974b6457b98806a52ab3a90234c1b8bc95ed7fc
GET /th?id=OIP.wRKkXEpJbUEtPDML835IoAHaJl&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 53996
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A72A548EC14D4FDABAB8069171E7B6C5 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP._VkBvJR1s8FFAe_MvIM-tAHaDJ&pid=15.1
13.107.21.200200 OK 16 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP._VkBvJR1s8FFAe_MvIM-tAHaDJ&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x201, components 3\012- data
Hash 38fe4b0d441c2bab694a00c7227f5086
7956f3913c100f0e379657851beaba966e238141
d7e0e5fa42185755f61d85b8328e63d9c8481f280c0c47c2dd7d47e9c0b6e841
GET /th?id=OIP._VkBvJR1s8FFAe_MvIM-tAHaDJ&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 15766
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F91E6047650E4198976B8D26F2A3F93E Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.CMIF65wVu2w7OivjeW1sBQAAAA&pid=15.1
204.79.197.200200 OK 16 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.CMIF65wVu2w7OivjeW1sBQAAAA&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 352x198, components 3\012- data
Hash 513c80f50f0c17449e2860a11d32cf1b
05b3a199c6447847c15e76cb1b10b79764b19079
a66487cc409068af58df3c82a4712376cfd2e10a8e4da67df571f660767ef34f
GET /th?id=OIP.CMIF65wVu2w7OivjeW1sBQAAAA&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 15570
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB746221350D4BED80911A9FA255CEA8 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP._z8oVRqliYpiMQkPgFZ8BgHaJl&pid=15.1
13.107.21.200200 OK 58 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP._z8oVRqliYpiMQkPgFZ8BgHaJl&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Hash 9529c6872c02c69679e8503145b0a292
3d4ecae74ba38d1346d685207049fc53809acf5d
87cd807a7788e848060859f2adeae70ae06a65298a4a9ed708a4e2d4d448dc98
GET /th?id=OIP._z8oVRqliYpiMQkPgFZ8BgHaJl&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 58351
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 183749C03584496CA05C02422BEDB0C5 Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.Iv_5n51_mH8EtVE-eLqATwHaHa&pid=15.1
204.79.197.200200 OK 15 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.Iv_5n51_mH8EtVE-eLqATwHaHa&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash 622492ca0b31918658908565612d7688
9496b93f8da0cb9b774eb1c3fe1c1112510a952e
a5de0b21fc97df56e06801d37e119f87797d3bf140e2d150de1ac1fd29cf5aa2
GET /th?id=OIP.Iv_5n51_mH8EtVE-eLqATwHaHa&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 14786
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2064883A679242518937FE0674DD89A8 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.484UcAOASPbg8xgXANw-kgHaKz&pid=15.1
204.79.197.200200 OK 83 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.484UcAOASPbg8xgXANw-kgHaKz&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x691, components 3\012- data
Hash 239d1ced7c9a671429cf0ee6f48497c8
e0482cd0564c49fbd41adceb6d85a6806c453124
38b484ef79e3c76fb9ff64c4c72a646ea829ecb08a937bb3fab2e9130378d45b
GET /th?id=OIP.484UcAOASPbg8xgXANw-kgHaKz&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 82623
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40903F86AF5A4274AF85D9863AE01CBC Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.zsOk7Zn095ehLgLgk55UmAHaJl&pid=15.1
13.107.21.200200 OK 60 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.zsOk7Zn095ehLgLgk55UmAHaJl&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Hash 63bf6448929b74334f48209cb50ec875
70cdfa758b539f5ca0577001d5f9a0f4be04f8c9
1a3875c8686eb24ae65d23538523dc7e1f323d55f776436ff698275b334fb5c1
GET /th?id=OIP.zsOk7Zn095ehLgLgk55UmAHaJl&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 60513
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89477109D66B410E8A8C5789EE404A83 Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.TOiGAA8SKuE1vupNeYo5bAHaJl&pid=15.1
204.79.197.200200 OK 52 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.TOiGAA8SKuE1vupNeYo5bAHaJl&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x613, components 3\012- data
Hash 406898906d0de14998f73556de166565
6568b1d884f1a48425881b6bf2c337bd6dec043d
09ca14734e711275eacd84b8cfe48c7f604c4fb465e63cade7eba0c757ae9ecd
GET /th?id=OIP.TOiGAA8SKuE1vupNeYo5bAHaJl&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 51858
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80E6BE78E0B84BC4A3AF1901178C429D Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.RdnZf-b__7IQVLXyf38cLwHaEK&pid=15.1
13.107.21.200200 OK 34 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.RdnZf-b__7IQVLXyf38cLwHaEK&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3\012- data
Hash af7911f4c2beb3a51a18e068122125b3
543433148bcbff15941332f18111b2af5ca53090
324a2ce3e8c183d5a44f472617705cccbd063a8de6a4fff13e28b5cf83567ddc
GET /th?id=OIP.RdnZf-b__7IQVLXyf38cLwHaEK&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 34139
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64E050F21D3E450CBEF7B70EC968ACA3 Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.IxNCE6343_hLJ_UFaZw7gwHaEL&pid=15.1
204.79.197.200200 OK 16 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.IxNCE6343_hLJ_UFaZw7gwHaEL&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x267, components 3\012- data
Hash b25e0da74ebf99d39df96b33cf6b3f69
174126307939370de47e0aa44bded36db332c8ad
300c5f6ca2926081bd43b2e09abbef0ab467306d58802f00d152bd85ed79ed45
GET /th?id=OIP.IxNCE6343_hLJ_UFaZw7gwHaEL&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 16129
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD6C8F5DBF984B45B53C9E1485C66604 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.cPPqytGAJfhgMjsg-1gqtQHaFh&pid=15.1
13.107.21.200200 OK 35 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.cPPqytGAJfhgMjsg-1gqtQHaFh&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1\012- Linux rev -1991166685.8181 ext2 filesystem data (mounted or unclean), UUID=9f653ec4-b29f-dccf-ff00-5cdbf91a801f, volume name "\335\247\272\257\362\246\315w\017\2250\310\371\221\200\347\324b\241\0270\210\320dp\240u\035\206(\277\365`\366r\354J\247\237\306\253)\345\277\336o\347O[\210\311\037\375j\205$BO8\371\230\362=\351]\017\226KtX\317\013\376\374\177\372\020\256\317\303d\377" (needs journal recovery) (errors) (compressed) (extents) (64bit) (large files) (huge files)], baseline, precision 8, 474x353, components 3\012- data
Hash 3b73f7ca25f8bc8ac20af123d28d70dd
e35e25f2ecfe3199b1b08063c3b16d3c9ae1121c
9d28e0ef10eb845765f3b87c920c663d4f122d4e57f938b89eaf4f7d673705da
GET /th?id=OIP.cPPqytGAJfhgMjsg-1gqtQHaFh&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 34620
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3BCF41FA1FC41FEB37D747D3FCEC2F6 Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.tDBX5apcdBbYmpMm1uxZ8wHaHa&pid=15.1
204.79.197.200200 OK 41 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.tDBX5apcdBbYmpMm1uxZ8wHaHa&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x474, components 3\012- data
Hash ee019fd2a1544f12ddedb7894102f66b
d2f78b645620891510ce58691b3b38d1419c60ca
f415bb41b643a607c875ed56a47547694aa656a307f9ab52ee2881dde2418933
GET /th?id=OIP.tDBX5apcdBbYmpMm1uxZ8wHaHa&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 41421
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 40B04D54E9264960BFE11DB83AF57963 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse2.mm.bing.net/th?id=OIP.nQm3y2WVxPDjdCQjIwXIFQHaKt&pid=15.1
13.107.21.200404 Not Found 1.2 kB URL HTTP/2 tse2.mm.bing.net/th?id=OIP.nQm3y2WVxPDjdCQjIwXIFQHaKt&pid=15.1
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.nQm3y2WVxPDjdCQjIwXIFQHaKt&pid=15.1 HTTP/1.1
Host: tse2.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7C0B582117E40649D64D2B1F54D55C4 Ref B: OSL30EDGE0108 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:58 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.4zzIp650R5Wonf95AOcWHAHaKz&pid=15.1
204.79.197.200200 OK 92 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.4zzIp650R5Wonf95AOcWHAHaKz&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x691, components 3\012- data
Hash de943517e50c119c0710ef971e53586c
b7e3118915e662e9593fffc7daafc1b63fa983ab
80d40432a8437352a19263217f197b566c43c3d73f510fe88707195d2cc7c91d
GET /th?id=OIP.4zzIp650R5Wonf95AOcWHAHaKz&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 91790
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC51F1B249F649DB8731A710866C3147 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash afea83ccf37278b38e386b91d0736946
49a9380a555eeeeaf2fffae112b6ae5dc652d880
94c45c0b4fa3f23ad9bc981119e42278abaf9c09cd1bde6faac3677a84f42937
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6457
Cache-Control: max-age=168463
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:24:59 GMT
Etag: "63932922-116"
Expires: Sun, 11 Dec 2022 14:12:42 GMT
Last-Modified: Fri, 09 Dec 2022 12:25:06 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
tse4.mm.bing.net/th?id=OIP.-2_RZHZ9NZy0kTz3FH0K6AHaJ4&pid=15.1
204.79.197.200200 OK 77 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.-2_RZHZ9NZy0kTz3FH0K6AHaJ4&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x632, components 3\012- data
Hash 45897364808d69e472dc3a866bf68760
b67a9144fce4c47b9338687889ccf43b6492b94d
c65aa9bac21db6b059de467bc4e3c9e892edb53bb3652c19e357f1bab2db701f
GET /th?id=OIP.-2_RZHZ9NZy0kTz3FH0K6AHaJ4&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 77044
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1246DAD43DAB4F99B7E9EF2ADEE206F9 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.C5fkdLo6jfDYT1m_OMtTxgHaJl&pid=15.1
204.79.197.200404 Not Found 1.2 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.C5fkdLo6jfDYT1m_OMtTxgHaJl&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.C5fkdLo6jfDYT1m_OMtTxgHaJl&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6CA35F54B4144EB8B152ADD221820F2F Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash db646a11073ecbff7a4cdc7ce4ad345d
57f52db3271790ccb88c1e73c46f183dcfb76333
e3c1d64c817ac5f8d9b2ac6acacb046ec28a9b0b876396cca60652f9958d3c56
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "CF7533BD61223C1EA0E64FFD328E321E0AE60578"
Expires: Sat, 10 Dec 2022 02:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1132
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776ec0393a5db4ed-OSL
tse1.mm.bing.net/th?id=OIP.lJVHSN3zetDLIbyP77leTgHaJl&pid=15.1
204.79.197.200404 Not Found 1.2 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.lJVHSN3zetDLIbyP77leTgHaJl&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.lJVHSN3zetDLIbyP77leTgHaJl&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2496653A7D244349BE5008898BFF8278 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.35Ny4s8ePizZyIlCW6l53AHaLH&pid=15.1
204.79.197.200404 Not Found 1.2 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.35Ny4s8ePizZyIlCW6l53AHaLH&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.35Ny4s8ePizZyIlCW6l53AHaLH&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45194BD0D9224B549036F35F0708A4EC Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse1.mm.bing.net/th?id=OIP.zvwJ9p4WIkV-diEMd-lswAHaJl&pid=15.1
204.79.197.200404 Not Found 1.2 kB URL HTTP/2 tse1.mm.bing.net/th?id=OIP.zvwJ9p4WIkV-diEMd-lswAHaJl&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash f0f7d2c575a576fcbe5904900906e27a
2ae9765a166420936e89da8e3a0f4ca51919d1ce
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
GET /th?id=OIP.zvwJ9p4WIkV-diEMd-lswAHaJl&pid=15.1 HTTP/1.1
Host: tse1.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
pragma: no-cache
content-length: 1192
expires: -1
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 554A992B6E0245E384D2ED638BD77AF6 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.N1jUu9kOJhnEThfxTobL4QHaKz&pid=15.1
204.79.197.200200 OK 107 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.N1jUu9kOJhnEThfxTobL4QHaKz&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x691, components 3\012- data
Size 107 kB (106691 bytes)
Hash 99f4d10f52203ad6df602e2b8a767504
54eb8f1c69d282c450dd6d80f23d7dc221261838
15127273156b5e66f4ae4980ebb572e0ed3bc1c35942814eb042eada27e7e16c
