xfantazy.com/video/5e0ed14deac0b76cd9c54962
104.26.0.188302 Found 0 B URL HTTP/1.1 xfantazy.com/video/5e0ed14deac0b76cd9c54962
IP 104.26.0.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/5e0ed14deac0b76cd9c54962 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 09 Sep 2022 11:27:13 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yzr%2FGsFFTcpyn230u%2BhS0veAbwUOm8Lc2M3wWtGsD1RRLQOE3w9fT%2FaY8twOk58wVii82wjVadJwyUMMjVhs%2B4CTiHzl%2Bcf6%2B%2Bh7RdwRBkt%2F671Ip7nND3tsGRWIJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 747f92cedb950b55-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 11:05:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KoIan8XT4cLZJQfI6bJeWnQJiOQbGOXJAgLqyW5KrAZoA-lVv1rdsw==
Age: 1287
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4937
Expires: Fri, 09 Sep 2022 12:49:30 GMT
Date: Fri, 09 Sep 2022 11:27:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NL5vi8LMburRJF3vz1xYknRL-ibD3OA02AZPzpFrM1uwgBSBGVVj9w==
age: 27640
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 10:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 11:38:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bH5pv063rmA8jxw-d9nPBwTIk7rTHQtU4w3gaOAgeqsiIKdLvumJTA==
Age: 1867
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:14 GMT
Last-Modified: Fri, 09 Sep 2022 09:46:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
xfantazy.com/_next/static/runtime/main-7c30842d40a1eaaad473.js
172.67.69.220200 OK 26 kB URL HTTP/2 xfantazy.com/_next/static/runtime/main-7c30842d40a1eaaad473.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f97eef4e8240ad8066435ac28e3ac831
7aaf65f069bbeb835ab76196d009dd86d81f52cd
45cca95b4a6798402329e036135e70c115c0ff4438d1efe7ebcb6cc74b55ae3a
GET /_next/static/runtime/main-7c30842d40a1eaaad473.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:00 GMT
etag: W/"11cd7-1826d2c11d8"
cf-cache-status: HIT
age: 3033719
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQphwa7v3eDgz5FEwVoveH0MBVS9cTnz3vgUhkNJ6SWOWTf220UF2UOUBXBDKpsFlEizInxoaBD9kDoMasrjxLiSKwAc%2FSNdAvny8lll5nC4JuoNPkuVKPYMpTl%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d51c66b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
172.67.69.220200 OK 1.3 kB URL HTTP/2 xfantazy.com/_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (1564), with no line terminators
Hash 15ac1b67562a765df99f47a066943dbb
7e5f40aaf35c8edad61baf7da6d80f85d7240827
8f9d032ca3b23512346426eef3f3f022804a987036daf42672c451adcede3be3
GET /_next/static/chunks/69.b3ff95d1d1b8e7cf25a2.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:48 GMT
etag: W/"61c-179fb7179e1"
cf-cache-status: HIT
age: 29179902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx0keEZswlbRI3PC7FlazvyCJLoSQmB37SR3efPfTCg41uuuGxfWwaGETThc73P%2BjD6yC7tf8pq9lPB7KV9NfCUIzLOvULZ%2BcpY1FsymZHBDQArjXJMR9mSE6FZ2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c4db509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
172.67.69.220200 OK 11 kB URL HTTP/2 xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (40085), with no line terminators
Hash 84a4955d237f9ff5d54dd6eef2b1b8dc
eb2097d19f22782fb5c25b1830eea45971c28a72
8224abec0f45c69f68d35e5c0b82643cb7d8c2269c7ab9568fb662eceef7116b
GET /_next/static/chunks/9.be198c87e436634bf765.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"9c95-181397f9e55"
cf-cache-status: HIT
age: 8163593
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVKRUYhypNf7UFc3oOZCaOWd5trqEdlQX%2Ffq3GJaZbcLvuYAr0WVrczJ6W0yHYsUS4hZCFgkroOvCdITR3HEUF8VjI6%2Fp1pIUIRTUuaEeM%2BmKaN%2FhZrcjqwYBlkbNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c45b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
172.67.69.220200 OK 11 kB URL HTTP/2 xfantazy.com/_next/static/chunks/7.38d845e9473548212694.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (38842), with no line terminators
Hash cb7eaf149689c5d24e3e27c34d783948
2aba5b9db01e392e69446130d03445c53b8aa6b3
b8f3c29134be46102b2be260abeb357541918feb70b7e060ab61c1da54ab2210
GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"97ba-181397f9e55"
cf-cache-status: HIT
age: 8163227
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dYXzFMYyif3Xb4hKLpN%2BU1OwhTQEaDUTXNEK6Hh0l5VQBIVh37nHuXtUdzuxuB9PJHE2IQU1Jl1nIEXiz4%2BYJtnOu3Gidd%2FUGqannIJTpLWB6cDQP6%2Fx8%2FQD6MaPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c42b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cache.k2s.cc/thumbnail/IOrG736km6bp8TnC_A/w320h240/0.jpeg
188.72.235.186200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IOrG736km6bp8TnC_A/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 86f495af93983a2ee1e8c7d71b298a30
0a2792a316796d4c1eb52091e537ebd920e61bb2
9de835f1397ae255f780fe9694e0d9490de8101ea3101e9664fcc7122a095202
GET /thumbnail/IOrG736km6bp8TnC_A/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: image/jpeg
content-length: 11196
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cache.k2s.cc/thumbnail/d7yauyWnw6e9-TvD_Q/w320h240/0.jpeg
188.72.235.186200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/d7yauyWnw6e9-TvD_Q/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash e165809f1ac23cbef112c671affa7e41
eb54b51535df4455a132024d48cf4fe6f69e1f16
5cef77310a3b9fa69ffd2ef0447ccc0f376c48a6f269f49108a840dae8d9a135
GET /thumbnail/d7yauyWnw6e9-TvD_Q/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: image/jpeg
content-length: 12386
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cLnCvX-mw6ntqjWQrA/w320h240/0.jpeg
188.72.235.186200 OK 10 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cLnCvX-mw6ntqjWQrA/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 2e505978508bed27623d686e0c635daf
6f0104fcddc5f501af52a640b5d1b7d3fa9e5bd2
eeadead5cb9b256ca218fee2ee12982089a3e05ba9dc31a113caa2e43536706e
GET /thumbnail/cLnCvX-mw6ntqjWQrA/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: image/jpeg
content-length: 10157
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IeyXuXeum_vp-mjBqQ/w320h240/0.jpeg
188.72.235.186200 OK 13 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IeyXuXeum_vp-mjBqQ/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash d5a37146da11839bd3ff8493c43e836f
475ba88a574c0b091cebd4c7547a12834f99d742
33afd6d8cb5578e816abd7009fb41d14dd777e6aba88a5b1c6398c74d07345a6
GET /thumbnail/IeyXuXeum_vp-mjBqQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: image/jpeg
content-length: 12615
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
xfantazy.com/static/logo-tv-light.svg
172.67.69.220200 OK 54 kB URL HTTP/2 xfantazy.com/static/logo-tv-light.svg
IP 172.67.69.220:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395)
Hash 691f57f9b2d09b9cc1f6f01329fead20
c472941b78a4a2f1e87512a6fdf7c06e685f5152
1a7d50da2e45a4646a0d37111853b0434bab386aac2d7954cb4c45ede7f98118
GET /static/logo-tv-light.svg HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:17 GMT
etag: W/"101b-1826d28a7bb"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liPNTNjtfAXkwQRoIErikF4LAjvh%2F0OO7t%2F8hvTH89DxGkTx5B2OOXdwHu21T5KAk%2FWu70bUtlNfkxF2ZB8Tfy5Vdwp2tF2AUWh7SmDdRNTGkUB%2Bu%2FxIgMzSGse1lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d52c7bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/_app.js
172.67.69.220200 OK 38 kB URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/_app.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash db7efcec8a4f7a58e85efd1f5cd9fc61
9419afb1fbeb9d7325a1558e93313b1833dc7da3
f6eb1433f5c832cc66b98fd591bfd5ca36107497923b031337596d0aa7df7d47
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/_app.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:00 GMT
etag: W/"20e2f-1826d2c11d8"
cf-cache-status: HIT
age: 3033519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX%2FuWqKX1nM%2FhECAUskYc4RZkbkcrCjZJCz8Fs0VYCLtk%2FGcjmsY%2FrqaaMvOcwuWQ%2BnL0t%2FRMs6pfC3B6R2BCoyvllKehqfUuDdqWnTHShJugRCageEA%2BNyyGH5Ivg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c3fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 143587
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +kXM0zNn7UkPMrPP6ydUHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eLpMLmRUBBVTRmbp/XdQLkAtUxs=
xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
172.67.69.220200 OK 416 kB URL HTTP/2 xfantazy.com/_next/static/chunks/commons.9b890646c0aa33eb63fe.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 416 kB (416104 bytes)
Hash ea126d79595d90fab936aba139d0f2ad
b4545528335cf03a488d7acac6888ef0fbb04018
4fc66e4eac3c8bebd94f370f8729dcdc3d93bddb368dcdb77365dc7965f442e4
GET /_next/static/chunks/commons.9b890646c0aa33eb63fe.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:36 GMT
etag: W/"152f62-1826d2bb0af"
cf-cache-status: HIT
age: 3033775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zbcTMGHo7x%2BhDZMFf9%2BffQqdP4JbXH3r3NqxqveFmOLLCKhcTxbmBrf5DwRvHR94Rx8johmLuHpXP7FXKrpb%2FclvVwsLq2t3fmf69pam6AsLfa1Gs50prvvdPlXNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c41b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 143587
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static-cache.k2s.cc/thumbnail/6e9abc6d67d55/main/0.jpeg
188.72.235.186200 OK 25 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/6e9abc6d67d55/main/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 720x480, components 3\012- data
Hash 0b2dab5df6f4130eeb770bfd5307090f
f873ab54322eb48a14879bc12716e8cb10f695ec
3a0a8dab182f6a7eeb483a7eec1d6b968dc2b8617af22e6c49d412e390dccc8d
GET /thumbnail/6e9abc6d67d55/main/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: image/jpeg