GET /th?id=OIP.N1jUu9kOJhnEThfxTobL4QHaKz&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 106691
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 723025484E79485D93F8579CE62F308F Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.YnYaXqMikFkvI_iAV_tGZAHaKz&pid=15.1
204.79.197.200200 OK 91 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.YnYaXqMikFkvI_iAV_tGZAHaKz&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x691, components 3\012- data
Hash 47595d5032d66b478ddbafc5e24e46cb
6046bc52d5729f2ca96639f23ae77307dd890aa4
fb5c1fff4eba256215095c041f82d53d3ecc54abb280a8642436df31f0204af5
GET /th?id=OIP.YnYaXqMikFkvI_iAV_tGZAHaKz&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 91071
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 45B644F76D9C40CCA9F0FF22B4F4FE5C Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse4.mm.bing.net/th?id=OIP.MjhCEB27NLFtgDYI5RHHEAHaJF&pid=15.1
204.79.197.200200 OK 41 kB URL HTTP/2 tse4.mm.bing.net/th?id=OIP.MjhCEB27NLFtgDYI5RHHEAHaJF&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x581, components 3\012- data
Hash 1df1127973c6d43ee06d48ac82849627
bc359665c5fc054aba740fcab4251f45b40b2984
c22e66d3d27a2b5c16e9223e87ff6e1ba9a38ff8e49cce4b83bbc955c2d27bac
GET /th?id=OIP.MjhCEB27NLFtgDYI5RHHEAHaJF&pid=15.1 HTTP/1.1
Host: tse4.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 40733
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB36B89760BF439CA88BDEFA2F4CF4B9 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP._sEPQkO5oNsc-_NbP3HlhAHaJ4&pid=15.1
204.79.197.200200 OK 69 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP._sEPQkO5oNsc-_NbP3HlhAHaJ4&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x632, components 3\012- data
Hash 66fab93ae65d8d0b20116b33d54bc1b0
45dca324611be6969498528ac2694d8c860f96b4
37dd3ffa0b7384650109424697582f2e1524bece863bac570fb7eed3c2250483
GET /th?id=OIP._sEPQkO5oNsc-_NbP3HlhAHaJ4&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 69214
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 624EB5D50EC44478BBC974A91C08E2B9 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.MDNlob9pEU5aS8SmsQyTyQHaJ4&pid=15.1
204.79.197.200200 OK 64 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.MDNlob9pEU5aS8SmsQyTyQHaJ4&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x632, components 3\012- data
Hash 1488546d54dad4b4857ad1f3870c651e
08e3ceea75142e20815567765d4d519b9c12a8e0
ce422536b8b2199743c3877adadd6e344593caecb4022b605784e6055c52410e
GET /th?id=OIP.MDNlob9pEU5aS8SmsQyTyQHaJ4&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 64475
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF4CEE7AE6144F6DA86B5C0C860BA2EF Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.oD21tY7272bSLuxB0SnX3gHaEK&pid=15.1
204.79.197.200200 OK 31 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.oD21tY7272bSLuxB0SnX3gHaEK&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x266, components 3\012- data
Hash 26fab3c20875d7bed353d5d22fe6fe8b
a52be1b30233d6925eb63820864233a1dc6f2258
bc0c0f5b17f65c8a41a719473808ccb22ecca3f3b33b62b188cbca250fc0217f
GET /th?id=OIP.oD21tY7272bSLuxB0SnX3gHaEK&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 30913
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5723B9D71F1C4FCA8A1937EE72BC82CD Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.j1UUKw7GGdcV2gyT59r5swHaFj&pid=15.1
204.79.197.200200 OK 19 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.j1UUKw7GGdcV2gyT59r5swHaFj&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x355, components 3\012- data
Hash 0f18c86e18ecad52f9857548b182a5bd
a299c0d10cf0667fc34b5a8ffb9fe5de1f43e93b
d82ed5ac86576208bf7957f8192a69b67846804edd7d8fb8c22d97934bd9631e
GET /th?id=OIP.j1UUKw7GGdcV2gyT59r5swHaFj&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 19331
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 552297CB07CE4C7EAB169D96FC66BE37 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.sI_Z09Ob2bmmsPwksPVLiQAAAA&pid=15.1
204.79.197.200200 OK 24 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.sI_Z09Ob2bmmsPwksPVLiQAAAA&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 360x313, components 3\012- data
Hash 9ebe08b5cdd99b17c838a424506b0387
2d7b9083f29c0b3f35146d4836cefca509284d63
6c2bb0ab112fb4626f9585c8686212c9722edd47f55ed72a1342782f96dec8e1
GET /th?id=OIP.sI_Z09Ob2bmmsPwksPVLiQAAAA&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 24460
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3A11EC3D37940B89247AEB235F032EC Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 878b315c98fef45d851b7a8072baf176
fc6713e61cb22b5f3b00ef6e4a025bb6c4f5c1b1
3644aba93ceafe573ac27f3c1c6900a64ee4f5c950d310ba1934f42187f779e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:27:04 GMT
Expires: Tue, 13 Dec 2022 08:27:03 GMT
Etag: "fc6713e61cb22b5f3b00ef6e4a025bb6c4f5c1b1"
Cache-Control: max-age=319923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ec0384898b523-OSL
tse3.mm.bing.net/th?id=OIP.-tcpW4HH2tc8JjbjsdPsDAAAAA&pid=15.1
204.79.197.200200 OK 18 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.-tcpW4HH2tc8JjbjsdPsDAAAAA&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 187x250, components 3\012- data
Hash 9ff875df60163d6db476665530dabce6
585fe8ef0394396c75a74b7ecd844ec6853c2c55
eaa389e88f893a2652f2a2becf6f1ad582170e99a80bd18d674d16651cdaf9a2
GET /th?id=OIP.-tcpW4HH2tc8JjbjsdPsDAAAAA&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 18549
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69E231C9E5314A7AA36327A01ADE3459 Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
tse3.mm.bing.net/th?id=OIP.XoizJpAP1sYRTA0K-hP3gQHaK9&pid=15.1
204.79.197.200200 OK 34 kB URL HTTP/2 tse3.mm.bing.net/th?id=OIP.XoizJpAP1sYRTA0K-hP3gQHaK9&pid=15.1
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 474x701, components 3\012- data
Hash 6d52eb8d97aa72ab960e6b836a8cf5a1
6ab23ad72da6b1a1d996fd8d69c4795f0d6bc12a
e31b1395beab23aec05a6c687a247d0de2fd5df2a4755bcf0f84c93916f62f2e
GET /th?id=OIP.XoizJpAP1sYRTA0K-hP3gQHaK9&pid=15.1 HTTP/1.1
Host: tse3.mm.bing.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=1209600
content-length: 33603
content-type: image/jpeg
x-cache: TCP_MISS
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F41B8EC119434AEBB6E0E8D13A90EC4B Ref B: OSL30EDGE0307 Ref C: 2022-12-09T15:24:59Z
date: Fri, 09 Dec 2022 15:24:59 GMT
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads.js
185.94.236.244301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 878b315c98fef45d851b7a8072baf176
fc6713e61cb22b5f3b00ef6e4a025bb6c4f5c1b1
3644aba93ceafe573ac27f3c1c6900a64ee4f5c950d310ba1934f42187f779e7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:27:04 GMT
Expires: Tue, 13 Dec 2022 08:27:03 GMT
Etag: "fc6713e61cb22b5f3b00ef6e4a025bb6c4f5c1b1"
Cache-Control: max-age=319923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ec03999f5b523-OSL
poweredby.jads.co/js/jads2.js
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.244:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hotzxgirl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 14:33:13 GMT
age: 3106
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
stickerchapelsailing.com/94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 stickerchapelsailing.com/94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37125), with no line terminators
Hash 4e36adc09d86e346e9a7e294223489d8
9d6321f6b7be3d6c235964e6a8f9481cbd1bdc32
9f20034806a5c397ed129e7ff009a437e3c34331949fdabec9847592590a8cea
GET /94/d8/4a/94d84a91dc0925ebed6d851bcb980c2d.js HTTP/1.1
Host: stickerchapelsailing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef3ee8324a3e1b7990370e1eaad4e6c1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stickerchapelsailing.com/8c/27/97/8c27976295e8310807e01fcadbb1740b.js
192.243.61.227200 OK 21 kB URL HTTP/1.1 stickerchapelsailing.com/8c/27/97/8c27976295e8310807e01fcadbb1740b.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60212), with no line terminators
Hash 318728d1b2c724a1145bcd2cd58b4fee
405dbe651557874a351c6ecd6b45e9fd480421e6
6bca42c2e9ba748af95b00f242990b4bd3ab863f7499794a3325a37ec6999875
GET /8c/27/97/8c27976295e8310807e01fcadbb1740b.js HTTP/1.1
Host: stickerchapelsailing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:24:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 74db57e9db9368ba4344de22a32390ec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
addresseepaper.com/sfp.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:37 GMT
ETag: "638fbf09-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ksH1sTc9EjXCmWZup74uFSR+dkwy0KAqHyDjqCX5+b0zeGjsBDwHGeUXqHO1YTnGXNMqi9DZqRg/7nsDREvaAw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
friendshipmale.com/sfp.js
172.64.163.31200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.163.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 8f0745015a91296d2ee136812d3f47bc
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Fri, 09 Dec 2022 15:25:00 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57Ph4ad38Nq1kWcNVlmZFKgB2oUmyUOvZIHmR3i5nknoi3nEOCBnO3H6q%2FADq7jSFl%2B1vk%2BKA87WZSdIM3ZjSBVOOMB7jKrrowoxFe2UtAl412EMSaTkO97D%2F1GjYW6Ihj6nNpA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776ec03ba8f971fa-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5560
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:00 GMT
Last-Modified: Fri, 09 Dec 2022 13:52:20 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170032
Date: Fri, 09 Dec 2022 15:25:00 GMT
Etag: "6393389b-1d7"
Expires: Sun, 11 Dec 2022 14:38:52 GMT
Last-Modified: Fri, 09 Dec 2022 13:31:07 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oJZTXJ8LIdd4zN_81HNGqtkwJC6ez3bXfi8UXq-e3Rr5gpXpZEKoKg==
Age: 4066
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7a3b93489047f9ea14340f8606a4e869
6ed81d6bfa1507093680864ac2a93414473afcb2
ad23df78236e546d4650ec7b8b8f9094a4c927f0291c5f5ad86abfd997afae45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169904
Date: Fri, 09 Dec 2022 15:25:00 GMT
Etag: "6393389b-1d7"
Expires: Sun, 11 Dec 2022 14:36:44 GMT
Last-Modified: Fri, 09 Dec 2022 13:31:07 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: awse6hJUhrXI3FgBRn9HQi1lJO7eWjJFVpYYllZZovD9WAMB3FOmcQ==
Age: 3937
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash dbad38e60f4d9793e4527549c57853c2
e56ba86e58de84744b8fc8984369807eccc78a3b
de5c7e09740531d8e6c9c60ae2e321708c6573e8815a5ef9073d87fb3096bf48
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.hotzxgirl.com
access-control-allow-credentials: true
set-cookie: uid_id2=8ac436ab-45ed-45f3-9dfe-7038e91e478b:1:1; expires=Mon, 06 Dec 2032 15:25:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 48a97768fdbdf3898155f246ab0cee67
f128d1e2722b17cd1d5fb2c106aa5671ccb7a5bc
01b92e80affb506917af0e6a00b88afa12a4c36c15c536aca1ce11c627c843ef
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.hotzxgirl.com
access-control-allow-credentials: true
set-cookie: uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1; expires=Mon, 06 Dec 2032 15:25:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
trapexpansionmoss.com/pixel/purst?dl=0&th=0&sc=0&rs=1000&rd=1000&fd=681&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 trapexpansionmoss.com/pixel/purst?dl=0&th=0&sc=0&rs=1000&rd=1000&fd=681&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1000&rd=1000&fd=681&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: trapexpansionmoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
trapexpansionmoss.com/b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js
173.233.137.52200 OK 13 kB URL HTTP/1.1 trapexpansionmoss.com/b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (37118), with no line terminators
Hash a01b07a51000dc294c000af2226377ab
59e3082aeab9d6a6cf0c6b191b9e5a0bb427b437
b626aa229087009265a4f60ce2a66c0ac1ae52c884afe93cdb38afefa06286f6
Analyzer Verdict Alert quad9 Sinkholed
GET /b9/f9/86/b9f98659ea5c745f9b9b2995db1db8f1.js HTTP/1.1
Host: trapexpansionmoss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f136ba88367168aef3ad9bc4cb009e5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 48a97768fdbdf3898155f246ab0cee67
f128d1e2722b17cd1d5fb2c106aa5671ccb7a5bc