content-length: 24930
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
xfantazy.com/static/xf-small.png
172.67.69.220200 OK 1.2 kB URL HTTP/2 xfantazy.com/static/xf-small.png
IP 172.67.69.220:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 73788af337ff4a5e7c8d8ea19dba155f
e0bd72878475603f40ebd05077c626816ed3285c
be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
GET /static/xf-small.png HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:39:17 GMT
etag: W/"481-1826d28a7db"
cf-cache-status: HIT
age: 5373
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1UV3z7KDzzZEUvgrMBOmN6E3lA1VjKIVP01xXh4RjDxmbcc3V1%2Fca0mH6cKlGvTbb6GTFqCnhyph31UZQUx%2Bh88ZFY9JVfM08psz4W3ulOz3ri89AfXbXwG6d%2BHFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d77fdab509-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 09 Sep 2022 10:41:12 GMT
expires: Fri, 09 Sep 2022 12:41:12 GMT
cache-control: public, max-age=7200
age: 2763
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
151.101.85.229200 OK 84 kB URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP 151.101.85.229:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (674)
Hash 6aa24421d085c85fe9b056ed6b00f4ca
b523984f3c64b308f2161af22aab93f1e7449970
1be1ad83f2bf92acac879af7b6ef4ac64719a9a3e33296767476872b4b0d50e2
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.243.0
x-jsd-version-type: version
etag: W/"33a00-wpy5+9RYylDfGju7cv4lX2Cj50o"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 11:27:15 GMT
age: 8199
x-served-by: cache-fra19164-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 83815
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash d4ee10cb3ebf0d9580e40ce5dffc0909
68935f96bb5615e06563b21312e088f122eebfe8
24123ab53c813157427489dc2e367f250155cfec5beb5e406dadfb7f12a9eb20
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:15 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9FB43B9F916E7DBA38360E2FB043470B72A4956B"
Expires: Fri, 09 Sep 2022 22:00:00 GMT
Last-Modified: Fri, 09 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 385
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747f92d93bf20b02-OSL
xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
172.67.69.220200 OK 872 B URL HTTP/2 xfantazy.com/_next/static/chunks/styles.77acb212b856be16971e.js
IP 172.67.69.220:0
File type ASCII text, with no line terminators
Hash 24d2f78647dccc281849591149889cc1
26a55f354b6d7f681566d051798e638710c55be8
f81a772ea5d3fe272499ab44e9e94b52326d4aeca2a38b91de7488adb6ff290b
GET /_next/static/chunks/styles.77acb212b856be16971e.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:19:05 GMT
etag: W/"55-179fb70cfea"
cf-cache-status: HIT
age: 29179655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yndAFcpZT5pOds13yojz5rDIaxKPN5uRYh30KAmlUQECY0ZO%2BmEj%2FpGLBth4doM2g5ohFnbnMq7XtkzEAHz7gMslSGOvjq5zNgsCe5LjYT7%2FqkTWAsES1xep2UIvEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d8e984b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
172.67.69.220200 OK 1.6 kB URL HTTP/2 xfantazy.com/_next/static/chunks/51.21792104df3f91cda445.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (3301), with no line terminators
Hash 4973591acd0442614083d61ad71de2f6
a050ff8c14f9ab93bc380d45ed83fd5ca9203d39
dd568b1a5d115abf90f2daa5b4652d5ace1048c64033529e882a4268ac1b426f
GET /_next/static/chunks/51.21792104df3f91cda445.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"ce5-181397f9e59"
cf-cache-status: HIT
age: 8169084
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJnCGcFtYjDxKU0fLhE3v8ga1vMKRseuZd7PmCbCqc0kUQxHd3Mng%2FZ26YyD2WitLfShlpxuJ48DK3YrvXSd%2Ft5Zwhk7iYzP%2FSU7GbiAdmGMHRLn%2Frektk9WQ6I1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d9ba95b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/zRdVuw7.js
135.181.208.216200 OK 34 kB URL HTTP/2 a.focusde.info/zRdVuw7.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash d1687996fe2e7823e5b8affdfcea8e98
f61abc52f5f4df8518904c4956199f06504dddeb
d744dbd12bc20312975d13472cec984daeee4da3bda44d90ceaac5d80070217a
GET /zRdVuw7.js HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript
content-length: 34376
expires: Sat, 02 Sep 2023 11:02:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 10:59:39 GMT
etag: "6311e21b-8648"
cache-control: max-age=315360000, public
x-hw: 1662116540.dop216.am5.t,1662116540.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
a.focusde.info/5qpfbg7.js
135.181.208.216200 OK 34 kB URL HTTP/2 a.focusde.info/5qpfbg7.js
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (37787), with NEL line terminators
Hash d1687996fe2e7823e5b8affdfcea8e98
f61abc52f5f4df8518904c4956199f06504dddeb
d744dbd12bc20312975d13472cec984daeee4da3bda44d90ceaac5d80070217a
GET /5qpfbg7.js HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript
content-length: 34376
expires: Sat, 02 Sep 2023 11:02:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Sep 2022 10:59:39 GMT
etag: "6311e21b-8648"
cache-control: max-age=315360000, public
x-hw: 1662116540.dop216.am5.t,1662116540.cds267.am5.c
access-control-allow-origin: *
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 541ad4053937a1ea05f7dd49b9a3f428
a507d3dfbbf4b551aa524bb785ba752cbadd7041
aba86d827f6af641e3b6c645e58e22e66582597f42f0f109d8eb80dc54358191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ABA86D827F6AF641E3B6C645E58E22E66582597F42F0F109D8EB80DC54358191"
Last-Modified: Tue, 06 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3245
Expires: Fri, 09 Sep 2022 12:21:20 GMT
Date: Fri, 09 Sep 2022 11:27:15 GMT
Connection: keep-alive
d192r5l88wrng7.cloudfront.net/?rwlrd=961956
54.230.245.77200 OK 112 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961956
IP 54.230.245.77:0
File type Unicode text, UTF-8 text, with very long lines (15952)
Size 112 kB (111856 bytes)
Hash ead2fe524c9652afb28d08a880631080
79b1cb8659a37e7c2ee8dd7a95930f349e3f877b
b186ee535763087c5a144f22e984ca99991f7f106ad476b9ec2bb5e268db7014
GET /?rwlrd=961956 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 111856
date: Fri, 09 Sep 2022 11:27:15 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HS0aW4GguoFcDcW01lq3aNEnJXI0Uky7IVCakgPPMPy6uOYuMktRVA==
X-Firefox-Spdy: h2
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/signup.js
172.67.69.220200 OK 1.2 kB URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/signup.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (2988), with no line terminators
Hash 01f0de724451f168195aba807f720aae
6f61b18f2b4baab1785b784f94833e5746886657
eeb0f3ac1ef8b3f627869ebbfc60f1faf23f5aba332c0784e67c4cde94711d44
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/signup.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxNzViZWQ5M2Y4ZmEzIiwiaWF0IjoxNjYyNzIyODM1LCJleHAiOjE2NjMzMjc2MzV9.spsNvElaqB8Fg8rEADo6tH-5zR7Gabhm357XaF7h1RY; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiYThiNDFhNmNjYTkzNSIsImlhdCI6MTY2MjcyMjgzNSwiZXhwIjoxNjY1MzE0ODM1fQ.FU0sJlpPCjIbExsf-0_SIXvMq3hWXU-lyDurYh3oUvs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:01 GMT
etag: W/"bac-1826d2c1430"
cf-cache-status: HIT
age: 3033199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=397HLbLMi9eDDS1Gx4yZaQXKt1Ml9hXtQiCdso33tNDkodNNloqRD1Q13JA97aLgE59D%2FCLyXypyL5CtcLzP4kmzzJunmIiTckJ7jX6Ni8vQKCcFK7yNVLQL7%2FFhig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92dc0e6db509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1865384613.1662722827&jid=773521058&gjid=1938426296&_gid=2048500043.1662722827&_u=YGBAiEABBAAAAE~&z=2079187848
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1865384613.1662722827&jid=773521058&gjid=1938426296&_gid=2048500043.1662722827&_u=YGBAiEABBAAAAE~&z=2079187848
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=1865384613.1662722827&jid=773521058&gjid=1938426296&_gid=2048500043.1662722827&_u=YGBAiEABBAAAAE~&z=2079187848 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Sep 2022 11:27:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dad8f08be4d6d5166c7f54004cb37c64
949b5738d5c880445510774f1da0e0af667308b3
398205f8248c3e00126eb21e6cb1d4e21a981a1b46d59ff4993e6023f33c6b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash a9f68141dcaf58fe54d0122b8914ed15
1a8876937ab5db3999180795496b4f17e2383dd6
70da2cc2ab3fe46f4817d9c2e259771855826480abac935e1d7353dca9024b9b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:16 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 13 Sep 2022 09:15:22 GMT
ETag: "1a8876937ab5db3999180795496b4f17e2383dd6"
Last-Modified: Fri, 09 Sep 2022 09:15:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1645
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 747f92de28f90b02-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 45138
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 48121
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7697
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 706c7ceb40056f848425ca7d994cedc8
b9b1bf8291b6a66f260f82947966fa01ca78c61f
739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_B0YRYqe6d5Tkoj4JvvTTArO1I5XfWVMUqFAY3rtPl2T0UenSeaeQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 80164
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: e7ec7e84-0924-4f5f-b289-4c750ea99567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHHnNIAMFlrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-49565105361ec7f76cb818e0;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DvCs6zEt1p58iwZaXfuF9YFA-fieE5Y974E07YMNYPiaGbR5iuXK-A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 49285