01b92e80affb506917af0e6a00b88afa12a4c36c15c536aca1ce11c627c843ef
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.hotzxgirl.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4adb3cca429ddd3395f3e1bdf9d0f600
5089dd182697ecc3248dff76614cf6b80b7f5466
518d4d15a44ae3b6c6d98a5a39ec7aaa5e35b124804b2d35870ee53377fca3b3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 00:04:30 GMT
Expires: Thu, 15 Dec 2022 00:04:29 GMT
Etag: "5089dd182697ecc3248dff76614cf6b80b7f5466"
Cache-Control: max-age=462568,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ec03d7e54b523-OSL
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1db24976b86d73510f55f22ac76d02e
Strict-Transport-Security: max-age=0; includeSubdomains
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6vQq2wXoGFqnwo2Og0Pneg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0x49DqxheGPskba/lTNqNebfQEY=
www.hotzxgirl.com/themes/images/ajax-loader.gif
172.67.208.97404 Not Found 30 kB URL HTTP/2 www.hotzxgirl.com/themes/images/ajax-loader.gif
IP 172.67.208.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 87cf1707455ba96461f64bb8deb97a45
85dc7c4997b6021efe83db63d5562d75ca3be0d8
09aa4ffe44a52fa38d832bc79750b2a52d45f2785266ac4169034d98e2c8c716
GET /themes/images/ajax-loader.gif HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hotzxgirl.com/themes/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 09 Dec 2022 15:24:59 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzU1jiAHH71BfTR1d1OKKyZTUK%2B79%2BwfLUW2L4ALAbx0BdEH1U12lrCIAqOlePlYqjL9CpaOgiIsMwMQ1jYI6xpa0Y8O1JN1qlptHVwlz5Y0bcyNSlKnZ6QABABuo889UYV%2B0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec039095fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://www.hotzxgirl.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:00 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.hotzxgirl.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776ec03eecc6b4f4-OSL
alt-svc: h2=":443"; ma=60
c.adsco.re/
104.17.166.186200 OK 27 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 27091608fe343429b32e8d14dfa45259
9ef9282b28ae0c0a98b455e27263ec65a8c9d53c
d2b83da35e055dcb4f3c0f2f99bb768f24979bf2e9658aec60537d60d675a5ca
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:00 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 09 Jan 2023 15:25:00 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 423014
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec03dcc94b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.5 kB URL HTTP/1.1 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash 2b153cb2287eac49566b32fce9c385f8
206074b038daff8bc66d86bca0c5ff35f9f72655
7398435bd3f0dae8206173dd66954ae029dc8787962d5f089bcb548f53409869
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
date: Fri, 09 Dec 2022 15:17:31 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 99128450
etag: W/"-375139978"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4547
x-iplb-request-id: 5B5A2A9A:74EE_2E69C9F0:0050_6393534C_37164:16EA9
x-iplb-instance: 40746
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67aeeea4084af1d2eb5fa2d08ff2c9a2
1444799553152505fd24039c0401c7abb3227f79
72ef9a63f23faebf88b87bce2c9af7205c4d8389840115363ed5c4cbd57b16dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72EF9A63F23FAEBF88B87BCE2C9AF7205C4D8389840115363ED5C4CBD57B16DD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13072
Expires: Fri, 09 Dec 2022 19:02:52 GMT
Date: Fri, 09 Dec 2022 15:25:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 182cd2e0c49ecb11b10f471755e0e1a1
f16559f5fe6f3ad5d4e414a9dbea27aa53187d97
c94c6172d375bc174b0dea4f1c0a4471b5934af2acb1b3b033037a364cfe7880
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C94C6172D375BC174B0DEA4F1C0A4471B5934AF2ACB1B3B033037A364CFE7880"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5629
Expires: Fri, 09 Dec 2022 16:58:50 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3ff49d31d8f6726ec6a9d75d60d5b6c
79743280f385b70a6fd5d8b31710b9a1d5e047e5
91012a151c327ce10bb22ceb7267662b284ceddf55fc6bfb2e73afab580723b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91012A151C327CE10BB22CEB7267662B284CEDDF55FC6BFB2E73AFAB580723B1"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10825
Expires: Fri, 09 Dec 2022 18:25:26 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
jmbp4so7spdh.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 jmbp4so7spdh.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jmbp4so7spdh.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 169 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 83b72750473cc40a7f185ae5bd286833
9cc8755f4b95786a488a83f8d7843ae3d61de124
1806841e51821274cdf23bf5e83574d2c1328efff655a03bd6446845d93923a9
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1953
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
s4.histats.com/stats/0.php?4476407&@f16&@g1&@h1&@i1&@j1670599499789&@k0&@l1&@mLara%20Croft%20The%20Phallic%20Tomb%20Reduxxx%20Ovidius%20Naso%20%7C%20Hot%20Sex%20Picture&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-190841615&@b3:1670599500&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.hotzxgirl.com%2Flara%2Flara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm&@w
149.56.240.130200 OK 53 B URL HTTP/1.1 s4.histats.com/stats/0.php?4476407&@f16&@g1&@h1&@i1&@j1670599499789&@k0&@l1&@mLara%20Croft%20The%20Phallic%20Tomb%20Reduxxx%20Ovidius%20Naso%20%7C%20Hot%20Sex%20Picture&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-190841615&@b3:1670599500&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.hotzxgirl.com%2Flara%2Flara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm&@w
IP 149.56.240.130:0
File type ASCII text, with no line terminators
Hash b52d53b8d95316de7476a00b31278d99
fb720ea09606cbcd0040071e1c3739d035c79f0d
9cdfc0efdb090c47a5ba34705eaabead22430c4b90a9dfe25f7ec604a6c60184
GET /stats/0.php?4476407&@f16&@g1&@h1&@i1&@j1670599499789&@k0&@l1&@mLara%20Croft%20The%20Phallic%20Tomb%20Reduxxx%20Ovidius%20Naso%20%7C%20Hot%20Sex%20Picture&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:-190841615&@b3:1670599500&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.hotzxgirl.com%2Flara%2Flara-croft-the-phallic-tomb-reduxxx-ovidius-naso.htm&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 53
Connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c0fc8680eba1a99e5020d3020864bfe
56b67f68924f8504bd7324fb8ab954be1a26db67
47f4d8aeb15dc4e73bffc5a751c591648d3b02bee4b823882f2132feeadbf546
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47F4D8AEB15DC4E73BFFC5A751C591648D3B02BEE4B823882F2132FEEADBF546"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2125
Expires: Fri, 09 Dec 2022 16:00:26 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
stealcalmgenus.com/sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d&uuid=8ac436ab-45ed-45f3-9dfe-7038e91e478b%3A1%3A1
173.233.137.44200 OK 4.4 kB URL HTTP/1.1 stealcalmgenus.com/sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d&uuid=8ac436ab-45ed-45f3-9dfe-7038e91e478b%3A1%3A1
IP 173.233.137.44:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6137), with no line terminators
Hash 0ce4e75e92197cae327928eac75f27a2
bf91b138756ae9cfc5349121e1ae7a45f5da10e5
026f90ffe3c36700856e6ea1549a05c95b356bde249facac957b80898853f975
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=94d84a91dc0925ebed6d851bcb980c2d&uuid=8ac436ab-45ed-45f3-9dfe-7038e91e478b%3A1%3A1 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.hotzxgirl.com
Access-Control-Allow-Origin: http://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17655633; expires=Sat, 10 Dec 2022 15:25:01 GMT; secure; SameSite=None
uid_id2=8ac436ab-45ed-45f3-9dfe-7038e91e478b:1:1; expires=Fri, 16 Dec 2022 15:25:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 15:25:01 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 15:25:01 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 10 Dec 2022 15:25:01 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 10 Dec 2022 15:25:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7443abd3e4eba9a41c14616bc8b8cc2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
intelligenceadx.com/xakvhw.php?_=BAYAY5NTTQFjk1NNgAGBAsAAILaBI6jQPPxDCvUYHaWhbPc2wmbwaJhslwGHGaFiUoknwQBGMEQCIBARfskiGRQ7-_ZtUmYPs-0sRjyjQAYPQHkmGPJH1yC5AiAwS7rIrixFcv8XcjQlR9ECsAu_0Od_RNzTP1jaM93YKQ&v=4&odijxcQM=4791666&minBid=&debrtCTs=0,0&OLlQCYVv=&OFDtrupw=&s=1280,1024,1,1280,1024,0
208.95.114.100200 OK 44 B URL HTTP/1.1 intelligenceadx.com/xakvhw.php?_=BAYAY5NTTQFjk1NNgAGBAsAAILaBI6jQPPxDCvUYHaWhbPc2wmbwaJhslwGHGaFiUoknwQBGMEQCIBARfskiGRQ7-_ZtUmYPs-0sRjyjQAYPQHkmGPJH1yC5AiAwS7rIrixFcv8XcjQlR9ECsAu_0Od_RNzTP1jaM93YKQ&v=4&odijxcQM=4791666&minBid=&debrtCTs=0,0&OLlQCYVv=&OFDtrupw=&s=1280,1024,1,1280,1024,0
IP 208.95.114.100:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /xakvhw.php?_=BAYAY5NTTQFjk1NNgAGBAsAAILaBI6jQPPxDCvUYHaWhbPc2wmbwaJhslwGHGaFiUoknwQBGMEQCIBARfskiGRQ7-_ZtUmYPs-0sRjyjQAYPQHkmGPJH1yC5AiAwS7rIrixFcv8XcjQlR9ECsAu_0Od_RNzTP1jaM93YKQ&v=4&odijxcQM=4791666&minBid=&debrtCTs=0,0&OLlQCYVv=&OFDtrupw=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 09 Dec 2022 15:25:01 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96ffc94704e14c0a43103e77a67ea03c
16ac34abeb5c091f06142488f557b2aea78f146f
8ebd242e747c1d7010394568b6bc785cab76888767ebf9dea4e86e1951999efc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EBD242E747C1D7010394568B6BC785CAB76888767EBF9DEA4E86E1951999EFC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20269
Expires: Fri, 09 Dec 2022 21:02:50 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
stealcalmgenus.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7pnunekEicYYCebLJJKr9dWz5VZ3tVXd07NzCgY0qMgELx57n9lkUeNHDh4FmfUiC%2BKOh7AH95S%2FQCFnmdmB1Req3rfqeQue53nro41yn%2Fgo6d6Vi2aotKbLUdNvvHhDZcJUrnHpeiPwm%2F6pxg2VrYSnGoPZZvsnAz9q%2Bi813pJ8zSy3%2FMD3Az9onFNWJmawPEeh8vtx0Iz9ZthqBlGIgf3v2ZUeHPUg%2BvvkBJSY%2Fm%2F11wdQfIIs%2FeGsdGuFyV95My01LYxFX2y9m61lpsqQHpaJ9ZBkW4tuGDcl5MsjMNnWQgFMf3OmAExNifcwAMu2FjTB%2BncPmDINmYGJ%2F6PqTyD1BIpOwM0tKLFLAC5w6TKy9N4lYyu6foDSGTolxx7%2FDVVNybE%2Fn0GWfndGq0HjmtFloUzmMEhqqMEEqjdBXm6jGHpQ1TZ48SGU%2BI0sP76ALN287LSBEnsvdCkP2yuULYWRFEthlLSXYpHIpY7f7so4kGGny%2BYWKTWBSibQcgTqPJSzpTyUiYcy95CKvQaN4sT3OwlL2u1uyDlvtzmPuisiEu2wm%2Fgo%2BUzDCEU%2BAtcjcHsTub2JNXVnNzoBW%2F4Mt1rDCQ%2BuIOiLGpUkqBxBRQkqRVAVBFW%2Fviu0a7n6ntCuZMEitxa5XY9N0dugd03RkxnZyPfJ0zPvvCd672BN7jXiUHRDGgeC%2B3ErkkyKFdGNAsZZ3PV5S8CpGsodmSsdqikhPz5CPssfvwZGt%2BH0Nrh6CrR8DrQad1o%2B6Oo47PoYZt%2Bm66umGOaKN7lJIUyNvDiGYt3b0Pvk2fkQY%2FYpJN85%2Ffv44fFX801wWyO3Nd5XvxD09O3xVVORzaumcuTB5bxQqRrS2YCvFbSQR79%2BW65XxorzZ93oq9f5DJiV969LV1ygmVBZz5FvzighpD1nLJfkp%2FPuhmRXSrd6prRZmV%2B48sa582lupXPKZBNQtfvek%2BBqSo5f9OZf9%2FnPXoayE9iyRlrukEVAmQl4fhMuP2TvDIHVhz0s91CV9di22OGlVlOyjJPQcuf09389%2BvyTD%2FZBWQ0n%2F%2FXwsN5wt9GzHmhxC1lao29r9HUNqkdw5dFxkdud03%2B05wGmvTHT1ttk2uo7B%2FY6tdeQUeIn0m9JlsQs6VBfxEkYMxoHssMiGqBwU%2F7FtYv%2FAAAA%2F%2F8BAAD%2F%2F%2BY2NGGWBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 stealcalmgenus.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7pnunekEicYYCebLJJKr9dWz5VZ3tVXd07NzCgY0qMgELx57n9lkUeNHDh4FmfUiC%2BKOh7AH95S%2FQCFnmdmB1Req3rfqeQue53nro41yn%2Fgo6d6Vi2aotKbLUdNvvHhDZcJUrnHpeiPwm%2F6pxg2VrYSnGoPZZvsnAz9q%2Bi813pJ8zSy3%2FMD3Az9onFNWJmawPEeh8vtx0Iz9ZthqBlGIgf3v2ZUeHPUg%2BvvkBJSY%2Fm%2F11wdQfIIs%2FeGsdGuFyV95My01LYxFX2y9m61lpsqQHpaJ9ZBkW4tuGDcl5MsjMNnWQgFMf3OmAExNifcwAMu2FjTB%2BncPmDINmYGJ%2F6PqTyD1BIpOwM0tKLFLAC5w6TKy9N4lYyu6foDSGTolxx7%2FDVVNybE%2Fn0GWfndGq0HjmtFloUzmMEhqqMEEqjdBXm6jGHpQ1TZ48SGU%2BI0sP76ALN287LSBEnsvdCkP2yuULYWRFEthlLSXYpHIpY7f7so4kGGny%2BYWKTWBSibQcgTqPJSzpTyUiYcy95CKvQaN4sT3OwlL2u1uyDlvtzmPuisiEu2wm%2Fgo%2BUzDCEU%2BAtcjcHsTub2JNXVnNzoBW%2F4Mt1rDCQ%2BuIOiLGpUkqBxBRQkqRVAVBFW%2Fviu0a7n6ntCuZMEitxa5XY9N0dugd03RkxnZyPfJ0zPvvCd672BN7jXiUHRDGgeC%2B3ErkkyKFdGNAsZZ3PV5S8CpGsodmSsdqikhPz5CPssfvwZGt%2BH0Nrh6CrR8DrQad1o%2B6Oo47PoYZt%2Bm66umGOaKN7lJIUyNvDiGYt3b0Pvk2fkQY%2FYpJN85%2Ffv44fFX801wWyO3Nd5XvxD09O3xVVORzaumcuTB5bxQqRrS2YCvFbSQR79%2BW65XxorzZ93oq9f5DJiV969LV1ygmVBZz5FvzighpD1nLJfkp%2FPuhmRXSrd6prRZmV%2B48sa582lupXPKZBNQtfvek%2BBqSo5f9OZf9%2FnPXoayE9iyRlrukEVAmQl4fhMuP2TvDIHVhz0s91CV9di22OGlVlOyjJPQcuf09389%2BvyTD%2FZBWQ0n%2F%2FXwsN5wt9GzHmhxC1lao29r9HUNqkdw5dFxkdud03%2B05wGmvTHT1ttk2uo7B%2FY6tdeQUeIn0m9JlsQs6VBfxEkYMxoHssMiGqBwU%2F7FtYv%2FAAAA%2F%2F8BAAD%2F%2F%2BY2NGGWBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7pnunekEicYYCebLJJKr9dWz5VZ3tVXd07NzCgY0qMgELx57n9lkUeNHDh4FmfUiC%2BKOh7AH95S%2FQCFnmdmB1Req3rfqeQue53nro41yn%2Fgo6d6Vi2aotKbLUdNvvHhDZcJUrnHpeiPwm%2F6pxg2VrYSnGoPZZvsnAz9q%2Bi813pJ8zSy3%2FMD3Az9onFNWJmawPEeh8vtx0Iz9ZthqBlGIgf3v2ZUeHPUg%2BvvkBJSY%2Fm%2F11wdQfIIs%2FeGsdGuFyV95My01LYxFX2y9m61lpsqQHpaJ9ZBkW4tuGDcl5MsjMNnWQgFMf3OmAExNifcwAMu2FjTB%2BncPmDINmYGJ%2F6PqTyD1BIpOwM0tKLFLAC5w6TKy9N4lYyu6foDSGTolxx7%2FDVVNybE%2Fn0GWfndGq0HjmtFloUzmMEhqqMEEqjdBXm6jGHpQ1TZ48SGU%2BI0sP76ALN287LSBEnsvdCkP2yuULYWRFEthlLSXYpHIpY7f7so4kGGny%2BYWKTWBSibQcgTqPJSzpTyUiYcy95CKvQaN4sT3OwlL2u1uyDlvtzmPuisiEu2wm%2Fgo%2BUzDCEU%2BAtcjcHsTub2JNXVnNzoBW%2F4Mt1rDCQ%2BuIOiLGpUkqBxBRQkqRVAVBFW%2Fviu0a7n6ntCuZMEitxa5XY9N0dugd03RkxnZyPfJ0zPvvCd672BN7jXiUHRDGgeC%2B3ErkkyKFdGNAsZZ3PV5S8CpGsodmSsdqikhPz5CPssfvwZGt%2BH0Nrh6CrR8DrQad1o%2B6Oo47PoYZt%2Bm66umGOaKN7lJIUyNvDiGYt3b0Pvk2fkQY%2FYpJN85%2Ffv44fFX801wWyO3Nd5XvxD09O3xVVORzaumcuTB5bxQqRrS2YCvFbSQR79%2BW65XxorzZ93oq9f5DJiV969LV1ygmVBZz5FvzighpD1nLJfkp%2FPuhmRXSrd6prRZmV%2B48sa582lupXPKZBNQtfvek%2BBqSo5f9OZf9%2FnPXoayE9iyRlrukEVAmQl4fhMuP2TvDIHVhz0s91CV9di22OGlVlOyjJPQcuf09389%2BvyTD%2FZBWQ0n%2F%2FXwsN5wt9GzHmhxC1lao29r9HUNqkdw5dFxkdud03%2B05wGmvTHT1ttk2uo7B%2FY6tdeQUeIn0m9JlsQs6VBfxEkYMxoHssMiGqBwU%2F7FtYv%2FAAAA%2F%2F8BAAD%2F%2F%2BY2NGGWBAAA HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=17655633; uid_id2=8ac436ab-45ed-45f3-9dfe-7038e91e478b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be0dd1e63fbd4c4388359d8d5013de88