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f8aeb20a6543be83f3e422796c4dc70
4e4e127039dd8099c63c3bde198118d2874f7342
0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7218
x-amzn-requestid: 4e9672b6-5415-4808-9508-22e8c42de448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_QzHffIAMFYTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318459e-743b975a2770e2a90c616d87;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:17:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: RWXxavA41fuv9fahIKxt-zxwqiRlW7CDdZvbLl-JLTG-TV3xQlEovA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:51 GMT
age: 49285
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18475
Expires: Fri, 09 Sep 2022 16:35:11 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18475
Expires: Fri, 09 Sep 2022 16:35:11 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18475
Expires: Fri, 09 Sep 2022 16:35:11 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 addresseetransportationsyndrome.com/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37172), with no line terminators
Hash 0ed30c3e689dfd1c015dedb0f64ed8b5
0b881041da68d2a8fe506ab09b58fd2c3aeb0916
32fe5cda8b5b2d5e6de873c38d9c3196c8cb4566668329e0873b429c90283975
GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1
Host: addresseetransportationsyndrome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1b2bea2ea23644cac895a8bbed623b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18475
Expires: Fri, 09 Sep 2022 16:35:11 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 24862
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
esopertyva.shop/cEFEdFIRIycZbRF8JlInAi15UWA2ZHYyNkF4dgZnHHl8AyAeJnNaMRwuMRA0Ai4qAHweJDBRYDY0CTA2PRh2LgYnAg0yBSUTIT8URScGEwRIFCg9BSgVfDkRNQAPOyVEcSdHZj4GLkEoJRYrLBo2EA8SFyUKESI5AhkvNgQnEn0RBAgbEz8TNiMGNhdEBDMYMDMrHSMQQTEGJCU1DxUyGAEHIxccJygJLhZBOSY4ByoUIBMYGRR0OREycxUWBAcEFxIrNgUFEzEXAiMcFCRzKCYEGyYUETgIEAY2GFVzAj0HPQIGDmYmEDM6YBQXEj0TMnQ0IQQqGREdf0gIByYHNgIoMgUxECBMBxwYBjE8RRUFMj42ChUhGCMDDlFgMgsSTBU3GTwyFwdxA1I4Ay4qBG8HLBY3GzE4HDc0
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/cEFEdFIRIycZbRF8JlInAi15UWA2ZHYyNkF4dgZnHHl8AyAeJnNaMRwuMRA0Ai4qAHweJDBRYDY0CTA2PRh2LgYnAg0yBSUTIT8URScGEwRIFCg9BSgVfDkRNQAPOyVEcSdHZj4GLkEoJRYrLBo2EA8SFyUKESI5AhkvNgQnEn0RBAgbEz8TNiMGNhdEBDMYMDMrHSMQQTEGJCU1DxUyGAEHIxccJygJLhZBOSY4ByoUIBMYGRR0OREycxUWBAcEFxIrNgUFEzEXAiMcFCRzKCYEGyYUETgIEAY2GFVzAj0HPQIGDmYmEDM6YBQXEj0TMnQ0IQQqGREdf0gIByYHNgIoMgUxECBMBxwYBjE8RRUFMj42ChUhGCMDDlFgMgsSTBU3GTwyFwdxA1I4Ay4qBG8HLBY3GzE4HDc0
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash ec17d815164658e6273e1a7767fc7de2
28d8aafe8d1b9b291524317716eec7f4dfaca7c5
e6ead9e4a3acbeaa6690529ab1f8d3270c4facbd2d77fe6aee8d74449cb79b77
GET /cEFEdFIRIycZbRF8JlInAi15UWA2ZHYyNkF4dgZnHHl8AyAeJnNaMRwuMRA0Ai4qAHweJDBRYDY0CTA2PRh2LgYnAg0yBSUTIT8URScGEwRIFCg9BSgVfDkRNQAPOyVEcSdHZj4GLkEoJRYrLBo2EA8SFyUKESI5AhkvNgQnEn0RBAgbEz8TNiMGNhdEBDMYMDMrHSMQQTEGJCU1DxUyGAEHIxccJygJLhZBOSY4ByoUIBMYGRR0OREycxUWBAcEFxIrNgUFEzEXAiMcFCRzKCYEGyYUETgIEAY2GFVzAj0HPQIGDmYmEDM6YBQXEj0TMnQ0IQQqGREdf0gIByYHNgIoMgUxECBMBxwYBjE8RRUFMj42ChUhGCMDDlFgMgsSTBU3GTwyFwdxA1I4Ay4qBG8HLBY3GzE4HDc0 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1171
date: Fri, 09 Sep 2022 11:27:16 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4cOI4kkYc-RJi0Ol703utU2168hQRkzot18jgeNOmlP3oBZ1Po7TYQ==
X-Firefox-Spdy: h2
esopertyva.shop/ZTBlbmoEUgYDVQQNB0gfF1xYS1gjFVcoDlQJVxxfCQhdGRgLV1JACQlfEAoMF18LGkQLVRFLWCNBKjoGFmogFgszVywtCVUBNC0sCQEhGR4GZj1aDDBIXSIjDlsgJCssVjM4HUACIyMpUGg9LwkVeC1bODZYJFwyNGIGPwMnaTMZHj9RCRYyIQEJVyJUVywsBCB+LRYBI1MzPD0jV1UJPDNYLzgNCn0jXxInVgIFOCN2M1ciJF8QPzJRejM/Py5/MCsJPVw0Xis0CB87BAJTJgdfJ1YCAiYiWyNLWCNVJCwLNl4SPyIjBTAlWx1RJxkeFXNWVw8zeFUkKTMdVDsMN0cpNissXDZfHS5zHz8JJkkVCg8NUy89AiNIJi9MD0MKABpYeAM9BgBjMQwEAFsoPi0N
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/ZTBlbmoEUgYDVQQNB0gfF1xYS1gjFVcoDlQJVxxfCQhdGRgLV1JACQlfEAoMF18LGkQLVRFLWCNBKjoGFmogFgszVywtCVUBNC0sCQEhGR4GZj1aDDBIXSIjDlsgJCssVjM4HUACIyMpUGg9LwkVeC1bODZYJFwyNGIGPwMnaTMZHj9RCRYyIQEJVyJUVywsBCB+LRYBI1MzPD0jV1UJPDNYLzgNCn0jXxInVgIFOCN2M1ciJF8QPzJRejM/Py5/MCsJPVw0Xis0CB87BAJTJgdfJ1YCAiYiWyNLWCNVJCwLNl4SPyIjBTAlWx1RJxkeFXNWVw8zeFUkKTMdVDsMN0cpNissXDZfHS5zHz8JJkkVCg8NUy89AiNIJi9MD0MKABpYeAM9BgBjMQwEAFsoPi0N
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3004), with no line terminators
Hash 533bc2e3a3f6f4d692fc706ad81794a0
4456a4423205f3a1d1a6489f697811bc2d2ba553
97f3465114378be51a4867386b427d23bcb97d4afeba60713d3eb2497d66b7d4
GET /ZTBlbmoEUgYDVQQNB0gfF1xYS1gjFVcoDlQJVxxfCQhdGRgLV1JACQlfEAoMF18LGkQLVRFLWCNBKjoGFmogFgszVywtCVUBNC0sCQEhGR4GZj1aDDBIXSIjDlsgJCssVjM4HUACIyMpUGg9LwkVeC1bODZYJFwyNGIGPwMnaTMZHj9RCRYyIQEJVyJUVywsBCB+LRYBI1MzPD0jV1UJPDNYLzgNCn0jXxInVgIFOCN2M1ciJF8QPzJRejM/Py5/MCsJPVw0Xis0CB87BAJTJgdfJ1YCAiYiWyNLWCNVJCwLNl4SPyIjBTAlWx1RJxkeFXNWVw8zeFUkKTMdVDsMN0cpNissXDZfHS5zHz8JJkkVCg8NUy89AiNIJi9MD0MKABpYeAM9BgBjMQwEAFsoPi0N HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Fri, 09 Sep 2022 11:27:16 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aZx529WvEfNbMFt3LegGxwhv3oc0pfCp3b36uTNxY-zuhQGEMWSKEA==
X-Firefox-Spdy: h2
esopertyva.shop/elNUM3AbMTdeTxtuNhUFCD9pFkI8dmZ1FEtqZkFFFmtsRAIUNGMdExY8IVcWCDw6R14UNiAWQjwrBWYAIDI5fhkwBzd+KD4GPmMmHjIwAAQdC2VlHjMQO3U0LhVndSFOAzByKTYQF1w1MwtsVjcpBWdSJQ0DHXAhX2EWZUAvOB53ACIGOVACKgI8VhQtJCB0Fw0iMEoHPxEtYgM3EgV0Oi0kJ3BBTiAeYD0+Fy0DAhwVM18UPQEkZ0E8Kw1aNhgGOWFFPWNtYRMpCiNxMiNmNgEEGxRnX0g4PyxrKjI4NmdBPCsbcEkqBhVxChhjBmcRPWomZBcrOB9nXTMVBl09NzJlQyMZCyRcJxYZP1Y3ER4XWT0MAyNmEiAbM1UlSwUiVh5CNQxdMVw5J1weCm4YVxxPHwZROT84
54.230.111.4200 OK 1.2 kB URL HTTP/2 esopertyva.shop/elNUM3AbMTdeTxtuNhUFCD9pFkI8dmZ1FEtqZkFFFmtsRAIUNGMdExY8IVcWCDw6R14UNiAWQjwrBWYAIDI5fhkwBzd+KD4GPmMmHjIwAAQdC2VlHjMQO3U0LhVndSFOAzByKTYQF1w1MwtsVjcpBWdSJQ0DHXAhX2EWZUAvOB53ACIGOVACKgI8VhQtJCB0Fw0iMEoHPxEtYgM3EgV0Oi0kJ3BBTiAeYD0+Fy0DAhwVM18UPQEkZ0E8Kw1aNhgGOWFFPWNtYRMpCiNxMiNmNgEEGxRnX0g4PyxrKjI4NmdBPCsbcEkqBhVxChhjBmcRPWomZBcrOB9nXTMVBl09NzJlQyMZCyRcJxYZP1Y3ER4XWT0MAyNmEiAbM1UlSwUiVh5CNQxdMVw5J1weCm4YVxxPHwZROT84
IP 54.230.111.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3012), with no line terminators
Hash 8dcbee287774eb920e2b5c271a429a76
24702503ea9f6d36371a164ca883da5d21179505
975aaf08f90aeb8b560827e703fad2ae579ff9b214d83e01ff42365148e20314
GET /elNUM3AbMTdeTxtuNhUFCD9pFkI8dmZ1FEtqZkFFFmtsRAIUNGMdExY8IVcWCDw6R14UNiAWQjwrBWYAIDI5fhkwBzd+KD4GPmMmHjIwAAQdC2VlHjMQO3U0LhVndSFOAzByKTYQF1w1MwtsVjcpBWdSJQ0DHXAhX2EWZUAvOB53ACIGOVACKgI8VhQtJCB0Fw0iMEoHPxEtYgM3EgV0Oi0kJ3BBTiAeYD0+Fy0DAhwVM18UPQEkZ0E8Kw1aNhgGOWFFPWNtYRMpCiNxMiNmNgEEGxRnX0g4PyxrKjI4NmdBPCsbcEkqBhVxChhjBmcRPWomZBcrOB9nXTMVBl09NzJlQyMZCyRcJxYZP1Y3ER4XWT0MAyNmEiAbM1UlSwUiVh5CNQxdMVw5J1weCm4YVxxPHwZROT84 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1168
date: Fri, 09 Sep 2022 11:27:16 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: klho18LCvy0GLH6iEiRfREBbHeRX3C5EH0gXLzIz5F_-YwqoqU8jEA==
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 3ab6fb1cf22dc73e177f11c964a5ac27
1b4549589a1c2ec1b47c0254cca66b2871ce0adf
1e89cb692651da7a17c00655c5fd2c5d6fcc30aeb06095476240095d8aa06f4a
GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Fri, 09 Sep 2022 11:27:16 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pymondardin.xyz/NXpvVFYaRQwna2YQLQ0CcxJaFhEMTg4MG3IbAW0gUys5MzJySkkgP1FHVmJkBUtdciZcHlJlbhMJGzUiQAlSZXBcFAk7axMMUmV4BVReemUTD1JlcEEKDjNrBFwfICJZR15iYAdNXWZuB01aZGQ
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/NXpvVFYaRQwna2YQLQ0CcxJaFhEMTg4MG3IbAW0gUys5MzJySkkgP1FHVmJkBUtdciZcHlJlbhMJGzUiQAlSZXBcFAk7axMMUmV4BVReemUTD1JlcEEKDjNrBFwfICJZR15iYAdNXWZuB01aZGQ
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NXpvVFYaRQwna2YQLQ0CcxJaFhEMTg4MG3IbAW0gUys5MzJySkkgP1FHVmJkBUtdciZcHlJlbhMJGzUiQAlSZXBcFAk7axMMUmV4BVReemUTD1JlcEEKDjNrBFwfICJZR15iYAdNXWZuB01aZGQ HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr1VMTbjeZvmDvMJosBMZKMOLWfRX4MSEDrgwXMHXWf2q0pZ7wkWXKzDJG76%2F4xaho%2FAeJlD5ho8ULVBAa%2BDTd6UOyVOeBNJq9scv6E2QfD4m%2BbZIKizYsrOg%2BtGpWUijMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92deac57b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pymondardin.xyz/bFNwck1DbBMBcA1gFEQXKWIVICZZARUkAy4ANjh6NDgiPBUkIFYGJAhuSUR8VWZGVD0FN01Bf0ogBBM5GSBNQH1cZFYbIwo8TUNrGm5AXHVCal5DaxluQVQ5HDIXT3xKIwQGIVFiRkR/W2FCSn9bZ0hE
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/bFNwck1DbBMBcA1gFEQXKWIVICZZARUkAy4ANjh6NDgiPBUkIFYGJAhuSUR8VWZGVD0FN01Bf0ogBBM5GSBNQH1cZFYbIwo8TUNrGm5AXHVCal5DaxluQVQ5HDIXT3xKIwQGIVFiRkR/W2FCSn9bZ0hE
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bFNwck1DbBMBcA1gFEQXKWIVICZZARUkAy4ANjh6NDgiPBUkIFYGJAhuSUR8VWZGVD0FN01Bf0ogBBM5GSBNQH1cZFYbIwo8TUNrGm5AXHVCal5DaxluQVQ5HDIXT3xKIwQGIVFiRkR/W2FCSn9bZ0hE HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THbcl6EzkhI6%2F0yCq52%2FaMGCSyxYFFPxj4wspy72k81pxitVP0qHG1G248kngTgB6rJFA%2BaHDW3FxwB79YKNZjd4WbKCyP2X4a0DuabMHD3a7YkVM2B4dxC4oKdo4rOi6RI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92deac46b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pymondardin.xyz/OWxZS3MWUzo4TmtcLQYiCxhqLkBrXAEDIQAJNwEQWiRsfRAIA38/Gl1RYH1BCV1tbQNQCGR6VUoYOD8GSlFobRpXCjZ2VU9RaGVADUJrc10ISix2Qh8YKSoUBF1/OwdNAGR6RQ9ebnlBAV5ufkAK
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/OWxZS3MWUzo4TmtcLQYiCxhqLkBrXAEDIQAJNwEQWiRsfRAIA38/Gl1RYH1BCV1tbQNQCGR6VUoYOD8GSlFobRpXCjZ2VU9RaGVADUJrc10ISix2Qh8YKSoUBF1/OwdNAGR6RQ9ebnlBAV5ufkAK
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /OWxZS3MWUzo4TmtcLQYiCxhqLkBrXAEDIQAJNwEQWiRsfRAIA38/Gl1RYH1BCV1tbQNQCGR6VUoYOD8GSlFobRpXCjZ2VU9RaGVADUJrc10ISix2Qh8YKSoUBF1/OwdNAGR6RQ9ebnlBAV5ufkAK HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vinj0mrSQSDiS7f4FHgrP%2B81wzikT1aYx%2Fj1mtUpu2PkHu6BNNORb58APUiWBGYiyduey5MPjFKNfWhZo1Phl7ZeALC4LtwB6Pqi2OacFLBSZ1BdLQREDk6qMKFclf07wwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92deac5cb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pymondardin.xyz/bHdxNnJDSBJFTw0iHXgmByUSUzoAQBJwNElFN1BBBA4pfgJaEx9/VBgeFQtLWkZIA0RKBxhST19FV0UGDQMERU9dURhYFANKV0BPXFlJGEtCRldDT11RBUYTC0pAEAIYAx0LQ1pBQwFAXk9DAUZURQ
172.67.214.162204 No Content 0 B URL HTTP/2 pymondardin.xyz/bHdxNnJDSBJFTw0iHXgmByUSUzoAQBJwNElFN1BBBA4pfgJaEx9/VBgeFQtLWkZIA0RKBxhST19FV0UGDQMERU9dURhYFANKV0BPXFlJGEtCRldDT11RBUYTC0pAEAIYAx0LQ1pBQwFAXk9DAUZURQ
IP 172.67.214.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bHdxNnJDSBJFTw0iHXgmByUSUzoAQBJwNElFN1BBBA4pfgJaEx9/VBgeFQtLWkZIA0RKBxhST19FV0UGDQMERU9dURhYFANKV0BPXFlJGEtCRldDT11RBUYTC0pAEAIYAx0LQ1pBQwFAXk9DAUZURQ HTTP/1.1
Host: pymondardin.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cis%2FWQkHKhJyjTWap%2BHN0nEcbwQRcu9ozF1aS2HoEjAkBv%2FuNHkHeOzMkSeYpyyzNTK%2BzB9Iyi9PLXWCYw6GrZipXjMfxN2n1V9fL1qbl3RkeHzKQ1egJjwIVDqVgvv%2FfPw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92deac5bb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1035ca30d5330a5d814361b7d59be719
50871f2f0dd600cc9f3ab10fe913f6dae3c7ec74
77389a008c6eb7151248708cad54c2b485b4067b5263ff89b342d6c89f63278d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "77389A008C6EB7151248708CAD54C2B485B4067B5263FF89B342D6C89F63278D"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18475
Expires: Fri, 09 Sep 2022 16:35:11 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 0eaa482920c47bd42030d69b28e5e08c
a59d707d2339350a0d681acf3d1e7bcb5e67bfae
0dae39030f55d48f02b69ee4d1d4b728128b8559a8bd8a0ea43abac1c42e7a70
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 11:27:16 GMT
Last-Modified: Fri, 09 Sep 2022 09:51:51 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6XTmLEfNmLqxI8kzH44EC49w94r_9ekJUf-VmtynLY04OHHfthn5tw==
Age: 5725
simplewebanalysis.com/stats
52.59.153.168200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.59.153.168:0
File type ASCII text, with no line terminators
Hash de8a6570277b336c6f6a99e9c6b93c5f
f081abdf36f76c0b78022f62b9124f3529036cfe
7a0866db45ab31967fc1cd7085315158ad8af519cffaffc4a794de006ed1ec6d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:16 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=a2c67d42-227a-4405-a6ee-edd848a326d5:3:1; expires=Mon, 06 Sep 2032 11:27:16 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/qOTlsZExaVgICc01QCFl1DwtcVX4fUx8LIkkEJAIfVVw/MC5XXAcpHH5RShA2XQRcQiBYVwtZalxXD1l9H1gIBnENHxkFcVRWFg0gVVhJVgoMF1xBfgkRFFV9HAouQX4JVQUKOUEcXlQ0AQ8zUngcCi5BfglLGkF/eABaSnwQHF5UK1xaBwtpC39eVH0JCV-1UfRwLXAIlS1wKCzQcCypdehcJShFxCA
54.230.245.77200 OK 189 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/qOTlsZExaVgICc01QCFl1DwtcVX4fUx8LIkkEJAIfVVw/MC5XXAcpHH5RShA2XQRcQiBYVwtZalxXD1l9H1gIBnENHxkFcVRWFg0gVVhJVgoMF1xBfgkRFFV9HAouQX4JVQUKOUEcXlQ0AQ8zUngcCi5BfglLGkF/eABaSnwQHF5UK1xaBwtpC39eVH0JCV-1UfRwLXAIlS1wKCzQcCypdehcJShFxCA
IP 54.230.245.77:0
File type ASCII text, with no line terminators
Hash d64a2ee3fe34046f8f0f93956f806630
e77702a2070bb4a646664b4b74a87d6a4924ad80
046f82b5f99089a6b489a135186e435e04207408a3cde0a5dd3aac97f1b6c60a
GET /qOTlsZExaVgICc01QCFl1DwtcVX4fUx8LIkkEJAIfVVw/MC5XXAcpHH5RShA2XQRcQiBYVwtZalxXD1l9H1gIBnENHxkFcVRWFg0gVVhJVgoMF1xBfgkRFFV9HAouQX4JVQUKOUEcXlQ0AQ8zUngcCi5BfglLGkF/eABaSnwQHF5UK1xaBwtpC39eVH0JCV-1UfRwLXAIlS1wKCzQcCypdehcJShFxCA HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NvtsQA2ruiKt6wfJKALTFBEGDIk-TaEzunPUNThg0-vXMkuGxcKXKA==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/uMDdMY2ZTWCIFWUReKF5fBgV8UlIWXT8MCEAKOw40c34NGj5zUWoXHFQKfEUKUVkrXkBVWS9eVxZWKAFbBBE4EwlbCjYWB1pBPwENQFJqFgcNWiMZD1xbLUZUdgJiU0MCB2QbVwESfyFDAgcgCghFT2lRVkgPejxQBBJ/IUMCBz4VQwN2dVVIAB5pUVZXUi-8ICRUFClFWAQd8UlYBEn5TAFlFKQUJSBJ+JV8GGXxFEw0G
54.230.245.77200 OK 583 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/uMDdMY2ZTWCIFWUReKF5fBgV8UlIWXT8MCEAKOw40c34NGj5zUWoXHFQKfEUKUVkrXkBVWS9eVxZWKAFbBBE4EwlbCjYWB1pBPwENQFJqFgcNWiMZD1xbLUZUdgJiU0MCB2QbVwESfyFDAgcgCghFT2lRVkgPejxQBBJ/IUMCBz4VQwN2dVVIAB5pUVZXUi-8ICRUFClFWAQd8UlYBEn5TAFlFKQUJSBJ+JV8GGXxFEw0G
IP 54.230.245.77:0
File type ASCII text, with very long lines (830), with no line terminators
Hash 64395c597147276155ac3fdfb02f39fa
c24da2c1d9dcb2cfd3335961ef6f36ab00cfc698
9b66b36bd4d6560197e652685c757e25de4c6bc9f445f6c55013104e1934fc26
GET /uMDdMY2ZTWCIFWUReKF5fBgV8UlIWXT8MCEAKOw40c34NGj5zUWoXHFQKfEUKUVkrXkBVWS9eVxZWKAFbBBE4EwlbCjYWB1pBPwENQFJqFgcNWiMZD1xbLUZUdgJiU0MCB2QbVwESfyFDAgcgCghFT2lRVkgPejxQBBJ/IUMCBz4VQwN2dVVIAB5pUVZXUi-8ICRUFClFWAQd8UlYBEn5TAFlFKQUJSBJ+JV8GGXxFEw0G HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 583
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v1XetH9yRDJ-XVYEPbnPnYsPOCPNB_2OWXg1MrMvHScrnBUD3ddiVg==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/xQUpZamMiJTcMXDUjPVdad3tgX1VnICoFDTF3FQ4PdAYLCCoEIX8eGSV3aUwPICQ+V0UkJDpXUmcrPQhedWwtGgwqdywEByQsMAQGJWwsC14sJSMDDy0rfFgldGRpT1FxYiFbUmR5G09RcSYwBBY5b2taG3l8BlxXZHkbT1FxOC9PUABzb0RTaG9rWgQkKT-IFRnMMa1pScXpoWlJkeGkMCjMvPwUbZHgfU1Vven8fXnA
54.230.245.77200 OK 322 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/xQUpZamMiJTcMXDUjPVdad3tgX1VnICoFDTF3FQ4PdAYLCCoEIX8eGSV3aUwPICQ+V0UkJDpXUmcrPQhedWwtGgwqdywEByQsMAQGJWwsC14sJSMDDy0rfFgldGRpT1FxYiFbUmR5G09RcSYwBBY5b2taG3l8BlxXZHkbT1FxOC9PUABzb0RTaG9rWgQkKT-IFRnMMa1pScXpoWlJkeGkMCjMvPwUbZHgfU1Vven8fXnA
IP 54.230.245.77:0
File type ASCII text, with very long lines (402), with no line terminators
Hash bdeeb5d2899168eb46409f1f150ba105
7be83cf7fc330857435794c72458110571a0de10
7fe1c1c5654f2fe8a9561aef6313ec07b23590832243ff74c331392e63b36793
GET /xQUpZamMiJTcMXDUjPVdad3tgX1VnICoFDTF3FQ4PdAYLCCoEIX8eGSV3aUwPICQ+V0UkJDpXUmcrPQhedWwtGgwqdywEByQsMAQGJWwsC14sJSMDDy0rfFgldGRpT1FxYiFbUmR5G09RcSYwBBY5b2taG3l8BlxXZHkbT1FxOC9PUABzb0RTaG9rWgQkKT-IFRnMMa1pScXpoWlJkeGkMCjMvPwUbZHgfU1Vven8fXnA HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://esopertyva.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 322
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ojbx_mZzoHc0XTydKqFi71wM4-g3FUttfL3H1Eso0fgGkK7xb_ADnQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93a115cd71ded4b966c283afaa04bb2e
16a96e4b30ef030d7d0b6aaf4cf3fe73843beeac
b6356ca3d2c56c5c037cccd61db43db246f0b64a68ae596c51002955c19bbf0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6356CA3D2C56C5C037CCCD61DB43DB246F0B64A68AE596C51002955C19BBF0E"
Last-Modified: Thu, 08 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14686
Expires: Fri, 09 Sep 2022 15:32:02 GMT
Date: Fri, 09 Sep 2022 11:27:16 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A533194358%3Arqn%3A2%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A533194358%3Arqn%3A2%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A533194358%3Arqn%3A2%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A558136203%3Arqn%3A3%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A558136203%3Arqn%3A3%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A558136203%3Arqn%3A3%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.233200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 600fafa90a357ba59de46876312dbd3e
2b8fdd50e545689f3cae01f97f4a9144114541ba
a0bc242e3b0275fa378fbd23c2ff4dfb7e42728fc7dc606c5475491786b0d412
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 81acabde5bc4baee3aa0e1d31664a22b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Sep 2022 11:27:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2J6A1EeZdaraWtjxH7kYN2ROloigDOMzHAGYh46H6GYJOydEn6lrz5ku4q%2BPEGh58XLqjtnKacnTe%2FT%2F9MK0yto6UaAUvXRki1CZ063vhL0dNMW2UgM2fHIjS%2BT64F7PEsPgjpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92df0f1f887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A634607429%3Arqn%3A6%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A634607429%3Arqn%3A6%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A634607429%3Arqn%3A6%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 108
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A466239078%3Arqn%3A8%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A466239078%3Arqn%3A8%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A466239078%3Arqn%3A8%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(8)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A199556182%3Arqn%3A7%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A199556182%3Arqn%3A7%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A199556182%3Arqn%3A7%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A353102986%3Arqn%3A9%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A353102986%3Arqn%3A9%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A353102986%3Arqn%3A9%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(9)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%284%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%284%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%284%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
graduatewonderentreaty.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
173.233.137.44200 OK 29 kB URL HTTP/1.1 graduatewonderentreaty.com/4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash ef7b70bb38d8f2015fb7c3a4f7a54cf0
236fd1b28a778c8ca023e8aae61d53ce474cccb7