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13993
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13993
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13993
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13993
Expires: Fri, 09 Dec 2022 19:18:14 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 63217
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 38326
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:33:36 GMT
age: 10285
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 29506
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 42395
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 29462
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ac6bb5ec410082735de861edb520b25
b06f6ea6673e2960489debb6bae693de841407ec
fbd9c5239531d5ffbc1cc788a87f98b91e7b05b4dacaffebce2ca7370215afe3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBD9C5239531D5FFBC1CC788A87F98B91E7B05B4DACAFFEBCE2CA7370215AFE3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15075
Expires: Fri, 09 Dec 2022 19:36:16 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ac6bb5ec410082735de861edb520b25
b06f6ea6673e2960489debb6bae693de841407ec
fbd9c5239531d5ffbc1cc788a87f98b91e7b05b4dacaffebce2ca7370215afe3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBD9C5239531D5FFBC1CC788A87F98B91E7B05B4DACAFFEBCE2CA7370215AFE3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15075
Expires: Fri, 09 Dec 2022 19:36:16 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Dec 2022 15:25:01 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
172.64.109.13200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
IP 172.64.109.13:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cecae5111d5ff932a996679215ad573
f4c63abb5dc373aba5bc144c3831d98516cc7cc9
31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:01 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2079242
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfM3Yi1KS7k31KaOVeJOPRRRkq3N2PXzWoNns5%2BXF%2BVOP95HPv5XqOBmlJweGPz%2BlDSmXpZ1GcGv2BrQlndmdqYEORMJKV10ubQcqW%2BnCm1lL0ErjrReuhau251fp42rC%2BRhEkBJ4CbV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec0463d548e2a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c8f51dc9f0403e9a4e798b49f977948
34ce92d502b92fd964f80d4c331cca9e42546954
ec4b08d6a0c6fd5733c3ceaf542b37eba10869511c0a782ece7c75bd74ee1084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC4B08D6A0C6FD5733C3CEAF542B37EBA10869511C0A782ECE7C75BD74EE1084"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13910
Expires: Fri, 09 Dec 2022 19:16:51 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
jmbp4so7spdh.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 jmbp4so7spdh.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jmbp4so7spdh.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/e7/33/99/e73399056a17623c4b9c85a9538f9fd8/1664934185.jpg
45.133.44.10200 OK 15 kB URL HTTP/2 cdn.cloudimagesb.com/si/e7/33/99/e73399056a17623c4b9c85a9538f9fd8/1664934185.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash e94418d9ad4063b97d4af54cfea9f745
56a4708f35311ac46b3606ecbeb379a002f0210b
77d68f1158394f7ed872ea024f9b3f532b66534f65d80d84ad9c62e6b22b01f4
GET /si/e7/33/99/e73399056a17623c4b9c85a9538f9fd8/1664934185.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:01 GMT
content-type: image/jpeg
content-length: 15134
server: nginx/1.17.6
last-modified: Wed, 05 Oct 2022 01:43:13 GMT
etag: "633ce131-3b1e"
expires: Sun, 11 Dec 2022 15:25:01 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ac6bb5ec410082735de861edb520b25
b06f6ea6673e2960489debb6bae693de841407ec
fbd9c5239531d5ffbc1cc788a87f98b91e7b05b4dacaffebce2ca7370215afe3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBD9C5239531D5FFBC1CC788A87F98B91E7B05B4DACAFFEBCE2CA7370215AFE3"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15075
Expires: Fri, 09 Dec 2022 19:36:16 GMT
Date: Fri, 09 Dec 2022 15:25:01 GMT
Connection: keep-alive
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=96
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=96
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe1%2F6f%2Fbb%2Fe16fbbe9f31c82c23d1d57f9726b5fc7%2F1654616215.html&l=1038&fd=96 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=365
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=365
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=365 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
172.64.109.13200 OK 1.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
IP 172.64.109.13:0
Hash 80be35c25e7018017f2de026d204ab30
a5130f4104d592db95b9801ade9af5b6a8ab386e
7609ff7af9f901cb40e36f00c53977d83d60627670562decf50b415143c74e6a
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:02 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nPAdyoneK6m1U5Fn0fMfavhwsU9ycwnX6u0HklYTEv%2FpPlMyaQ5yGcBHUASk6rFFMLCRTBfsRLEQaA5o6JkQFQt%2BvzDhjHc6qsXQMJttwvk2HwGwe384yMWiDma%2FZCDKlgzRJqjEYhw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec0462d498e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 21:13:27 GMT
Expires: Thu, 07 Dec 2023 21:13:27 GMT
Cache-Control: public, max-age=31536000
Age: 151895
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 03:37:29 GMT
Expires: Fri, 08 Dec 2023 03:37:29 GMT
Cache-Control: public, max-age=31536000
Age: 128853
Last-Modified: Wed, 11 May 2022 19:24:56 GMT
Content-Type: font/woff2
stealcalmgenus.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7unune4EicYYCebLJJKr1VXVs%2BVWd7VV3dOzcwoGNKjIBC8ee5%2FZZFHjRw4eBZn1IgvijoewB%2FeUv0AhZ5nZgdUXqt636nkLnud566ONap%2B4qOjelYt6KJWiy2Hbbb14Q%2BZc17Z16XrLc9vuqdYNma8Ep1qD2Wb6Jz03bLsvtd4SbE0vd1zPdT3Xa52TRqR6sDxHIYv7sdeO3XbQaXthgIH579lWDix1wPv75AQkn%2F5v9dcHkGyCPPvhrLBrpS5eeTOrFC21QZ9vvZuv5brOkR2WqXGQ5luLbmg7JeTLI9D51kIBdH9zpgCJnBLnoYck31rQRNK%2Fe8A0URA5Ev5%2F1P0JhJpA0gmYvgXJdwnAOC5dRp7du6RNTdcPUDpDp%2BTY478h6yk59uczyLPvzig5aF3Tqiqlzi0GaQM5mED2JiiqbZRDB7LeBis%2FhOS%2FkeXHF5Bnm5et0pB874WIssBfoclSEAq%2BFISpvxTzVCx1XT8SsSeCbpTMLZJyAplOoMQI1DqoZks6qFIHVeEg43stGsap63bTJPX9KGCM%2BT5jYbTCQ%2B4HUeqiYjMNI5TFCEyNwMxNFOYm1uSd3fAETPUz7GoDyx3YkqDPG9SCoLYENSWoJUFdEtT95i5XtmObe1zZKvEWubPIfjPWZW%2BD3tVlT%2BRko9gnT8%2B8c57ovYM1sdeKAx4FNPY4c%2BNOKBLBV3gUeglL4shlHQ4rG0h7ZK50KKeE%2FPgIxSx%2F%2FBoSug2rtsHkU6DVc6D1uNtxQVfHQeRimH%2Bbra%2FqclhI1mY6A9cNivIYynVnQ%2B2TZ%2BdDjJNPIdjO6d%2FHD4%2B%2FWmyCmQaFafC%2B%2FIWgp26Pr%2BqabF7VtSUPLhelzOSQzgZ8raSlOPr122K91oafP2tHX73OZsCsvH9d2PICzbnMe5Z8c0ZyLsw5bZggP523N0RypbKrZyqTV8WFK2%2BcO58VRlgrdT4BlbvvPQkmp%2BT4RWf%2BdZ%2F%2F7GVIM4GpGmTVDlkEpJ6AFTdhi0P2VhMYddiTFA7qqhmbTnJ4qeSULOMklNg5%2Ff1fjz7%2F5IN90KSBFf96eFhv2NvoGQe0vIU8a9A3DfqqAVUj2OrouCzMzuk%2F%2FHkgUc44UcbZTJRRdw7stXKvFXqBiJKoyzhPBONet%2BNHvut2OA%2B6sfBilHbKvrh28R8AAAD%2F%2FwEAAP%2F%2F8j66h5YEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 stealcalmgenus.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7unune4EicYYCebLJJKr1VXVs%2BVWd7VV3dOzcwoGNKjIBC8ee5%2FZZFHjRw4eBZn1IgvijoewB%2FeUv0AhZ5nZgdUXqt636nkLnud566ONap%2B4qOjelYt6KJWiy2Hbbb14Q%2BZc17Z16XrLc9vuqdYNma8Ep1qD2Wb6Jz03bLsvtd4SbE0vd1zPdT3Xa52TRqR6sDxHIYv7sdeO3XbQaXthgIH579lWDix1wPv75AQkn%2F5v9dcHkGyCPPvhrLBrpS5eeTOrFC21QZ9vvZuv5brOkR2WqXGQ5luLbmg7JeTLI9D51kIBdH9zpgCJnBLnoYck31rQRNK%2Fe8A0URA5Ev5%2F1P0JhJpA0gmYvgXJdwnAOC5dRp7du6RNTdcPUDpDp%2BTY478h6yk59uczyLPvzig5aF3Tqiqlzi0GaQM5mED2JiiqbZRDB7LeBis%2FhOS%2FkeXHF5Bnm5et0pB874WIssBfoclSEAq%2BFISpvxTzVCx1XT8SsSeCbpTMLZJyAplOoMQI1DqoZks6qFIHVeEg43stGsap63bTJPX9KGCM%2BT5jYbTCQ%2B4HUeqiYjMNI5TFCEyNwMxNFOYm1uSd3fAETPUz7GoDyx3YkqDPG9SCoLYENSWoJUFdEtT95i5XtmObe1zZKvEWubPIfjPWZW%2BD3tVlT%2BRko9gnT8%2B8c57ovYM1sdeKAx4FNPY4c%2BNOKBLBV3gUeglL4shlHQ4rG0h7ZK50KKeE%2FPgIxSx%2F%2FBoSug2rtsHkU6DVc6D1uNtxQVfHQeRimH%2Bbra%2FqclhI1mY6A9cNivIYynVnQ%2B2TZ%2BdDjJNPIdjO6d%2FHD4%2B%2FWmyCmQaFafC%2B%2FIWgp26Pr%2BqabF7VtSUPLhelzOSQzgZ8raSlOPr122K91oafP2tHX73OZsCsvH9d2PICzbnMe5Z8c0ZyLsw5bZggP523N0RypbKrZyqTV8WFK2%2BcO58VRlgrdT4BlbvvPQkmp%2BT4RWf%2BdZ%2F%2F7GVIM4GpGmTVDlkEpJ6AFTdhi0P2VhMYddiTFA7qqhmbTnJ4qeSULOMklNg5%2Ff1fjz7%2F5IN90KSBFf96eFhv2NvoGQe0vIU8a9A3DfqqAVUj2OrouCzMzuk%2F%2FHkgUc44UcbZTJRRdw7stXKvFXqBiJKoyzhPBONet%2BNHvut2OA%2B6sfBilHbKvrh28R8AAAD%2F%2FwEAAP%2F%2F8j66h5YEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvK75IeowYsHZQ4eVNzZ7unune4EicYYCebLJJKr1VXVs%2BVWd7VV3dOzcwoGNKjIBC8ee5%2FZZFHjRw4eBZn1IgvijoewB%2FeUv0AhZ5nZgdUXqt636nkLnud566ONap%2B4qOjelYt6KJWiy2Hbbb14Q%2BZc17Z16XrLc9vuqdYNma8Ep1qD2Wb6Jz03bLsvtd4SbE0vd1zPdT3Xa52TRqR6sDxHIYv7sdeO3XbQaXthgIH579lWDix1wPv75AQkn%2F5v9dcHkGyCPPvhrLBrpS5eeTOrFC21QZ9vvZuv5brOkR2WqXGQ5luLbmg7JeTLI9D51kIBdH9zpgCJnBLnoYck31rQRNK%2Fe8A0URA5Ev5%2F1P0JhJpA0gmYvgXJdwnAOC5dRp7du6RNTdcPUDpDp%2BTY478h6yk59uczyLPvzig5aF3Tqiqlzi0GaQM5mED2JiiqbZRDB7LeBis%2FhOS%2FkeXHF5Bnm5et0pB874WIssBfoclSEAq%2BFISpvxTzVCx1XT8SsSeCbpTMLZJyAplOoMQI1DqoZks6qFIHVeEg43stGsap63bTJPX9KGCM%2BT5jYbTCQ%2B4HUeqiYjMNI5TFCEyNwMxNFOYm1uSd3fAETPUz7GoDyx3YkqDPG9SCoLYENSWoJUFdEtT95i5XtmObe1zZKvEWubPIfjPWZW%2BD3tVlT%2BRko9gnT8%2B8c57ovYM1sdeKAx4FNPY4c%2BNOKBLBV3gUeglL4shlHQ4rG0h7ZK50KKeE%2FPgIxSx%2F%2FBoSug2rtsHkU6DVc6D1uNtxQVfHQeRimH%2Bbra%2FqclhI1mY6A9cNivIYynVnQ%2B2TZ%2BdDjJNPIdjO6d%2FHD4%2B%2FWmyCmQaFafC%2B%2FIWgp26Pr%2BqabF7VtSUPLhelzOSQzgZ8raSlOPr122K91oafP2tHX73OZsCsvH9d2PICzbnMe5Z8c0ZyLsw5bZggP523N0RypbKrZyqTV8WFK2%2BcO58VRlgrdT4BlbvvPQkmp%2BT4RWf%2BdZ%2F%2F7GVIM4GpGmTVDlkEpJ6AFTdhi0P2VhMYddiTFA7qqhmbTnJ4qeSULOMklNg5%2Ff1fjz7%2F5IN90KSBFf96eFhv2NvoGQe0vIU8a9A3DfqqAVUj2OrouCzMzuk%2F%2FHkgUc44UcbZTJRRdw7stXKvFXqBiJKoyzhPBONet%2BNHvut2OA%2B6sfBilHbKvrh28R8AAAD%2F%2FwEAAP%2F%2F8j66h5YEAAA%3D HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=17655633; uid_id2=8ac436ab-45ed-45f3-9dfe-7038e91e478b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:02 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d14495f19c2299982fc2c1539090ca1
Strict-Transport-Security: max-age=0; includeSubdomains
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=363
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=363
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=363 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
stealcalmgenus.com/pixel/sbs?c=1
173.233.137.44200 OK 0 B URL HTTP/1.1 stealcalmgenus.com/pixel/sbs?c=1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: stealcalmgenus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=17655633; uid_id2=8ac436ab-45ed-45f3-9dfe-7038e91e478b:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
poweredby.jads.co/adshow.php?adzone=936444
185.94.236.244200 OK 2.2 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=936444