2abce7c3675e46368c6218e8c608c36106b08c2003a40abda73128a52ffb640d
Analyzer Verdict Alert quad9 Sinkholed
GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ca2518aa6774a33983da3ee9438f3ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16541
Expires: Fri, 09 Sep 2022 16:02:58 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 3.3 kB URL HTTP/2 mc.yandex.ru/watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type gzip compressed data, from Unix\012- data
Hash 7df455b88c0244709e61893610de7b9c
cf04f0dd64611298a2b2da7c0b3eea92a38fc2fa
bf5b8a9188d47819581bbf46e81e2974231ac2d626f89dad87f567fe6818c7a3
GET /watch/49415098?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)mc(p-7-h-1)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&hittoken=1662722836_a5f4b72fcab8dce704a33f28f22e88b15ebaf0cc2cbcbe8596bfe2cdcdd0a388&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722828%3Ac%3A1%3Arn%3A508870220%3Arqn%3A4%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722828%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29mc%28p-7-h-1%29clc%280-0-0%29aw%281%29rqnt%284%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=7733823231662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7733823231662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1743984551662722836; Path=/; SameSite=None; Secure
i=bsVrolz+vIfOofJIthE12rSmQWo+/r4eB74ZHhmpYC5AE/ghfLRSquvC3YXmXr1sxGyxTLpUwv4aiuro38R3Ipjj0hQ=; Expires=Mon, 06-Sep-2032 11:27:05 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694258836.yrts.1662722836#1694258836.yrtsi.1662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb260f695580f58c6e36d3b8079c85cd
2f38fcf0b1ce3460a59fa60f3d458f71397db491
512582d966d42131bc95e57e129eb31306f3d198f9bce10ccd46e34fd9afb88b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "512582D966D42131BC95E57E129EB31306F3D198F9BCE10CCD46E34FD9AFB88B"
Last-Modified: Wed, 07 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16541
Expires: Fri, 09 Sep 2022 16:02:58 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
graduatewonderentreaty.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWscVRx%2B0%2BQi9qASD1JaFrxYkM3M7GY2aw%2FBGFOCaVNbRfGib96b2TzzZt7w3rydzYoQWpEet%2F%2FB5NukoRqKXgVLmRQ8BISspxwM6B8giNCToOw2GPuD4fd9832H7%2Ff7va%2B37QlxYenx0jXVF1LS2bm6W3vjY8%2B7UlsVqe3VevPBp0HzSk1332oHdfdy7WrENtSs73qu67lebVnoKFa92bEIke23vXrbrTf9ujfXRE8%2Fz411YKgD3j0hr0Dw0fQTZwaCVUiT75Yis5Gr7M13EytprjS6fO%2FDdCNVRYrkDMbaQZzunbqhzNHyI6h0dxIXqvufMRQj4vz0CGG6dxoSYXdnkjOUiFKE%2FEUU3QqRrCBoBabuQPAjAjCO62tIk%2FvXlS7o5jOVjtURmX76F0QxItO%2FziBNHi5K0avdUtLmQqUGvbiE6FUQnQqZPUDePwdRHIDltyH4z2T26SrSZGfNSAXBy8nsQlQQcQUZDUCNAzv%2BhAMbO7CZg4Qf15jneS2XM%2BrOtxlr8FYUBtz1aCv2qOcG87BsHG%2BAPBuAyQGY3kKmt7Ah7o0Iub0DbR%2FDrJcw3IHJR8R5fwtdXqKICApDUFCCQhAUOUHRLXe5NL4p73NpbOiddv%2B0N8qhyjvbdFflnSgl29kJeXmynD%2FO%2F4CN6LhG%2FbjddmPPbbYCN%2FBYy2tzj3mUNqgfMe7DiBLCnJvM2xcjMnPhd2Tjg335D0J6ACMPwMRLoPYiaDFs%2BS7o%2BrA576Kf7vdimua0v1lnKgFXJbJ8Gvmmsy1PyGuTHK1PLiNihwtf9X%2B7%2BnDmCzBdItMlPhdPCDry7vCmKsjOTVUY8v1alotE9On4gLdymkdT37wXbRZK85UlM3jwNhsLY7j%2FQWTyVZpykXYM%2BXZRcB7pZaVZRH5cMR9F4Q1r1hetTm22euOd5ZUk05ExQqUVqDg6X4GJEXnhcWPyMi%2FWL0HoCtqWSOwhOS0IdQCWbcFkhwufhddGfz74G0ZNQcszT5g5KGw51H549lMKAhmdcRqWMP%2Fj4RneNnfR0ZdA8ztIkxJdXaIrS1A5gLFTwzzThwu%2FNCaFUDrDUGpnJ5Ra3nu2WiOOa61Gw6VBe85rtWjUCpv%2BfBx4nFK%2FGfhBQBvIzYhdeP3VfwEAAP%2F%2FAQAA%2F%2F8N8hUOZAQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 graduatewonderentreaty.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWscVRx%2B0%2BQi9qASD1JaFrxYkM3M7GY2aw%2FBGFOCaVNbRfGib96b2TzzZt7w3rydzYoQWpEet%2F%2FB5NukoRqKXgVLmRQ8BISspxwM6B8giNCToOw2GPuD4fd9832H7%2Ff7va%2B37QlxYenx0jXVF1LS2bm6W3vjY8%2B7UlsVqe3VevPBp0HzSk1332oHdfdy7WrENtSs73qu67lebVnoKFa92bEIke23vXrbrTf9ujfXRE8%2Fz411YKgD3j0hr0Dw0fQTZwaCVUiT75Yis5Gr7M13EytprjS6fO%2FDdCNVRYrkDMbaQZzunbqhzNHyI6h0dxIXqvufMRQj4vz0CGG6dxoSYXdnkjOUiFKE%2FEUU3QqRrCBoBabuQPAjAjCO62tIk%2FvXlS7o5jOVjtURmX76F0QxItO%2FziBNHi5K0avdUtLmQqUGvbiE6FUQnQqZPUDePwdRHIDltyH4z2T26SrSZGfNSAXBy8nsQlQQcQUZDUCNAzv%2BhAMbO7CZg4Qf15jneS2XM%2BrOtxlr8FYUBtz1aCv2qOcG87BsHG%2BAPBuAyQGY3kKmt7Ah7o0Iub0DbR%2FDrJcw3IHJR8R5fwtdXqKICApDUFCCQhAUOUHRLXe5NL4p73NpbOiddv%2B0N8qhyjvbdFflnSgl29kJeXmynD%2FO%2F4CN6LhG%2FbjddmPPbbYCN%2FBYy2tzj3mUNqgfMe7DiBLCnJvM2xcjMnPhd2Tjg335D0J6ACMPwMRLoPYiaDFs%2BS7o%2BrA576Kf7vdimua0v1lnKgFXJbJ8Gvmmsy1PyGuTHK1PLiNihwtf9X%2B7%2BnDmCzBdItMlPhdPCDry7vCmKsjOTVUY8v1alotE9On4gLdymkdT37wXbRZK85UlM3jwNhsLY7j%2FQWTyVZpykXYM%2BXZRcB7pZaVZRH5cMR9F4Q1r1hetTm22euOd5ZUk05ExQqUVqDg6X4GJEXnhcWPyMi%2FWL0HoCtqWSOwhOS0IdQCWbcFkhwufhddGfz74G0ZNQcszT5g5KGw51H549lMKAhmdcRqWMP%2Fj4RneNnfR0ZdA8ztIkxJdXaIrS1A5gLFTwzzThwu%2FNCaFUDrDUGpnJ5Ra3nu2WiOOa61Gw6VBe85rtWjUCpv%2BfBx4nFK%2FGfhBQBvIzYhdeP3VfwEAAP%2F%2FAQAA%2F%2F8N8hUOZAQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWscVRx%2B0%2BQi9qASD1JaFrxYkM3M7GY2aw%2FBGFOCaVNbRfGib96b2TzzZt7w3rydzYoQWpEet%2F%2FB5NukoRqKXgVLmRQ8BISspxwM6B8giNCToOw2GPuD4fd9832H7%2Ff7va%2B37QlxYenx0jXVF1LS2bm6W3vjY8%2B7UlsVqe3VevPBp0HzSk1332oHdfdy7WrENtSs73qu67lebVnoKFa92bEIke23vXrbrTf9ujfXRE8%2Fz411YKgD3j0hr0Dw0fQTZwaCVUiT75Yis5Gr7M13EytprjS6fO%2FDdCNVRYrkDMbaQZzunbqhzNHyI6h0dxIXqvufMRQj4vz0CGG6dxoSYXdnkjOUiFKE%2FEUU3QqRrCBoBabuQPAjAjCO62tIk%2FvXlS7o5jOVjtURmX76F0QxItO%2FziBNHi5K0avdUtLmQqUGvbiE6FUQnQqZPUDePwdRHIDltyH4z2T26SrSZGfNSAXBy8nsQlQQcQUZDUCNAzv%2BhAMbO7CZg4Qf15jneS2XM%2BrOtxlr8FYUBtz1aCv2qOcG87BsHG%2BAPBuAyQGY3kKmt7Ah7o0Iub0DbR%2FDrJcw3IHJR8R5fwtdXqKICApDUFCCQhAUOUHRLXe5NL4p73NpbOiddv%2B0N8qhyjvbdFflnSgl29kJeXmynD%2FO%2F4CN6LhG%2FbjddmPPbbYCN%2FBYy2tzj3mUNqgfMe7DiBLCnJvM2xcjMnPhd2Tjg335D0J6ACMPwMRLoPYiaDFs%2BS7o%2BrA576Kf7vdimua0v1lnKgFXJbJ8Gvmmsy1PyGuTHK1PLiNihwtf9X%2B7%2BnDmCzBdItMlPhdPCDry7vCmKsjOTVUY8v1alotE9On4gLdymkdT37wXbRZK85UlM3jwNhsLY7j%2FQWTyVZpykXYM%2BXZRcB7pZaVZRH5cMR9F4Q1r1hetTm22euOd5ZUk05ExQqUVqDg6X4GJEXnhcWPyMi%2FWL0HoCtqWSOwhOS0IdQCWbcFkhwufhddGfz74G0ZNQcszT5g5KGw51H549lMKAhmdcRqWMP%2Fj4RneNnfR0ZdA8ztIkxJdXaIrS1A5gLFTwzzThwu%2FNCaFUDrDUGpnJ5Ra3nu2WiOOa61Gw6VBe85rtWjUCpv%2BfBx4nFK%2FGfhBQBvIzYhdeP3VfwEAAP%2F%2FAQAA%2F%2F8N8hUOZAQAAA%3D%3D HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3627561]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d44f4a36a045712612f299b2c6c83d15
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09b3d6f374d34af8faa51951a12df792
05005f32d2ad9d7274375322947978a6c92067b0
1f43de10138c3cbc1b0562c51c7f03f2ab053f1b3952321b43727031b1759663
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F43DE10138C3CBC1B0562C51C7F03F2AB053F1B3952321B43727031B1759663"
Last-Modified: Fri, 09 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2231
Expires: Fri, 09 Sep 2022 12:04:28 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
limitationvolleyballdejected.com/pixel/purst?dl=0&th=0&sc=0&rs=3283&rd=3283&fd=690&bv=22.8.v.2&tmpl=136
173.233.139.164502 Bad Gateway 157 B URL HTTP/1.1 limitationvolleyballdejected.com/pixel/purst?dl=0&th=0&sc=0&rs=3283&rd=3283&fd=690&bv=22.8.v.2&tmpl=136
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3283&rd=3283&fd=690&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: limitationvolleyballdejected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a4f36474c1f82a77217b70767ad9604
b3e5e892f64a497a5ca9db43bf3941e636796c64
88035f17212d931ff1c5c6cd817fe72aba0bb4b25f5b9c7592cbb78fe4e4ab3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88035F17212D931FF1C5C6CD817FE72ABA0BB4B25F5B9C7592CBB78FE4E4AB3F"
Last-Modified: Thu, 08 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7929
Expires: Fri, 09 Sep 2022 13:39:26 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0adcdf311c307962c09ff6e0b3a4d0a6
2f358cc3b121ec7340c2c38721c292cd7fb0ebb4
2bbda38cb2eb20dbe9286311420c33cd52e7582fd336fcbbcaa922464507635a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2082
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:17 GMT
Last-Modified: Fri, 09 Sep 2022 10:52:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58a904d9e0c744fd53e36510e2a62772
b4923ae8990ed5c2a6b68473222267cbd1613f6c
df73e385249a5c0a8d318b6fd83abff5a4a3b56aed0bc8b62895a87664f35936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 58a904d9e0c744fd53e36510e2a62772
b4923ae8990ed5c2a6b68473222267cbd1613f6c
df73e385249a5c0a8d318b6fd83abff5a4a3b56aed0bc8b62895a87664f35936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Fri, 09 Sep 2022 11:27:17 GMT
access-control-allow-origin: *
etag: "63186565-2b"
expires: Fri, 09 Sep 2022 12:27:17 GMT
accept-ranges: bytes
last-modified: Wed, 07 Sep 2022 12:33:25 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Fri, 09 Sep 2022 13:06:52 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Fri, 09 Sep 2022 13:06:52 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c0465ff9b3ac1a41eb8497485bc27fe
d4442d741e8d2278901ff9565b895790b7b7acfb
c8db2779b77f006e79da5fbac511fd2e3978dac73c6533a307742ac09585278a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8DB2779B77F006E79DA5FBAC511FD2E3978DAC73C6533A307742AC09585278A"
Last-Modified: Wed, 07 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5975
Expires: Fri, 09 Sep 2022 13:06:52 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5081
Expires: Fri, 09 Sep 2022 12:51:58 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
104.21.235.2200 OK 23 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 22d0be38cff37c2a380b8d37351ac495
92d8c874ea32e8a72d42338358e8ee973c4da1f0
e9f42bbe705429c897274d46011313905f41a829c154581a9b2185441662dbd3
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 955e830f1758ba7f998928b4088151c3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Sep 2022 11:27:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ychSYzLEjG54T6CBUy4E6VwazrYFjN2JJdN9CCs6GKtXlYgraBVw%2BIcMGooC0gebM1nCQyUrJJAecotm0fFezwbUQj70rVGBnXGSI8alcugLx1ErSqXduqiDuOZCLGFSlbosjik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e39b74dc9b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5081
Expires: Fri, 09 Sep 2022 12:51:58 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
esopertyva.shop/utx?cb=o1RLcK2EmnXx&top=xfantazy.com&tid=961956
54.230.111.4204 No Content 0 B URL HTTP/2 esopertyva.shop/utx?cb=o1RLcK2EmnXx&top=xfantazy.com&tid=961956
IP 54.230.111.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=o1RLcK2EmnXx&top=xfantazy.com&tid=961956 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Sep 2022 11:27:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 09 Sep 2022 11:28:17 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rs3XtGmAPj34JaRCxthwxoduS2bS1lmk00JIzXgGtWykVnOFDSlRpQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash c1a0275af549c4b7f0072f98e22c73b7
6fda0ecb972bf32e802d1d0fd1d7cd205ec86de7
eec211d6109b144b3893e82ad72dd5b89594a0512134ff1b7adf367001e10d1c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Sep 2022 11:27:17 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1527428272%3A1662722837710188&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqITSsBwskvvyhQP6bMMDd4Z51V4GzspfDVKywhOVvlbsouxH51gvaUVELuHNbZOUyfeIGZpQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-Qi5FFXMfT7B24t3xtZ1d-w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:Aee9hA1I8lJvrHA5GxX3pqL2neDTRA:J93vb8LLKnnNYV_g;Path=/;Expires=Sun, 08-Sep-2024 11:27:17 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 399 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 1a495fb71c39e21858f54d0d76a3db47
dbb7dac3825d04e131339e1c9dbd502cb26b9731
b44683d718ad1a505a7ba7e20dfd850cc4371be164fec0cccf2870e834ef11c8
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Sep 2022 11:27:17 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1693825670%3A1662722837716532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_-LLIXv2SUbzlNUdkUVHly5ROwl8aAtdPBZxe6fpTkWoQTYYAMOmYz2aaPBduABwIw0mAiQ
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-ilVGtDuIUePwo-zhTx4uHQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
set-cookie: __Host-GAPS=1:MELtM9Kda1qOzV0qyInIHQXWOBummQ:oPwK5Pm9xCZajKzX;Path=/;Expires=Sun, 08-Sep-2024 11:27:17 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=335
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=335
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F29%2Fa4%2F96%2F29a4965e1015f036b834d9da1d4a5e6c%2F1632399618.html&l=1379&fd=335 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3627561]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
45.133.44.4200 OK 103 kB URL HTTP/2 cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Size 103 kB (103209 bytes)
Hash a6f9d85841186595b69b4e30611f50c5
0e3bb594b39907179b88dd85b2ba0c9264de1a56
3c90f2c539f5c78b825287ea361c292b6c6c82785bbac427237c8a5bff963aa1
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:20:22 GMT
etag: W/"614c7106-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 09 Sep 2022 12:27:17 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d510006684c41cbdf97ea19087d5d77f
175e3a9e1727d7841003b6c6c228ba2e79d41124
d30f31a4fd293a2bf326f667d47745533d99a6088849033b9086578b3541f741
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D30F31A4FD293A2BF326F667D47745533D99A6088849033B9086578B3541F741"
Last-Modified: Wed, 07 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5081
Expires: Fri, 09 Sep 2022 12:51:58 GMT
Date: Fri, 09 Sep 2022 11:27:17 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/css/style.css
104.21.51.177200 OK 7.2 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/css/style.css
IP 104.21.51.177:0
Hash 934e3eae022e604fc920e13b009bc3b2
9cac722149584ef37b6cad54e0dc85da87285d35
d6538571bb69b55f3f8aa5778036068b0ddc85545c7973e04fb58c1fccae2ae5
GET /sb/ssp/sweep/social-box/white-small/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/css
last-modified: Mon, 24 Jan 2022 10:39:40 GMT
etag: W/"61ee81ec-123b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1214412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ttCdwSAK0Ic%2F201uYO5WWlWFma4R98CQeER2vFXvx8iaegUtuJhMOoz%2F0GUbC6Dw2Gh7rxBo5z1QyOLtQLKZj0GF58Fn1vV%2FbEXX3VhwAAk3dT2UhztorJBKxe5mqSaRtg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e7dd4d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 2.0 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Hash 3350d15523c45d877c4042552ff9ea6c
b1d72ef73780f49451a496cf6c199dbb7a759966
0728af904bb43a07954d87c749c53fbe2f40850e8253a3de278b2999216f9ae4
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: G447z2gDyrDO3DL3Qi+cajTdi6CWajjmJ9TstVlsA/6mEwtEsqVWHHhIFuvfwVCLnVi0azfb94LmWw7tFyFufQ==
date: Fri, 09 Sep 2022 11:27:17 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.1 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash eae311bcecac05158cca12c143e31234
0c5416bbb5b972aeca677f7d724169738590ef09
9eef9d66707e5131d41f8779cab097dce51aa64f1538bd52c989c7449acc49de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2082
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:17 GMT
Last-Modified: Fri, 09 Sep 2022 10:52:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
pogothere.xyz/
188.114.96.1200 OK 531 B IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash 52d28c4c4fed2f7a1827ee34eb4c88a0
d0dbd390e788e4844452270205167095f40c9bff
dbbf867899f5d4c59dd8ab72b47464bb50753771a4907fdffc2847371b8cd2fc
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/plain
set-cookie: csu=1585344541078660@1@1662722837; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqzwrY7dGMjoS8eKQz1MX5wrZt5IJysrPPUwsa%2FVeZo%2F0dnGyNx3ThQiNiZIPWcMYmySwGodLtFRvbDYo%2F1mC5Ec1DvaX34vvGXNtmNQDShbmmnh1nVpBVPg0nG0lEes"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92e7ba1fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/f9/9d/01/f99d017ba167c78d15f435ca5fc269eb/1660216372.jpg
45.133.44.9200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/f9/9d/01/f99d017ba167c78d15f435ca5fc269eb/1660216372.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 75c2da675a8130d297259b4c81f40394
48f05f215f052b6c4ef7647c144a195168b2e907
c553df064f536d97adb89b9ca05c95401cf394e1dec242596d7f90ab0badb3ed
GET /si/f9/9d/01/f99d017ba167c78d15f435ca5fc269eb/1660216372.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 12106
server: nginx/1.17.6
last-modified: Thu, 11 Aug 2022 11:13:00 GMT
etag: "62f4e43c-2f4a"
expires: Sun, 11 Sep 2022 11:27:17 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
esopertyva.shop/floater?cs=bVFRbjJYYGVbBlVnY1gEWGJmVgQ&abt=0&red=1&sm=83&k=cara%20panty%20xfantazy%20panties%20going%20wank&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_AAaf=1662722828231&crc=1
54.230.111.4200 OK 2.9 kB URL HTTP/2 esopertyva.shop/floater?cs=bVFRbjJYYGVbBlVnY1gEWGJmVgQ&abt=0&red=1&sm=83&k=cara%20panty%20xfantazy%20panties%20going%20wank&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_AAaf=1662722828231&crc=1
IP 54.230.111.4:0
File type ASCII text, with very long lines (4111), with no line terminators
Hash 0470c773b5240fb6aafe5823b10c3683
ba97fc22d91a68c6876825d85a021abd4df7f923
cae50dc3e9b341e545ea60191fd94125a94af7467bdca415a04e05df32c94a02
GET /floater?cs=bVFRbjJYYGVbBlVnY1gEWGJmVgQ&abt=0&red=1&sm=83&k=cara%20panty%20xfantazy%20panties%20going%20wank&v=0.8.9.1&sts=0&prn=1&emb=0&tid=961956&fs=1&t=600&m=1&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&jst=4&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&aa=td1_oi3_&_AAaf=1662722828231&crc=1 HTTP/1.1
Host: esopertyva.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 2894
date: Fri, 09 Sep 2022 11:27:17 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://xfantazy.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=5b16cbcd-753a-4452-b9ac-9784ba36e45f
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VL9ZLvCNi35TDGJ9rbr13wEFD-u8RO_7YXf1DxPNRr1CA19kXbQqXA==
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 16 kB URL HTTP/2 a.focusde.info/api/spots/303892?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash eb651c35f4455486c38e326ff5a56ba8
49626d132870bbc8e031b4fa02a8cd6c5df430d0
94eda81da41e85cc2136b2dd7f0565d2ab726e28a4dbbc117f73dd2c6f23a896
GET /api/spots/303892?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=bVu09lBHVqbJP1Ngu2X0; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/I-iWvHaum6m-_G-T-w/w320h240/0.jpeg
188.72.235.186200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/I-iWvHaum6m-_G-T-w/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 72f2e856a27271534336f34a7cd7cc40
234a89722b0796d32a5dcf0083c491775e2235e5
3c7554bc5b4b6b1e0e47061a7fcc7b0b158b61170f70e63d490281c73f10a20b
GET /thumbnail/I-iWvHaum6m-_G-T-w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 10861
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/I7vH6yCvnK3q-D_G-g/w320h240/0.jpeg
188.72.235.186200 OK 11 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/I7vH6yCvnK3q-D_G-g/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 45a2c578bc610e4bdcec6d34c4330275
366fb172204aeb9b4855986aa4c3cb848786aa7c
a3ce258c706db1b888b31426f71f4be00b7e6e95305a2eb71f1c11603845d025
GET /thumbnail/I7vH6yCvnK3q-D_G-g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 10897