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1589), with CRLF, LF line terminators
Hash d6d1577215f884a61c66290aa001a18c
58b6ce4b152a445aae056799c08db55ac452aaa6
96a155ec07d34f62de2d5afd85d122c75aa16565de5a202aa4cf11f202c6cdd5
GET /adshow.php?adzone=936444 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 15:25:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=f6ccb222df8c4b35c53cb3f4a70036e5; expires=Sat, 09-Dec-2023 15:25:00 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Mon, 12-Dec-2022 15:25:00 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 12-Dec-2022 15:25:00 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/1x1.gif
69.16.175.10200 OK 43 B IP 69.16.175.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://poweredby.jads.co/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:04 GMT
Connection: Keep-Alive
ETag: "1457030838"
Cache-Control: max-age=16625762
Content-Length: 43
Content-Type: image/gif
Last-Modified: Thu, 03 Mar 2016 18:47:18 GMT
Accept-Ranges: bytes
X-HW: 1670599504.dop068.sk1.t,1670599504.cds217.sk1.c
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
172.64.109.13200 OK 476 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
IP 172.64.109.13:0
Hash fd445330ddf64d155ddf39e0cc616112
9c4a4d6d70c70fb603967822e0baf7ece1646e3e
20e86a2ce517e205983f81338fa7a6793e48bff8857db7975a923d75677b67da
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:02 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImhlAw6pNbQpH%2F4po0Pk%2Fj2aoR1NkfD00nezJyS5%2FCr6FwHzOk5NglpglvnSsHL%2BN%2FOsxJ40ImATkecfoXbMbTIdg%2Bu5J9Gbzv3S3a7%2FxJgKHjUWVxhytPC4xZuf8TrfHg570MNuGIQy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec0462d3b8e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8bf9f4360e5107d9d00c5628eca774cf
de7ff87e3c063994abb2fccb1bd0ea2621d65f6f
67ab1f2097a0857ffeabde4ab8db3e996b2d5865cfa1efea139faa6941af6c70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2789
Cache-Control: max-age=137417
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:04 GMT
Etag: "6392be34-116"
Expires: Sun, 11 Dec 2022 05:35:21 GMT
Last-Modified: Fri, 09 Dec 2022 04:48:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
cams.gratis/banner/300x250.php?site=hotxgirl
172.64.172.5200 OK 913 B URL HTTP/2 cams.gratis/banner/300x250.php?site=hotxgirl
IP 172.64.172.5:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (743)
Hash 54fa125d0b0552d5a2a2baa9768e49a9
b78b9a873cbc0ca02aabc1e5d83e50a1feb41c45
9ccc92dd32c16125cfad849d56ef4a34db606303c0070c32678c04662ff9dde6
GET /banner/300x250.php?site=hotxgirl HTTP/1.1
Host: cams.gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8Zjg2gQIw8sPZiRICGMHNAY5QCSyGcT%2Bu9dlyfYEZykHbEJSJgqBcBzBXGCS%2FayJwvgm8ntueX78OQvsvOWzZ1IdLbvxOL9EyjVKJutFB05X4G7qCvKnCTVlx0i%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776ec0582f6b76af-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cams.gratis/banner/bg6.jpg
172.64.172.5200 OK 37 kB URL HTTP/2 cams.gratis/banner/bg6.jpg
IP 172.64.172.5:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 405x252, components 3\012- data
Hash 7ee983f81d742869a176e874651c7231
3072b7ce2833a2611d679374493a5533bd1bd32e
ab168995f8ac84c48b20c8850d35aa43723211710953253ce75c1811bbb0ecbc
GET /banner/bg6.jpg HTTP/1.1
Host: cams.gratis
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cams.gratis/banner/300x250.php?site=hotxgirl
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:04 GMT
content-type: image/jpeg
content-length: 37209
last-modified: Tue, 18 Oct 2022 10:44:50 GMT
cache-control: max-age=2592000
expires: Sun, 11 Dec 2022 08:46:35 GMT
cf-cache-status: HIT
age: 2443109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjNDaV9Bfh7diJoYfxBq72A09gZ786TLBsAtznAkIKcOob9oA5Cx4dTd6kdLfAOqXFfNGdWPQXM7SnAu%2FusBXc3%2BYPJGwVv4Z45j2iTOiJH3IjLJHXAKulDfrGYXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec0589fea76af-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash b8aa64ef7124298517bd46f3fdc58be7
30fe39ecc1d42d13ddc20e1cfd01343d1584f7d8
2884fccd43265f7043466341938a502883b59e1bce6947cf8065917a57be5b96
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:04 GMT
Last-Modified: Fri, 09 Dec 2022 13:35:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ea36c58fe5665fec6f0650735cc4b4a0
4a9669c33c85cde653ffa457ad793de60edc71f5
28841c21327e1b380fbf3a6defebd5920bad65fe29899ece61c60b4ba0e36a24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4903
Cache-Control: max-age=111107
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:04 GMT
Etag: "63924f2c-117"
Expires: Sat, 10 Dec 2022 22:16:51 GMT
Last-Modified: Thu, 08 Dec 2022 20:55:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
104.18.59.150302 Found 0 B URL HTTP/2 go.xlirdr.com/i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal
IP 104.18.59.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=banner2609start&creativeId=300x250&modelsCountry=&modelsLanguage=&sourceId=hotxgirl&tag=females&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&liveBadgeColor=%2324d7d7&showButton=1&showModelName=1&showTitle=0&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4&landing=WidgetV4Universal HTTP/1.1
Host: go.xlirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cams.gratis/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:25:04 GMT
content-length: 0
location: https://creative.xlirdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&buttonColor=&campaignId=banner2609start&creativeId=300x250&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=0&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=%2324d7d7&modelsCountry=&modelsLanguage=&showButton=1&showLiveBadge=1&showModelName=1&showTitle=0&sound=off&sourceId=hotxgirl&tag=females&targetDomain=&thumbSizeKey=small&trackOff=1&userId=b47aedc2c088e2f21e0cc23e0318384c557941461efdbc48212e7282df45f2f4
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28uukSkGJRy5UBr2St4i2aEH3UZ9Z622qg59LVVv4; SameSite=None; Secure; path=/; expires=Sat, 10-Dec-22 14:25:04 GMT; HttpOnly
server: cloudflare
cf-ray: 776ec058dbb2b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ea36c58fe5665fec6f0650735cc4b4a0
4a9669c33c85cde653ffa457ad793de60edc71f5
28841c21327e1b380fbf3a6defebd5920bad65fe29899ece61c60b4ba0e36a24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: max-age=112052
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:04 GMT
Etag: "63924f2c-117"
Expires: Sat, 10 Dec 2022 22:32:36 GMT
Last-Modified: Thu, 08 Dec 2022 20:55:08 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 79 kB IP 93.184.220.29:0
Hash 7f5e642074a6f1c26edc719e69ccadde
9298a9c636cba5c543befbefc70a1036a5ecb2db
f6b0161c2e3cada6b981d4a30dadc078e4b5eeb614aa99d8c429850726efdd22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6565
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:04 GMT
Last-Modified: Fri, 09 Dec 2022 13:35:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 588 B IP 93.184.220.29:0
Hash 65ac12b54d7ab901b85eb066b619791a
cfcbf3cc46f694f5f3ef34d71c93643f77460c55
385e6b5df3a70a7e6f473ef8ceb7ff93b0d07f4e5698a8f07270399a9c0d6bf9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6498
Cache-Control: max-age=133224
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Etag: "63929f57-117"
Expires: Sun, 11 Dec 2022 04:25:29 GMT
Last-Modified: Fri, 09 Dec 2022 02:37:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
video.ktkjmp.com/adsbygoogle.js
104.18.51.106200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.51.106:0
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlirdr.com/
Origin: https://creative.xlirdr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: lcNIxMaAofF7Fv+CenZmpGJJrSUFrD74EH/RfdAjL9Jhx1+3B0JyXF3qWYdsiZqTewxi/ePstns=
x-amz-request-id: 3YWB4S6N4MZ3W6PX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlirdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 4143
expires: Fri, 09 Dec 2022 19:25:05 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05abd96b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 27afdf24d8d9175d37f2e0e2e5f8e449
9268394aa7960ffef651dafd62104b79a2fc927e
53392936c7a8525a4ed093f18dc1f98ae8fa5bb48925c38a0f8f4ec9aae21f55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6498
Cache-Control: max-age=133224
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Etag: "63929f57-117"
Expires: Sun, 11 Dec 2022 04:25:29 GMT
Last-Modified: Fri, 09 Dec 2022 02:37:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
img.strpst.com/thumbs/1670598961/94957866
104.18.63.132200 OK 35 kB URL HTTP/2 img.strpst.com/thumbs/1670598961/94957866
IP 104.18.63.132:0
Hash 8e97a1c5eb9507ae2fb712ccce1c0d28
83d2d920c7247fa746b9c7f903885144c7922fdb
2cd7b4ba2fafad5f063ac2dd6000c3374237684525fd00cca7597459d86c242e
GET /thumbs/1670598961/94957866 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xlirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/jpeg
content-length: 34102
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=35860, status=webp_bigger
etag: "caa5697a7850ea8d6e02d22ec852cee5"
last-modified: Fri, 09 Dec 2022 15:15:43 GMT
cf-cache-status: HIT
age: 125
expires: Fri, 09 Dec 2022 15:26:05 GMT
cache-control: public, max-age=60
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05b4a3f0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a70fef258e0c3894d3f1428f9d24faee
7fb176688c884d5537ff4f05525036fd1e612bba
8178d389204ba51399abc6f9bce496d2092497257f4fabb96e32657931fb72ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8178D389204BA51399ABC6F9BCE496D2092497257F4FABB96E32657931FB72CA"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4813
Expires: Fri, 09 Dec 2022 16:45:18 GMT
Date: Fri, 09 Dec 2022 15:25:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f4a31f0dfbde7e0e86db5fd00390a30c
6871524c1c92148813fb18df5f2d071bb51eb92b
f43815d1b91eef87d1acaa748b57c40f72ba91929fa14d1c88458cc9d7478123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Last-Modified: Fri, 09 Dec 2022 13:48:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f4a31f0dfbde7e0e86db5fd00390a30c
6871524c1c92148813fb18df5f2d071bb51eb92b
f43815d1b91eef87d1acaa748b57c40f72ba91929fa14d1c88458cc9d7478123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3445
Cache-Control: max-age=111808
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Etag: "6392579c-13a"
Expires: Sat, 10 Dec 2022 22:28:33 GMT
Last-Modified: Thu, 08 Dec 2022 21:31:08 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f4a31f0dfbde7e0e86db5fd00390a30c
6871524c1c92148813fb18df5f2d071bb51eb92b
f43815d1b91eef87d1acaa748b57c40f72ba91929fa14d1c88458cc9d7478123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Last-Modified: Fri, 09 Dec 2022 13:48:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
roomimg.stream.highwebmedia.com/riw/miss_juliaa.jpg?1670599500
104.19.242.83200 OK 9.1 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/miss_juliaa.jpg?1670599500
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 02d2eb893693eabd1843d19e741a280f
fe6f1e24180ccec067458c915aa9405fd14eb00e
421d33828518976a31ac0f42c4f46edeffbd43da50f07bef6b5490132fd95849
GET /riw/miss_juliaa.jpg?1670599500 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/jpeg
content-length: 9117
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9146
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 18
last-modified: Fri, 09 Dec 2022 15:24:47 GMT
expires: Fri, 09 Dec 2022 15:25:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSoG3rkSrGMm54Jb8V64R52ISYXX%2F7sPqUKiAjVK2cHraFxR6N7hDT8kgGlfCR0D%2B0DpBfBRzxyBXJfgaWFsv%2Bxrtz%2FOENKJnfFgkchRM3O59UDJi2lMle0b4aP3h3rw9uw1qaK55Xehyp%2FW8rn6MZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=CZFPy7ABfRsl6eM3tEPRULlr5QhpEx1sOc9pplRCDw4-1670599505284-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bf92fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
104.16.93.42200 OK 549 B URL HTTP/2 static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
IP 104.16.93.42:0
File type PNG image data, 13 x 15, 8-bit colormap, non-interlaced\012- data
Hash 4437b02e2efeaa0eb69858a7eb957af6
2dfa9c3fa2fc56c7504c043876eaad9526abed62
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
GET /images/ico-cams.png?829027f88094 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