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
a.focusde.info/api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/spots/395190?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-length: 0
cache-control: private
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/IuzHvn6nmKe9_zSWqQ/w320h240/0.jpeg
188.72.235.186200 OK 9.8 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/IuzHvn6nmKe9_zSWqQ/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 9908d417149620e249f730166a4aec2f
66b1648f9352f6e0f3d8116ffba7721f239a7dcd
c97eae752c543e8d67f2219523e7b57aa92fa1d6f48920a0d21246e2a8a7d85d
GET /thumbnail/IuzHvn6nmKe9_zSWqQ/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 9827
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/cOTB63Tyn62_-D3D-g/w320h240/0.jpeg
188.72.235.186200 OK 15 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/cOTB63Tyn62_-D3D-g/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash dbfc0343254f7b014c1f35ad85c232a7
e031bbd6455c06db191571d41f5f5dc0a246c62f
4ce68d5de90eddbbe1455ddde0586fb34b28b73d4301a09423335c86d5b64d3e
GET /thumbnail/cOTB63Tyn62_-D3D-g/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 14633
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fstyle.css&l=4667&fd=93
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fstyle.css&l=4667&fd=93
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Fsweep%2Fsocial-box%2Fwhite-small%2Fcss%2Fstyle.css&l=4667&fd=93 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3627561]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:17 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/tags.js
172.67.69.220200 OK 2.0 kB URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/tags.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (3872), with no line terminators
Hash ca22a7578d4afe4c6f5b6e2ff619db12
cad6e37fb4558c4af5b43d889ee192fedbd8ce57
e1293a3c2564d7805c23e3f4ce6a07599ebb9aed8daf39f39e28e465c4a1a984
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/tags.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxNzViZWQ5M2Y4ZmEzIiwiaWF0IjoxNjYyNzIyODM1LCJleHAiOjE2NjMzMjc2MzV9.spsNvElaqB8Fg8rEADo6tH-5zR7Gabhm357XaF7h1RY; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiYThiNDFhNmNjYTkzNSIsImlhdCI6MTY2MjcyMjgzNSwiZXhwIjoxNjY1MzE0ODM1fQ.FU0sJlpPCjIbExsf-0_SIXvMq3hWXU-lyDurYh3oUvs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:01 GMT
etag: W/"f20-1826d2c1430"
cf-cache-status: HIT
age: 3032880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzKt4bKW%2BS%2FcnopLpUZge5Dr371m9JyWtHIaEiIt6M5BnSiT3us3emM9oj8kytaTIRNNme6XrrdwOfWJHZenx4dNW8zyc9IG4hDgLw%2FYPabI%2BQwJK%2BnxHfAHXe1T3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92dc0e6fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 14 kB URL HTTP/2 mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 5419ea5ecc5244de90d15d8957007f21
00f4ff71dbdac987eba2e661d4dcdb1a8bce987a
0993bbda8ecf3fef5c940658ab51515d519a8a33d1045f4f2ee0eb3ac743b9f7
GET /watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5e0ed14deac0b76cd9c54962&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hjjpdks93ktul5qajnc%3Afp%3A1347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1662443463105%3Ahid%3A944821932%3Az%3A0%3Ai%3A20220909112707%3Aet%3A1662722827%3Ac%3A1%3Arn%3A587328777%3Arqn%3A1%3Au%3A1662722827282372667%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1662722825029%3Aco%3A0%3Awv%3A2%3Ads%3A0%2C17%2C548%2C0%2C348%2C0%2C%2C262%2C11%2C%2C%2C%2C1371%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662722827%3At%3ACara%20Cum%20-%20Wank%20In%20My%20Panty%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Fri, 09 Sep 2022 11:27:16 GMT
access-control-allow-origin: https://xfantazy.com
set-cookie: yandexuid=6754160081662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6754160081662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1439124571662722836; Path=/; SameSite=None; Secure
i=xPN5U/Ly4+80+o0r+fh1AD1EUDrsM8WvXkwgSjs8Ym5BoNQYqQN8AkJ2GPLeKkCwXr3dzWP9tQ8YL/2O6HRhEfQ0y+0=; Expires=Mon, 06-Sep-2032 11:27:16 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694258836.yrts.1662722836#1694258836.yrtsi.1662722836; Expires=Sat, 09-Sep-2023 11:27:16 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 09-Sep-2022 11:27:16 GMT
last-modified: Fri, 09-Sep-2022 11:27:16 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
172.67.69.220200 OK 49 kB URL HTTP/2 xfantazy.com/_next/static/chunks/242.e6062ff562716b6e41db.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 186bd2c2416f005d9d147b08f101fb6a
89b752a64944c9c6c28f2b4fb87a544c1197f0aa
3641a348a49f7c441d20eaa3c030c965d77bbe7f55267e2db9263f6642697724
GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 6308965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzTvMvtPdHa7Q2Ms6ghi506VU7j6YtWzzN1jbej3Db5XeJDzSKUzcff77A3y2aoWg14S%2BXWnVzTxmO5LZ%2FfTauuTbZqhEYrcKhGcvZSQskIsHmFbor9P89nK1eTrdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d8e986b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-cache.k2s.cc/thumbnail/JuyW7yWvmam_qjzGrg/w320h240/0.jpeg
188.72.235.186200 OK 12 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JuyW7yWvmam_qjzGrg/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash c23aa9f341dd5e6f8e5367bb0f3cd70e
f423ead49e2495061b133091243bbd79cfd139f8
900839ed8edfe646ea9eb032e0fa329bc82d84480667773001bf87d97fd224b8
GET /thumbnail/JuyW7yWvmam_qjzGrg/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: image/jpeg
content-length: 12157
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2
a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 3.7 kB URL HTTP/2 a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash 9b28c16f9d9705f13ddc02913e46df50
d2625fb758397a5a20dba4be0c42b9410d3e730e
2867fa1d52f1de3e29b27626fa3844c049a6b6dcfa1a40e291d4cb0cd2c43df7
GET /api/spots/312873?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=97B3iKVdW3Y8rp5AUVCg; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/click/4991676438097663095?c=90
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/click/4991676438097663095?c=90
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/4991676438097663095?c=90 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/api/spots/312873?p=1&s1=%subid1%&kw=
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:18 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
graduatewonderentreaty.com/pixel/sbs?c=1
173.233.137.44502 Bad Gateway 157 B URL HTTP/1.1 graduatewonderentreaty.com/pixel/sbs?c=1
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d41a93f6d3a61aa8e32d7a0afcfbb2d0
77718bef53accc9fd03bea992dc25e4086a17d50
3f72ba697c379550b6005be4ed325a33b228eea31e056a4dfa1150c6ace3f6cd
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3627561]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 502 Bad Gateway
Server: nginx/1.19.5
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: text/html
Content-Length: 157
Connection: keep-alive
a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 7.0 kB URL HTTP/2 a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
Hash cf01ec369baf39c28a8b02d91228a378
faf852a6970d24aed8ad859ea5c867bee359537b
055af57744cca2c9d06eee5ee9a9ac7792897165dbf3ef69488ff9eafc719369
GET /api/spots/303891?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=B7KvbXTBZTZRZ7l63o43; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e2ef799884d1bd707e418aed4600e72
55124359060482a41b6e8af7fbada60cf1abdf82
5204683a7dff6f0b522866e9e55af93ceeaa826b29a706eaed1412a98b824bbb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5204683A7DFF6F0B522866E9E55AF93CEEAA826B29A706EAED1412A98B824BBB"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15255
Expires: Fri, 09 Sep 2022 15:41:33 GMT
Date: Fri, 09 Sep 2022 11:27:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 1.7 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1bac1f1c927563d1519dde412332e0d5
20413422a91550427e82928e3524a173bb44130b
c87ef0cb719092e3ac87adf94eed0a6e970b281188d8f1c0c50af3ca6b5614f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5204683A7DFF6F0B522866E9E55AF93CEEAA826B29A706EAED1412A98B824BBB"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15255
Expires: Fri, 09 Sep 2022 15:41:33 GMT
Date: Fri, 09 Sep 2022 11:27:18 GMT
Connection: keep-alive
static-cache.k2s.cc/thumbnail/JO6XvXGiz62--G-T_w/w320h240/0.jpeg
188.72.235.186200 OK 13 kB URL HTTP/2 static-cache.k2s.cc/thumbnail/JO6XvXGiz62--G-T_w/w320h240/0.jpeg
IP 188.72.235.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Hash 979583ab0dfe1f829cb86a1c01173123
68cd392ec075437fc34ed5f5ed0f51a122600114
e51609311e1826dde957f80d61f243fe529bbe33cd85f6fc99391b9a5a452e07
GET /thumbnail/JO6XvXGiz62--G-T_w/w320h240/0.jpeg HTTP/1.1
Host: static-cache.k2s.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: image/jpeg
content-length: 12681
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4787912?r=81700
104.21.52.148200 OK 1.8 kB URL HTTP/2 a.bestcontentfood.top/warp/4787912?r=81700
IP 104.21.52.148:0
File type ASCII text, with very long lines (4178), with no line terminators
Hash 70ba1d2a1e53b7b78433d04315f53d3e
e4a0f6e96e5c060b40a31a3d7dc6bd64b58bed18
740acf05d19608c94075ddcebe9ee3da34db724be6bc392cce143e34a2eaf269
Analyzer Verdict Alert fortinet Phishing
GET /warp/4787912?r=81700 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k25mP9Is4eKAK6A8Y6h4%2FmpO1MFTMrnsZfjd1UqCy8r4kuXxTbj7TIGTdTL6krDDNE67zPTR42qWNrpIzyUnIfQtqznA3Ijy%2BwPRAQZIQcHLHIBVD1huQzNsMRZtUP3ONPxVTqSWMaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92eadf820afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