Cookie: _cfuvid=jCif9zc09V5037ebN4bmS8CVz5vLfKRMzDDtUq0WeYQ-1670599505245-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/png
content-length: 549
cache-control: public, max-age=2592000
cf-bgj: imgq:100,h2pri,csam-hash
cf-polished: origSize=1457
etag: "58ecd9d7af4908cce84eccd4cbd6f0d0"
last-modified: Tue, 19 Jan 2021 22:03:22 GMT
x-amz-id-2: uk+Y+mMt51OLA32rfvOrwKQRVhebnzwVD7WNGN89HYS/N/FIKgMltVMzadOcg1MyUuhiPycAlHk=
x-amz-meta-s3cmd-attrs: md5:58ecd9d7af4908cce84eccd4cbd6f0d0
x-amz-request-id: 2BDHEK7PHQPF17BP
cf-cache-status: HIT
age: 2198284
expires: Sun, 08 Jan 2023 15:25:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IklMwFl3KCxZ0PKweJJmgR3P1Ssr60mGqTr3%2FETUuFGe2adxQ3flKBmqJv0wN%2F5i%2BPwZAspihU5Dum%2BG1V8goZ4L8%2BJ7GMK%2FSLeGTPXvcKIfpkqCsvyhUlJIHnGm9pUaIvxY4KZ2e1UgHeIWUc%2FKag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05beb7cb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/_timeless_paradox.jpg?1670599500
104.19.242.83200 OK 12 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/_timeless_paradox.jpg?1670599500
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 217229314f1b7ce50dcec76392f72e77
becb4df94f43cb525b63bb5dff70e538f41679a6
2e6523ae94c676d077972d054c664cf75a1a03c28363b65c36ace16730e00c4d
GET /riw/_timeless_paradox.jpg?1670599500 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/jpeg
content-length: 12463
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=12518
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 16
last-modified: Fri, 09 Dec 2022 15:24:49 GMT
expires: Fri, 09 Dec 2022 15:25:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhOl0WhbzxXAEJtoLs1EopyaFHRGxZmF9WqIkTkpYPihiUqOjhaGVuwC8q95MOwuaOSL8gQfTwqyEynmOhmRuasjkCGKOzrqBe1HBnHpHghqsZVW2WJRBqkMFmi7%2BoZwDnBuQFSQy0KtTK%2Bz%2FuLR1zE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=CZFPy7ABfRsl6eM3tEPRULlr5QhpEx1sOc9pplRCDw4-1670599505284-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bf931b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
104.16.93.42200 OK 38 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
IP 104.16.93.42:0
File type ASCII text, with very long lines (24522), with no line terminators
Hash cb20e25855d32b66b4b4058b8f5c5334
89539cecb71d2ff1b70237896c78e7432746008c
3be2a20033aa021cb1d38b44ee2ea3a21fcdb9f53adc100f1d76eff995d54aaf
GET /CACHE/css/output.ef7436bc2788.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=29618
etag: W/"ade681e2fa92be6f93f43294ddc58941"
last-modified: Thu, 17 Nov 2022 16:34:23 GMT
x-amz-id-2: azvjfLhsZQz0cag4muV1nCoqw4kMQf5PSauhF7VXnYrO6hWxTMgQHmT8X4/+31fVT28kfu+Uu6Q=
x-amz-meta-s3cmd-attrs: md5:ade681e2fa92be6f93f43294ddc58941
x-amz-request-id: X33R15MJ639RYB32
cf-cache-status: HIT
age: 1896511
expires: Sun, 08 Jan 2023 15:25:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7N4FDmudv9Q%2F8gdLOzwtpoQcGkZY2c40XePcbbMdZb%2BBAKRQhqEYnJQGFOmIHZMcMMi4sdx%2ByLDW4%2B7OVdP0sChx5DzH0uRML%2BxT7iJIIHNRH8LJSg0WMhPruOXI5o1YxC7344S6e1E4mQGuvHxQzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=RKdunupRxUZQ2QRcyzNv2QmkcKZJCvC8GycPFoIalTY-1670599505242-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bbb47b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
104.16.93.42200 OK 33 kB URL HTTP/2 static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
IP 104.16.93.42:0
File type Web Open Font Format, TrueType, length 32960, version 1.0\012- data
Hash 30556905d926944a6ada140546bcf5ce
b9346ce355c8259d71707ab65c13e0629d01a48e
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d
GET /fonts/ubuntur-webfont.woff?896a82003cd1 HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://chaturbate.com
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: application/font-woff
content-length: 32960
x-amz-id-2: oQRN32iQRWNI2tD7F2N8drq+SpOONefvkFBuj6xfuUwNrtUzFxjUH3DLm/7IAXKOFQJxrDF3NDU=
x-amz-request-id: MA2EZ9YMX1DP219W
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Jan 2021 22:07:55 GMT
etag: "30556905d926944a6ada140546bcf5ce"
x-amz-meta-s3cmd-attrs: md5:30556905d926944a6ada140546bcf5ce
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2198286
expires: Sun, 08 Jan 2023 15:25:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLSVTGlDRuHbffEo%2BJvSkoPQrIwJU7lrYLHb%2BKj%2F2jFlTy0E9bhWwU6MoHOcKo%2Fu9rLKJJ8MiAdScEwzwVlnV54ouI9DQ%2FDM%2FfX1YxPABViKjKBWP6xiMecKVtGrUAAErvVLWuTnAUaEfQtIdsWuvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: _cfuvid=bbeiPskSMrHtZz9OiNTrctkq.Al3FMSwuFGMhJc1twI-1670599505291-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bfbb4b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/riw/sweet_ary.jpg?1670599500
104.19.242.83200 OK 16 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/sweet_ary.jpg?1670599500
IP 104.19.242.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Hash 98b9a0a6001b1776197d052eb47629cc
9a6916fbe235080b94e91119ec7205c0da84473f
96bad35f1e2119618dab00921605212abdcd1c3d8c1e3816ce48a9def6030412
GET /riw/sweet_ary.jpg?1670599500 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/jpeg
content-length: 16100
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=16337
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 5
last-modified: Fri, 09 Dec 2022 15:25:00 GMT
expires: Fri, 09 Dec 2022 15:25:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyyV0yJ4mYOy5o4iK11tTvo965Z6ymhMZCJjIuvGrspHty8zHz8OfQ5W%2B5WYBDWDhEeIjUNPFQo1RAIkU2jNXhCQiZWbxqHO5tWfo4vSkhTrM2yVhK2U7OpdpBK5oF1jVGkTPgCg6hyLZelJQVXxts0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=IbR.2ip5SFrwOOkc_4fOzm7b09HyP.iwGjMTc_KcOcs-1670599505307-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bf933b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash f4a31f0dfbde7e0e86db5fd00390a30c
6871524c1c92148813fb18df5f2d071bb51eb92b
f43815d1b91eef87d1acaa748b57c40f72ba91929fa14d1c88458cc9d7478123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Last-Modified: Fri, 09 Dec 2022 13:48:14 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 314
static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
104.16.93.42200 OK 2.8 kB URL HTTP/2 static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
IP 104.16.93.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (547)
Hash d4170d1cc7eb4abe93abe06877878df0
c276accecb11ffd77473d82b66605601cb6112a5
4c53c39622a947fa55448706d156e6380bb6329b5b52ab58a5038ec6ec2e0a9c
GET /images/ico-female.svg?818c9c4c368f HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
Cookie: _cfuvid=jCif9zc09V5037ebN4bmS8CVz5vLfKRMzDDtUq0WeYQ-1670599505245-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/svg+xml
x-amz-id-2: SJJrNwVRov8N2XC88Y79re1WW5F9HPkqgb23MKyJYfSKA/6A8G8zqZPx3mPabUpoYiIi2DaJyOo=
x-amz-request-id: B65B7C33MY399T80
last-modified: Tue, 09 Mar 2021 22:37:01 GMT
etag: W/"304b64c8f4b6c7e0c36c86b419151c45"
x-amz-meta-s3cmd-attrs: md5:304b64c8f4b6c7e0c36c86b419151c45
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 997816
expires: Sun, 08 Jan 2023 15:25:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwsr5JTKD9sxgi38s2ZKH29w9E8r%2FSvyOjdi4iVZFNozqq1qBYMbQYMdx8sL3GtFLJja2s7VsX%2F%2F4SvZoV4yxP22UN2O36LasK39ljJ8JaySGKF7JO2UUVfzLP8bYcWTyDYYiQNQeKcK%2BhrIZ1EK%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05beb79b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 14:41:08 GMT
expires: Fri, 09 Dec 2022 16:41:08 GMT
cache-control: public, max-age=7200
age: 2637
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.130.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 6694
x-timer: S1670599505.488035,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
newsbeunity.com/sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e%3A2%3A1
192.243.61.225200 OK 4.0 kB URL HTTP/1.1 newsbeunity.com/sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5855), with no line terminators
Hash d88c4aeeda2af62a4b3ae0b6d0d0269a
99f027b2e3e2fb09c305902f79a90d89bed5d604
5ff1100a69194314428dade6e03caaae7bad3d1e083adebad7df6d21f1dda970
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=b9f98659ea5c745f9b9b2995db1db8f1&uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e%3A2%3A1 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://www.hotzxgirl.com
Access-Control-Allow-Origin: http://www.hotzxgirl.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15252473; expires=Sat, 10 Dec 2022 15:25:05 GMT; secure; SameSite=None
uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1; expires=Fri, 16 Dec 2022 15:25:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 15:25:05 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 15:25:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 10 Dec 2022 15:25:05 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 10 Dec 2022 15:25:05 GMT; secure; SameSite=None
slecb9f98659ea5c745f9b9b2995db1db8f1=[3844146]; expires=Fri, 09 Dec 2022 15:25:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 34c54cbfb721b633cf9b48cf2bc53a88
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.130.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 5543
x-timer: S1670599506.525796,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.130.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 6660
x-timer: S1670599506.525820,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
151.101.130.137200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (17591)
Hash b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rOIosPuuEwyY2i5sNYqTXHwZXDs2re4AJB6+I1QFfF9D8vToAF8QBmtRttIasr2/YRes+1f0bv4=
x-amz-request-id: 9HYGKVEA32SEPK1W
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1485
x-timer: S1670599506.528974,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
151.101.130.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 7320
x-timer: S1670599506.529759,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.130.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 3713
x-timer: S1670599506.529746,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
js-agent.newrelic.com/0.2d6a2503-1220.js
151.101.130.137200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/0.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (5198)
Hash 852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: f1JzRiK4HoHej55UIxY8kufnlKMhSjW2G+Vtj2sq4OUFu6SREeWg9kZpjawiQxSTZPEfmKoLolg=
x-amz-request-id: XM6JN6V8R5PG7B8J
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 3609
x-timer: S1670599506.530199,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
151.101.130.137200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 3671
x-timer: S1670599506.530133,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
151.101.130.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 15:25:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 2088
x-timer: S1670599506.530544,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
newsbeunity.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudzS%2B%2FBhqIEBIFwgUFSJxv1%2FaevUkRCCEoIlxCLij1%2FFvfcLM7q5ldr89VRCSS0hEN5d7zXY4%2FAZGCCiGQTYNOihRTIBccDQUlElIQHbLPksVXzPe9703x3pv5aK84Jj4KOrv2rhkorel6WPdrr9xUqTClq23eqAV%2B3T9Xu6nSjda5Wn9%2B2N7ZwA%2Fr%2Fqu1tyXfMesNP%2FD9wA9ql5SVsemvL1io7EEU1CO%2F3mrUg7CFvv0vdoUHRz2I3jE5AyWm%2F9%2F%2B6SEUHyNNvr4o3U5ustfeSgpNc2PRE4fvpzupKVMkqzG2HuL0cHkbxk0J%2BeQUTHq4dADT2587AFNT4v0SgKWHS5lgvYMTpUxDpmDiaZS9MaQeQ9ExuLkNJR4TgAtsXkWa3N80tqS7Jyyds1Ny%2BslfUOWUnP71OaTJVxe06te2jC5yZVKHflxB9cdQ3TGyYoJ84EGVE%2FD8QyjxiKw%2FuYI02b%2FqtIESs5dZ1JIbTd5ZawatYK3VlGytQ9uNtQ0%2FpDKSVDQ7chGRUmOoeAwth6DuFArnoVAeithDkXlIxKxGwyj2%2FXbM4maz0%2BKcN5uch50NEYpmqxP7KPjcwxB5NgTXQ3B7C5m9hR1173F4Brb4AW67ghMeXE7QExVKSVA6gpISlIqgzAnKXnUgtGu46r7QrmDBsjeWvVmNTN7dowcm78qU7GXH5NlFdn98%2Bw925KzGojjqbISRpCFvt8I4YhFrRFEoWCBYJw7gVAXlToE6DwM1JeSb35HN%2B53XwegETk%2FA1TOgxYug5ajd8EG3R62Oj0H6ZbK7bfJBpnidmwTCVMjy08h3vT19TF5YCDn7aQOSH5FlgdsKma3wgfqRoKvvjq6bkuxfN6UjD69muUrUgM4feCunufQ%2Bf0fulsaKyxfd8LM3%2BJyYjw9uSJdfoalQadeRLy4oIaS9ZCyX5LvL7qZk1wq3faGwaZFdufbmpctJZqVzyqRj0Lm3e7%2BBqyl5CvHi876kNqHsGLaokBQrrcpMwLNbcNlq5wyB1SvMMg9lUY1sg62WWhFoucKUVXDy6Pxk6%2B9Hs%2BfvgMmj7%2F884fbcXXStB5rfRppU6NkKPV2B6iFc8b9Rntmj8z83FwWmvRHT1ttn2up7J%2BE6NavJMPZj6TckiyMWt6kvorgVMRoFss1CGiB3U%2F7x1nv%2FAgAA%2F%2F8BAAD%2F%2F5vz9%2FKUBAAA
192.243.61.225200 OK 7 B URL HTTP/1.1 newsbeunity.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudzS%2B%2FBhqIEBIFwgUFSJxv1%2FaevUkRCCEoIlxCLij1%2FFvfcLM7q5ldr89VRCSS0hEN5d7zXY4%2FAZGCCiGQTYNOihRTIBccDQUlElIQHbLPksVXzPe9703x3pv5aK84Jj4KOrv2rhkorel6WPdrr9xUqTClq23eqAV%2B3T9Xu6nSjda5Wn9%2B2N7ZwA%2Fr%2Fqu1tyXfMesNP%2FD9wA9ql5SVsemvL1io7EEU1CO%2F3mrUg7CFvv0vdoUHRz2I3jE5AyWm%2F9%2F%2B6SEUHyNNvr4o3U5ustfeSgpNc2PRE4fvpzupKVMkqzG2HuL0cHkbxk0J%2BeQUTHq4dADT2587AFNT4v0SgKWHS5lgvYMTpUxDpmDiaZS9MaQeQ9ExuLkNJR4TgAtsXkWa3N80tqS7Jyyds1Ny%2BslfUOWUnP71OaTJVxe06te2jC5yZVKHflxB9cdQ3TGyYoJ84EGVE%2FD8QyjxiKw%2FuYI02b%2FqtIESs5dZ1JIbTd5ZawatYK3VlGytQ9uNtQ0%2FpDKSVDQ7chGRUmOoeAwth6DuFArnoVAeithDkXlIxKxGwyj2%2FXbM4maz0%2BKcN5uch50NEYpmqxP7KPjcwxB5NgTXQ3B7C5m9hR1173F4Brb4AW67ghMeXE7QExVKSVA6gpISlIqgzAnKXnUgtGu46r7QrmDBsjeWvVmNTN7dowcm78qU7GXH5NlFdn98%2Bw925KzGojjqbISRpCFvt8I4YhFrRFEoWCBYJw7gVAXlToE6DwM1JeSb35HN%2B53XwegETk%2FA1TOgxYug5ajd8EG3R62Oj0H6ZbK7bfJBpnidmwTCVMjy08h3vT19TF5YCDn7aQOSH5FlgdsKma3wgfqRoKvvjq6bkuxfN6UjD69muUrUgM4feCunufQ%2Bf0fulsaKyxfd8LM3%2BJyYjw9uSJdfoalQadeRLy4oIaS9ZCyX5LvL7qZk1wq3faGwaZFdufbmpctJZqVzyqRj0Lm3e7%2BBqyl5CvHi876kNqHsGLaokBQrrcpMwLNbcNlq5wyB1SvMMg9lUY1sg62WWhFoucKUVXDy6Pxk6%2B9Hs%2BfvgMmj7%2F884fbcXXStB5rfRppU6NkKPV2B6iFc8b9Rntmj8z83FwWmvRHT1ttn2up7J%2BE6NavJMPZj6TckiyMWt6kvorgVMRoFss1CGiB3U%2F7x1nv%2FAgAA%2F%2F8BAAD%2F%2F5vz9%2FKUBAAA
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP4wbxRudzS%2B%2FBhqIEBIFwgUFSJxv1%2FaevUkRCCEoIlxCLij1%2FFvfcLM7q5ldr89VRCSS0hEN5d7zXY4%2FAZGCCiGQTYNOihRTIBccDQUlElIQHbLPksVXzPe9703x3pv5aK84Jj4KOrv2rhkorel6WPdrr9xUqTClq23eqAV%2B3T9Xu6nSjda5Wn9%2B2N7ZwA%2Fr%2Fqu1tyXfMesNP%2FD9wA9ql5SVsemvL1io7EEU1CO%2F3mrUg7CFvv0vdoUHRz2I3jE5AyWm%2F9%2F%2B6SEUHyNNvr4o3U5ustfeSgpNc2PRE4fvpzupKVMkqzG2HuL0cHkbxk0J%2BeQUTHq4dADT2587AFNT4v0SgKWHS5lgvYMTpUxDpmDiaZS9MaQeQ9ExuLkNJR4TgAtsXkWa3N80tqS7Jyyds1Ny%2BslfUOWUnP71OaTJVxe06te2jC5yZVKHflxB9cdQ3TGyYoJ84EGVE%2FD8QyjxiKw%2FuYI02b%2FqtIESs5dZ1JIbTd5ZawatYK3VlGytQ9uNtQ0%2FpDKSVDQ7chGRUmOoeAwth6DuFArnoVAeithDkXlIxKxGwyj2%2FXbM4maz0%2BKcN5uch50NEYpmqxP7KPjcwxB5NgTXQ3B7C5m9hR1173F4Brb4AW67ghMeXE7QExVKSVA6gpISlIqgzAnKXnUgtGu46r7QrmDBsjeWvVmNTN7dowcm78qU7GXH5NlFdn98%2Bw925KzGojjqbISRpCFvt8I4YhFrRFEoWCBYJw7gVAXlToE6DwM1JeSb35HN%2B53XwegETk%2FA1TOgxYug5ajd8EG3R62Oj0H6ZbK7bfJBpnidmwTCVMjy08h3vT19TF5YCDn7aQOSH5FlgdsKma3wgfqRoKvvjq6bkuxfN6UjD69muUrUgM4feCunufQ%2Bf0fulsaKyxfd8LM3%2BJyYjw9uSJdfoalQadeRLy4oIaS9ZCyX5LvL7qZk1wq3faGwaZFdufbmpctJZqVzyqRj0Lm3e7%2BBqyl5CvHi876kNqHsGLaokBQrrcpMwLNbcNlq5wyB1SvMMg9lUY1sg62WWhFoucKUVXDy6Pxk6%2B9Hs%2BfvgMmj7%2F884fbcXXStB5rfRppU6NkKPV2B6iFc8b9Rntmj8z83FwWmvRHT1ttn2up7J%2BE6NavJMPZj6TckiyMWt6kvorgVMRoFss1CGiB3U%2F7x1nv%2FAgAA%2F%2F8BAAD%2F%2F5vz9%2FKUBAAA HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb9f98659ea5c745f9b9b2995db1db8f1=[3844146]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 06dd4c533cbfede7ac0a0d9a3f3d13d5
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png
45.133.44.10200 OK 70 kB URL HTTP/2 cdn.cloudimagesb.com/si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash eafe1a0bfd2db8c1aa79136e4826d19e
1d67e0efb736dfd011ae8cb71440e2301a97dc4e
2bc894548ddaf6375cbd7a7f604d3b27a5b8971a5768d68ac7b6c5ed64d7a3c8
GET /si/d1/90/26/d190268dee103ee1f2ce0c8843373c8c/1669910386.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: image/png
content-length: 69836
server: nginx/1.17.6
last-modified: Thu, 01 Dec 2022 15:59:54 GMT
etag: "6388cf7a-110cc"
expires: Sun, 11 Dec 2022 15:25:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
bam.nr-data.net/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=884&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=24&be=456&fe=261&dc=117&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599503742,%22n%22:0,%22r%22:0,%22re%22:227,%22f%22:227,%22dn%22:227,%22dne%22:227,%22c%22:227,%22s%22:227,%22ce%22:227,%22rq%22:228,%22rp%22:409,%22rpe%22:414,%22dl%22:428,%22di%22:572,%22ds%22:572,%22de%22:577,%22dc%22:716,%22l%22:716,%22le%22:721%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=584&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVAhdB1tTBlcADRh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pUAABcUgBaGABUWAEUVVsBAU5eDQNYHFVQD1VaVAAGAA0BDBNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=884&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=24&be=456&fe=261&dc=117&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599503742,%22n%22:0,%22r%22:0,%22re%22:227,%22f%22:227,%22dn%22:227,%22dne%22:227,%22c%22:227,%22s%22:227,%22ce%22:227,%22rq%22:228,%22rp%22:409,%22rpe%22:414,%22dl%22:428,%22di%22:572,%22ds%22:572,%22de%22:577,%22dc%22:716,%22l%22:716,%22le%22:721%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=584&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVAhdB1tTBlcADRh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pUAABcUgBaGABUWAEUVVsBAU5eDQNYHFVQD1VaVAAGAA0BDBNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=884&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=24&be=456&fe=261&dc=117&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599503742,%22n%22:0,%22r%22:0,%22re%22:227,%22f%22:227,%22dn%22:227,%22dne%22:227,%22c%22:227,%22s%22:227,%22ce%22:227,%22rq%22:228,%22rp%22:409,%22rpe%22:414,%22dl%22:428,%22di%22:572,%22ds%22:572,%22de%22:577,%22dc%22:716,%22l%22:716,%22le%22:721%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=584&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVAhdB1tTBlcADRh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbE1pUAABcUgBaGABUWAEUVVsBAU5eDQNYHFVQD1VaVAAGAA0BDBNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 776ec05e4a160b61-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=48
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=48
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fe6%2Fd7%2F97%2Fe6d797a3a7be0e7ec1877d1b33146dfa%2F1657714258.html&l=1190&fd=48 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.109.13200 OK 4.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.109.13:0
Hash 3674a1cb86daab116b5846fd66b927bd
67879f775f61d0ee60c4e603e1c26c356e50fa30
110f259337068c4c1543bdf6c90cc8f59f3cd9895a83c3c4171f988af2d3e070
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg%2BMXnVmNqYmUPZAGsqMvKOhVxYso5fa0rV2goJ3g4Pfgk8X6jbPhegv911OomMT6PKXbAPxDyr2nDStrkLnssWLq%2BVIVrirdmBeW8vOO9Ws7jAZxfELi%2BRa%2Bzkg3EBE6RG5HowMgOI9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05e2e758e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=163
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=163
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fstyle.css&l=4649&fd=163 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1098&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1098&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1098&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1775
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:05 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 776ec05f5b430b61-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 21:12:42 GMT
Expires: Thu, 07 Dec 2023 21:12:42 GMT
Cache-Control: public, max-age=31536000
Age: 151944
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
newsbeunity.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS%2B%2FBhqIEBIF4goKkPB593bXt5sUgRCCIoIT4qDU82%2FtwbM7q5ndW9tVRCSS0hEN5fqdHfMnIFJQIQQ60yBLkXIUyAWmoaBEQgqiQ3c%2B6cRXzPe9703x3pv5aKc%2BJj5qenTtXbOltKaLcdfvvHJTFcI0rrN8oxP4Xf9c56YqlqJznY3JYQdnAz%2Fu%2Bq923pZ83Sz2%2FMD3Az%2FoXFJWZmZjccpClQ%2FSoJv63ajXDeIIG%2Fa%2F2NUeHPUgBsfkDJQY%2F3%2Ftp4dQfIQi%2F%2FqidOuVKV97K681rYzFQOy%2FX6wXpimQz8fMesiK%2FdltGDcm5JNTMMX%2BzAHMYHfiAEyNifdLAFbsz2SCDfZOlDINWYCJp9EMRpB6BEVH4OY2lHhMAC6wfBVFfn%2FZ2IZunrB0wo7J6Sd%2FQTVjcvrX51DkX13QaqOzYnRdKVM4bGQt1MYIanWEsj5AteVBNQfg1YdQ4hFZfHIFRb571WkDJY5eZmkkl0KeLIRBFCxEoWQLCe33Fpb8mMpUUhEmchqRUiOobAQtt0HdKdTOQ6081JmHuvSQi6MOjdPM9%2FsZy8IwiTjnYch5nCyJWIRRkvmo%2BcTDNqpyG1xvg9tbKO0trKt7j%2BMzsPUPcGstnPDgKoKBaNFIgsYRNJSgUQRNRdAM2j2hXc%2B194V2NQtmvTfrYTs01eoO3TPVqizITnlMnp1m98e3%2F2BdHnVYmqXJUpxKGvN%2BFGcpS1kvTWPBAsGSLIBTLZQ7Beo8bKkxId%2F8jnLS77wORg%2Fg9AG4ega0fhG0GfZ7PujaMEp8bBVf5ptrptoqFe9yk0OYFmV1GtWmt6OPyQtTIWc%2F7UHyQzIrcNuitC0%2BUD8SrOq7w%2BumIbvXTePIw6tlpXK1RScPvFLRSnqfvyM3G2PF5Ytu%2B7M3%2BISYjA9uSFddoYVQxaojX1xQQkh7yVguyXeX3U3JrtVu7UJti7q8cu3NS5fz0krnlClGoBNv934DV2PyFLLp531JLUPZEWzdIq%2FnWpU5AC9vwZXznTMEVs8xKz00dTu0PTZfakWg5RxT1sLJw%2FMHK38%2FOnr%2BDpg8%2FP7PE27H3cWq9UCr2yjyFgPbYqBbUL0NV%2F9vWJX28PzP4bTAtDdk2nq7TFt97yRcp446cRDJhCV9LgSTXAT9XpiEvt8TIuqnMkhRuTH%2FeOW9fwEAAP%2F%2FAQAA%2F%2F%2BP%2B3kUlAQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 newsbeunity.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS%2B%2FBhqIEBIF4goKkPB593bXt5sUgRCCIoIT4qDU82%2FtwbM7q5ndW9tVRCSS0hEN5fqdHfMnIFJQIQQ60yBLkXIUyAWmoaBEQgqiQ3c%2B6cRXzPe9703x3pv5aKc%2BJj5qenTtXbOltKaLcdfvvHJTFcI0rrN8oxP4Xf9c56YqlqJznY3JYQdnAz%2Fu%2Bq923pZ83Sz2%2FMD3Az%2FoXFJWZmZjccpClQ%2FSoJv63ajXDeIIG%2Fa%2F2NUeHPUgBsfkDJQY%2F3%2Ftp4dQfIQi%2F%2FqidOuVKV97K681rYzFQOy%2FX6wXpimQz8fMesiK%2FdltGDcm5JNTMMX%2BzAHMYHfiAEyNifdLAFbsz2SCDfZOlDINWYCJp9EMRpB6BEVH4OY2lHhMAC6wfBVFfn%2FZ2IZunrB0wo7J6Sd%2FQTVjcvrX51DkX13QaqOzYnRdKVM4bGQt1MYIanWEsj5AteVBNQfg1YdQ4hFZfHIFRb571WkDJY5eZmkkl0KeLIRBFCxEoWQLCe33Fpb8mMpUUhEmchqRUiOobAQtt0HdKdTOQ6081JmHuvSQi6MOjdPM9%2FsZy8IwiTjnYch5nCyJWIRRkvmo%2BcTDNqpyG1xvg9tbKO0trKt7j%2BMzsPUPcGstnPDgKoKBaNFIgsYRNJSgUQRNRdAM2j2hXc%2B194V2NQtmvTfrYTs01eoO3TPVqizITnlMnp1m98e3%2F2BdHnVYmqXJUpxKGvN%2BFGcpS1kvTWPBAsGSLIBTLZQ7Beo8bKkxId%2F8jnLS77wORg%2Fg9AG4ega0fhG0GfZ7PujaMEp8bBVf5ptrptoqFe9yk0OYFmV1GtWmt6OPyQtTIWc%2F7UHyQzIrcNuitC0%2BUD8SrOq7w%2BumIbvXTePIw6tlpXK1RScPvFLRSnqfvyM3G2PF5Ytu%2B7M3%2BISYjA9uSFddoYVQxaojX1xQQkh7yVguyXeX3U3JrtVu7UJti7q8cu3NS5fz0krnlClGoBNv934DV2PyFLLp531JLUPZEWzdIq%2FnWpU5AC9vwZXznTMEVs8xKz00dTu0PTZfakWg5RxT1sLJw%2FMHK38%2FOnr%2BDpg8%2FP7PE27H3cWq9UCr2yjyFgPbYqBbUL0NV%2F9vWJX28PzP4bTAtDdk2nq7TFt97yRcp446cRDJhCV9LgSTXAT9XpiEvt8TIuqnMkhRuTH%2FeOW9fwEAAP%2F%2FAQAA%2F%2F%2BP%2B3kUlAQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRudzS%2B%2FBhqIEBIF4goKkPB593bXt5sUgRCCIoIT4qDU82%2FtwbM7q5ndW9tVRCSS0hEN5fqdHfMnIFJQIQQ60yBLkXIUyAWmoaBEQgqiQ3c%2B6cRXzPe9703x3pv5aKc%2BJj5qenTtXbOltKaLcdfvvHJTFcI0rrN8oxP4Xf9c56YqlqJznY3JYQdnAz%2Fu%2Bq923pZ83Sz2%2FMD3Az%2FoXFJWZmZjccpClQ%2FSoJv63ajXDeIIG%2Fa%2F2NUeHPUgBsfkDJQY%2F3%2Ftp4dQfIQi%2F%2FqidOuVKV97K681rYzFQOy%2FX6wXpimQz8fMesiK%2FdltGDcm5JNTMMX%2BzAHMYHfiAEyNifdLAFbsz2SCDfZOlDINWYCJp9EMRpB6BEVH4OY2lHhMAC6wfBVFfn%2FZ2IZunrB0wo7J6Sd%2FQTVjcvrX51DkX13QaqOzYnRdKVM4bGQt1MYIanWEsj5AteVBNQfg1YdQ4hFZfHIFRb571WkDJY5eZmkkl0KeLIRBFCxEoWQLCe33Fpb8mMpUUhEmchqRUiOobAQtt0HdKdTOQ6081JmHuvSQi6MOjdPM9%2FsZy8IwiTjnYch5nCyJWIRRkvmo%2BcTDNqpyG1xvg9tbKO0trKt7j%2BMzsPUPcGstnPDgKoKBaNFIgsYRNJSgUQRNRdAM2j2hXc%2B194V2NQtmvTfrYTs01eoO3TPVqizITnlMnp1m98e3%2F2BdHnVYmqXJUpxKGvN%2BFGcpS1kvTWPBAsGSLIBTLZQ7Beo8bKkxId%2F8jnLS77wORg%2Fg9AG4ega0fhG0GfZ7PujaMEp8bBVf5ptrptoqFe9yk0OYFmV1GtWmt6OPyQtTIWc%2F7UHyQzIrcNuitC0%2BUD8SrOq7w%2BumIbvXTePIw6tlpXK1RScPvFLRSnqfvyM3G2PF5Ytu%2B7M3%2BISYjA9uSFddoYVQxaojX1xQQkh7yVguyXeX3U3JrtVu7UJti7q8cu3NS5fz0krnlClGoBNv934DV2PyFLLp531JLUPZEWzdIq%2FnWpU5AC9vwZXznTMEVs8xKz00dTu0PTZfakWg5RxT1sLJw%2FMHK38%2FOnr%2BDpg8%2FP7PE27H3cWq9UCr2yjyFgPbYqBbUL0NV%2F9vWJX28PzP4bTAtDdk2nq7TFt97yRcp446cRDJhCV9LgSTXAT9XpiEvt8TIuqnMkhRuTH%2FeOW9fwEAAP%2F%2FAQAA%2F%2F%2BP%2B3kUlAQAAA%3D%3D HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb9f98659ea5c745f9b9b2995db1db8f1=[3844146]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adf7483baa7b9b40d977b2f8c5c2cc12
Strict-Transport-Security: max-age=0; includeSubdomains
newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=259
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=259
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=259 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
newsbeunity.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 newsbeunity.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: newsbeunity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Cookie: u_pl=15252473; uid_id2=b94e63c8-3141-43eb-8a72-605ae9ead38e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecb9f98659ea5c745f9b9b2995db1db8f1=[3844146]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 15:25:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
poweredby.jads.co/adshow.php?adzone=936444
185.94.236.244200 OK 2.0 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=936444
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (960), with CRLF, LF line terminators
Hash e2831f6cc29e522cfb52e677259498ba
5008c97c4b584bf2e62dc4aa3f80671a6f9ebbfd
8d36f71df80031b844b99f6b07a1127ab48ca269e686e700b8559d1165e491b9
GET /adshow.php?adzone=936444 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 15:25:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=1b44b9ecdb01757fe8bf9f394aedc747; expires=Sat, 09-Dec-2023 15:25:04 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Mon, 12-Dec-2022 15:25:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 12-Dec-2022 15:25:04 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776ec067ed190b61-OSL
alt-svc: h2=":443"; ma=60
bam.nr-data.net/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=621&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=22&be=404&fe=72&dc=33&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599505733,%22n%22:0,%22r%22:0,%22re%22:180,%22f%22:180,%22dn%22:180,%22dne%22:180,%22c%22:180,%22s%22:180,%22ce%22:180,%22rq%22:182,%22rp%22:362,%22rpe%22:364,%22dl%22:388,%22di%22:435,%22ds%22:436,%22de%22:442,%22dc%22:475,%22l%22:475,%22le%22:480%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=440&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVwRfAldWBlZWABh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhUWwIBAF8LGF0EAAAUVQAGBU5fD1NaHFEIW1RSUlJRUQ4NChNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken
162.247.241.14200 OK 55 kB URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=621&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=22&be=404&fe=72&dc=33&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599505733,%22n%22:0,%22r%22:0,%22re%22:180,%22f%22:180,%22dn%22:180,%22dne%22:180,%22c%22:180,%22s%22:180,%22ce%22:180,%22rq%22:182,%22rp%22:362,%22rpe%22:364,%22dl%22:388,%22di%22:435,%22ds%22:436,%22de%22:442,%22dc%22:475,%22l%22:475,%22le%22:480%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=440&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVwRfAldWBlZWABh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhUWwIBAF8LGF0EAAAUVQAGBU5fD1NaHFEIW1RSUlJRUQ4NChNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken
IP 162.247.241.14:0
Hash fc8903a855325261e428ef62f908ab79
6b2d9b1e503c5ae08c912278c6094fcce6746996
afd8f3b5058cacbdc26ef298acfbec78cc1f8a37a822b0aa28c747f70155b4cd
GET /1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=621&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/&ap=22&be=404&fe=72&dc=33&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670599505733,%22n%22:0,%22r%22:0,%22re%22:180,%22f%22:180,%22dn%22:180,%22dne%22:180,%22c%22:180,%22s%22:180,%22ce%22:180,%22rq%22:182,%22rp%22:362,%22rpe%22:364,%22dl%22:388,%22di%22:435,%22ds%22:436,%22de%22:442,%22dc%22:475,%22l%22:475,%22le%22:480%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fcp=440&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFEPUFoBVwRfAldWBlZWABh4Yy8TFUMhJTshCU0XAwhTHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwhUWwIBAF8LGF0EAAAUVQAGBU5fD1NaHFEIW1RSUlJRUQ4NChNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEYXVhNQTQgRTEZPREtQSEQEQk0%2BDwYQCwldFwMTJnRtQ05BFBoSUVpXbhdUSxILDApBXBsGFwZDHRsUAzwABhBQVlxuB1BUCA4aRllEdkFRVBMTFUMXAjsHA09cWlQ%2BRUARB0FeQQJcRlJFDkEbTUAWBTwJSmpfUAxYVRhAWUY0D1dRVkYSExVDFwI7DBVmQ1xDElhWD0BZRlJWGxkbRABuWxMNFBcGFGZTWFwIXUBDWEEiChRcU1ZJQx0bFAM8BhEJTkZcQz5HXBMRCgsNRAMXCAFUHwlDTkERAjlKQUtYD1YbW0AuCxkPVVlYHlQfCUFKNA0NAlZCShEvZRlQUk1UWEZuXFcHVQoZGVRXX0MUTw8IAVQfCUhCJAEADVYaCwFQAQlQUlJEJQ9LUF9eGR4IUVdNVEFKG1JQRT5SVgwPChBBXBtRDQlTUg9WAQIGBVYbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BKgAnQGBlE00RZUMBP0ZZRmUXCm1DHRk9QBM4QVwZaRsBPRMVQT5BAwYIXVBLbUMLGT1ABThBShlpG1UIQlgDDgY7EAlMW11tQwsZPUBTOEEbGxkbVA1YXggADwE8FUlZUEU%2BRVwSFhBGWUQZZWp9CEdcQUBPRgYKUFJQUw1UZhISDw0XOU1QSkUSblcSQFlGQxZMRlFuFFgZQx8e&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 776ec068cdea0b61-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=801&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=801&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=801&ck=0&s=18d5fd767965d418&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 1775
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 776ec069eef40b61-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=b9f98659ea5c745f9b9b2995db1db8f1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10e1d077275192823d64081e6caf6d18
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=94d84a91dc0925ebed6d851bcb980c2d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5fb4149801e3474fb7e49020813b426
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b94e63c8-3141-43eb-8a72-605ae9ead38e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1309&b_frame=0&pk=8c27976295e8310807e01fcadbb1740b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Dec 2022 15:25:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d67f4e992ad1594d8a21f62521dc9ca9
Strict-Transport-Security: max-age=0; includeSubdomains
www.hotzxgirl.com/themes/javascript/main.js
172.67.208.97200 OK 0 B URL HTTP/2 www.hotzxgirl.com/themes/javascript/main.js
IP 172.67.208.97:0
GET /themes/javascript/main.js HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:24:59 GMT
content-type: application/javascript
x-powered-by: PHP/7.0.33
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 22:18:39 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 579980
last-modified: Fri, 02 Dec 2022 22:18:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaD%2BDews1LRB4r9Jao34D8VHPqCCbh5jjJR5ZF9B9cudxLwugjXu7%2F08FeAC%2B7Y%2BvfQ0gNdxqqFD5IXtFLksYxCK6PDXFSIxuk2tHpgyVD2cbKIAz8m%2F4LbU1erXkwPN8JPs5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776ec03838c8b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.intelligenceadx.com/calendar-heatmap.min.js
185.76.9.23200 OK 0 B URL HTTP/2 www.intelligenceadx.com/calendar-heatmap.min.js
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
GET /calendar-heatmap.min.js HTTP/1.1
Host: www.intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:00 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 09 Dec 2022 20:41:27 GMT
access-control-allow-origin: *
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1670618487
server: CDN77-Turbo
x-77-nzt: AblMCRR0tq3/VfAIAA
x-77-nzt-ray: af58563067ed7bd34c539363ed70280c
x-cache: HIT
x-age: 585813
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
chaturbate.com/in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
104.18.100.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f
IP 104.18.100.40:0
GET /in/?track=hotxgirl&tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cams.gratis/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:25:04 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Wed, 14-Dec-2022 15:25:04 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJyrVipRslJQqjAMSlHSUVBKzi0Acf2SHStDQfySomwQPyO/pCI9sygHJFQEFigpKSi20tdPTswt1ksvSizJLNYHSSampYGkcxMrKipyU1MyE40MDC1AEmBjjQyVagEmlyAf"; Domain=.chaturbate.com; expires=Sun, 08-Jan-2023 15:25:04 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Fri, 09-Dec-2022 21:25:04 GMT; Max-Age=21600; Path=/
stcki="iuhY4r=0"; expires=Sun, 08-Jan-2023 15:25:04 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr86fe5f09-62fe-4072-9985-a07757615603:1p3fFI:R0BFpJ5xN28CKtbnPRMEeedOcIo; Domain=.chaturbate.com; expires=Wed, 03-Sep-2025 15:25:04 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=xh__ZCF4sScKjbljohjQbtR0lFLKm1YuKlRDgZ8ouxQ-1670599504-0-AZ06lz9hQs/d1ZDKvw32O5psT/7sFmPXlSOY0w3/UPzlRpxF+aQ8+wMQ5YAIUogSNYRhu5wEDm0A9aDmcMxWFVI=; path=/; expires=Fri, 09-Dec-22 15:55:04 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776ec058cdf5b4f4-OSL
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.93.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1965462
expires: Sun, 08 Jan 2023 15:25:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xihHpYKWda48Hy9LZzMFQnZsvB0faVk8roqnvmzmuRZ3%2BlXtAy3Jv88mCE0TlrKgfAa0QMFKTfylTqUYbxZeAumxw3n1kNcqnchMsE0xGL6713cCQLUp0fbWQ12pbFPkwQi0FM5RDxgMOjGhdvKX1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=jCif9zc09V5037ebN4bmS8CVz5vLfKRMzDDtUq0WeYQ-1670599505245-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 776ec05bbb4fb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP 172.64.109.13:0
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46S6tiPhKei3LfNX%2B0vsoTtgUm7wlIjcXsi0TNDeYMCkzsyizgK7%2FIhBgmrIm%2BmxfQfON9JUMeKnEPqc3uah0hn5I7uXsIZ456UvaVne7qDL00f2BtZ55goFDiEo%2BZz%2FXZRlKUDZrCuq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec05e1e6f8e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.hotzxgirl.com/themes/style.css
172.67.208.97200 OK 0 B URL HTTP/2 www.hotzxgirl.com/themes/style.css
IP 172.67.208.97:0
GET /themes/style.css HTTP/1.1
Host: www.hotzxgirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:24:59 GMT
content-type: text/css;charset=UTF-8
cf-bgj: minify
cf-polished: origSize=8332
cache-control: public, max-age=2592000
expires: Wed, 04 Jan 2023 22:15:54 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.0.33
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 320945
last-modified: Mon, 05 Dec 2022 22:15:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDLrL4gzOrVC9We5EoLQR%2FjKX0rl80KC4WodpY0T%2BhZMjGtMDNvDFN0X1lOUj%2B1ip4QRXogwE%2FSho9V0u%2BEKTsTiljtIN2rPYdG5hPoU%2FGEcRiGK9b8bOcRC82AIjZoDGF%2ByYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776ec03838ccb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:01 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 09 Dec 2022 16:25:01 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=84d4z233r256s2v2o2642384&u=http%3A%2F%2Fwww.juicyads.rocks
143.204.55.92200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=84d4z233r256s2v2o2642384&u=http%3A%2F%2Fwww.juicyads.rocks
IP 143.204.55.92:0
GET /jp.php?c=84d4z233r256s2v2o2642384&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Fri, 09 Dec 2022 15:24:59 GMT
expires: Fri, 09 Dec 2022 15:39:59 GMT
pragma: cache
server: nginx
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MLTMIlrsq3pJpIViImP7hGdTRbipSpjj_1keR7wNst70Y62KF0jD-Q==
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
IP 172.64.109.13:0
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:02 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM8HVzRK4PSLwMffCXjbXdNl16s1cbVDlF7znh6zHWcwd%2FZ7t2caDltAIX0Vqal5TQ9ni6%2BHgEENi2Lf%2BbTigjWxGtmePDOftS%2BUupd7os84MMtQhCTYX2UHpSbx8c4LLo2KpI%2BnbrAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ec0462d448e2a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
104.18.100.40200 OK 0 B URL HTTP/2 chaturbate.com/tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0
IP 104.18.100.40:0
GET /tours/3/?tour=x1Rd&campaign=NcAyU&c=3&p=0&gender=f&disable_sound=0 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cams.gratis/
Connection: keep-alive
Cookie: __cf_bm=xh__ZCF4sScKjbljohjQbtR0lFLKm1YuKlRDgZ8ouxQ-1670599504-0-AZ06lz9hQs/d1ZDKvw32O5psT/7sFmPXlSOY0w3/UPzlRpxF+aQ8+wMQ5YAIUogSNYRhu5wEDm0A9aDmcMxWFVI=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Language, Cookie
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="iuhY4r=0"; expires=Sun, 08-Jan-2023 15:25:05 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tdPTswt1ksvSizJLNZXqgUAilAJow=="; Domain=.chaturbate.com; expires=Sun, 08-Jan-2023 15:25:05 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrc5bc81fc-9e90-49be-846a-4a6487def445:1p3fFJ:0IGUwnIrPhpa0gQ5-bB6bNLjGWA; Domain=.chaturbate.com; expires=Wed, 03-Sep-2025 15:25:05 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776ec059df90b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e6/d7/97/e6d797a3a7be0e7ec1877d1b33146dfa/1657714258.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hotzxgirl.com
Connection: keep-alive
Referer: http://www.hotzxgirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:25:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 13 Jul 2022 12:11:03 GMT
etag: W/"62ceb657-4a6"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 09 Dec 2022 16:25:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2