104.21.62.145200 OK 659 B URL HTTP/2 a.medfoodsafety.com/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true
IP 104.21.62.145:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09213e2d38005bb20d1bbda2625fba4c
8ab9b6032474d1746dc6d6128a819cdbd57b1444
835c0f82904e52b56a5557d3532771a6d433cd077db89c0a0e3582099ba4ba78
GET /loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iw%2Bwgy88EEtXy7osYPkFycfCKJFBkUd8yZygHRl6Pt5fnsHVor54n323xMWQaOWQhBat98em9iIw6axSCsfu5eGp4E8tnsarJHs2XNAZWVK3eMOcc%2B8DKncYpc6rc1kuo42IZFpA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92ec487cb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.medfoodsafety.com/i?tid=c6a3d278-2f4e-4b7d-80aa-e4eb1d8caf4a&cf=affbgbbhch
104.21.62.145200 OK 60 B URL HTTP/2 a.medfoodsafety.com/i?tid=c6a3d278-2f4e-4b7d-80aa-e4eb1d8caf4a&cf=affbgbbhch
IP 104.21.62.145:0
File type ASCII text, with no line terminators
Hash cea81d6017b53c6c7bd076407db21a0a
063acf4f87ec5b0c7f9631779c264ee045945c52
1665c0045c0d9a05857431f46362283793d0b844d9e157692079bcbc69ff6154
GET /i?tid=c6a3d278-2f4e-4b7d-80aa-e4eb1d8caf4a&cf=affbgbbhch HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.medfoodsafety.com/loader?a=4788750&v=2&t=30&s=4776911&p=8575&if=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: image/gif
content-length: 60
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCdCbTOkPI%2BkZRtIOaZoy2CWvCGncp51ibYqCTc9LgxYzxX8FJEUNGODTPxfuNx20Sl5cYp13aVTUcuS5fD3obfztlnrIthW8%2FTMqy%2FVyqTT%2Bb7JsD6TUyzcc3r776lc455rbIfS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92ed39f7b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788752?r=25532
104.21.52.148200 OK 2.2 kB URL HTTP/2 a.bestcontentfood.top/warp/4788752?r=25532
IP 104.21.52.148:0
File type ASCII text, with very long lines (4179), with no line terminators
Hash bc7fdaf6f026631f4d5b97460d4c4a13
0517fdd6f4bf30386e97dea03949e845d0a2b7fa
c9e491281ac01c6d7c6788b716f9dd80c88f2a62c3f62d0852042685e4dbd998
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788752?r=25532 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8%2FYQyh%2Fy%2FOkbYArXX3No2mulPtdm2F3j0MoPCfmXhmFOr9cED%2BmTDfNRnVlTYdJFwEiwtIxyjt7E4a477B%2FOI8JMNxqA1lBLTqS3SomQjMCZUOgH9pUxa5upIaRq4BPClLaPN2AnWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92eaef840afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8809
Expires: Fri, 09 Sep 2022 13:54:07 GMT
Date: Fri, 09 Sep 2022 11:27:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1fe0327a01f21c54fc9bfc3efc87c68c
11e6ecf4707288032f021916e04ed93a46434da1
6fcc309bb04b920a7f738685e528507aeb74a0d37b935caf4c387d665c40b6de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FCC309BB04B920A7F738685E528507AEB74A0D37B935CAF4C387D665C40B6DE"
Last-Modified: Thu, 08 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8809
Expires: Fri, 09 Sep 2022 13:54:07 GMT
Date: Fri, 09 Sep 2022 11:27:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 60e8d1a26fb4d21ab2b65c86524cc473
5451e67f0ab36b344d0968363830c3c5527e4094
118893e422e270f638e21ffd3c72ab632a6502740637df2d60a376dce72f2a42
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 08:27:03 GMT
Expires: Tue, 13 Sep 2022 08:27:02 GMT
Etag: "5451e67f0ab36b344d0968363830c3c5527e4094"
Cache-Control: max-age=334183,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747f92ed58040afa-OSL
poweredby.jads.co/js/jads.js
185.94.237.101301 Moved Permanently 1.5 kB URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.237.101:0
Hash 8cdd984019f1460c6b57eb31a3a569a9
7f287e4e283a195c5cf0fb4ce8021338bb81d940
934472a5c6a7f7932cd6c51075919d996bee5abc49d2234427df5a428f8c0fc3
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6b3df226d85e006b0835c081fab72e2f
d9d95716282bf33aaba3bb8eed7345c712926436
b14993246ea35867e99a4fe00ddb665247a0350f5b40c184f8f6f76c25b770a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B14993246EA35867E99A4FE00DDB665247A0350F5B40C184F8F6F76C25B770A8"
Last-Modified: Wed, 07 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6989
Expires: Fri, 09 Sep 2022 13:23:47 GMT
Date: Fri, 09 Sep 2022 11:27:18 GMT
Connection: keep-alive
poweredby.jads.co/js/jads2.js
185.94.237.101200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.237.101:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://media.aso1.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 07 Jul 2022 14:07:12 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62c6e890-eae"
Content-Encoding: gzip
unseenreport.com/pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 297ee533be117f1a1504244c75978456
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a2c67d42-227a-4405-a6ee-edd848a326d5&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=4d0afc2425eea6b0cd5a468c9f8a69ed&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 09 Sep 2022 11:27:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08807c4f51a49baaf245e4326207b13b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b8ca336cf66ab267bcd86a34faf76fa4
1f01b8a499a7c7a1211a421f80dacda60aa45d9c
411a7db8ec3690a9377c066e920c2e4fe4b3c9b38bc539ae1e87600f01c9d88f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "411A7DB8EC3690A9377C066E920C2E4FE4B3C9B38BC539AE1E87600F01C9D88F"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2224
Expires: Fri, 09 Sep 2022 12:04:23 GMT
Date: Fri, 09 Sep 2022 11:27:19 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5ba86cbbb1a7f6e160cd2d1489171d91
18613fb482dd610e34781bcb9692c52161ca0d3a
0083cc7845868f10309e6f716e2065c6f1620559c3987a6abd3d9de807524e30
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 05:56:29 GMT
Expires: Fri, 16 Sep 2022 05:56:28 GMT
Etag: "18613fb482dd610e34781bcb9692c52161ca0d3a"
Cache-Control: max-age=584348,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747f92ed69260b45-OSL
cdn.tsyndicate.com/sdk/v1/video.instant.message.js
8.254.252.214200 OK 3.5 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.js
IP 8.254.252.214:0
File type ASCII text, with very long lines (539)
Hash b4ccf5d14fbe6be7a62784f96fbed92e
9d3391b4a10cc28bb455ebfbe1caccb3db1c4efd
e3f294d4f9f7227ebaaeb508792345e6bda148885c2d6335e8595338312b67e1
GET /sdk/v1/video.instant.message.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: application/javascript
content-length: 3512
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62d93607-21d4"
age: 4319448
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 053bd1450c41c147de01d2f3c41a6ee9
f344a58acc46887d8d7a2838d26c755a47d16185
d76c5bd86abf3c91cf8717f112b626b7cd3d9d8b73d61c80b9979ac875862f8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D76C5BD86ABF3C91CF8717F112B626B7CD3D9D8B73D61C80B9979AC875862F8D"
Last-Modified: Thu, 08 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19562
Expires: Fri, 09 Sep 2022 16:53:21 GMT
Date: Fri, 09 Sep 2022 11:27:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a14cec2825b9bcb3df9709fcd0426b4b
461758a5e3b80e82d3df84e6d382482d63de0c5f
136cdcd6b251b8a84799bb7e6168d90cc9e88e3410b24ded72e34a31e757c2e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "136CDCD6B251B8A84799BB7E6168D90CC9E88E3410B24DED72E34A31E757C2E0"
Last-Modified: Fri, 09 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Fri, 09 Sep 2022 12:38:53 GMT
Date: Fri, 09 Sep 2022 11:27:19 GMT
Connection: keep-alive
roomimg.stream.highwebmedia.com/riw/sweet_ary.jpg?1662722820
104.19.241.83200 OK 16 kB URL HTTP/2 roomimg.stream.highwebmedia.com/riw/sweet_ary.jpg?1662722820
IP 104.19.241.83:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 480x270, components 3\012- data
Hash ea080d04c78a0fe95d20770cd67d2c95
32a876450c923083f731b4311e9bef07e0c9d1b8
63ec16acd1540624b3de1663ef490f9dcbf07aa1ed955ef6383729c92e830358
GET /riw/sweet_ary.jpg?1662722820 HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: image/jpeg
content-length: 16286
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 19
last-modified: Fri, 09 Sep 2022 11:27:00 GMT
expires: Fri, 09 Sep 2022 11:27:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IFDS98A%2FqkOWNIaxnkV3ggwCDYaL%2F67f1hf8cAREzyiS1MwwplbHgjosWdXvKAoAZlJJtNQT%2B8OwtVHOwzhxSRh8CKVcMTSo9bH1BLgGL1qlAgBMnSuL4jtQFaIA94qOaSTh4r9pR%2FxJANx%2FO10RPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=AakxnQfzWcYYi1WUw5h_dVDvaBRdBxgNeRUEY1LwlSE-1662722839478-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747f92f2aa63b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 34 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
Hash 997e8c31e41704addcff177b10d1e940
d9788655c98f553ec71420422598af0b29dfda8c
c53e4b6e0ba61c27533108858690405a0d6e556e41dfd8872670ea75d8964a3d
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Sep 2022 11:27:19 GMT
via: 1.1 varnish
x-served-by: cache-bma1639-BMA
x-cache: HIT
x-cache-hits: 2686
x-timer: S1662722840.664436,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfTZjeK4%2B5cmqRR2o7aKkn4rEijKI16Mkp7YYyEjudfcc%2FevHedkBGD4sc%2FPWbTgM09cud3c0MeRh2z89g1sjyev5ha97CSwZYMA%2BlRKYbKMlScoSKGqmSoBv6BzGzb%2Bn2ZWZeE57l9njt%2Bpzhjz031%2BEvcx4Y6bXZCHnbiKFBx3JFx3A1jFau2CoPZNOzKXhuW%2Ftua7FPgtoEtGrMXf3uMYuIU%2BTkSfgSbHUFQE9y9DF558HWPrdxD6m8Et45nhdE6bQndR1FeRbnZ2MnO2EtTKnOdw%2F%2B9qDAehfH4kB4xrGWf7t7RFdu7oyvLvlstSurTFp%2FY5m7JS%2FX0l%2B%2BqzUobubxoR1%2B8KSbApHz4nrLlCs8l5WuWfbVAUiqzpI1Q7Mdl%2B75Kbju7vuBM7oqV228tLfcLo6wlndfgdFL8AEFjdvX7%2Fel%2FuP7CnyBTwziPvrtQCKRriGIbtrjsWc1gsst7UjBUzu%2BadnLZnHggu5QaPPE79mdY8igt%2BwcAAP%2F%2FAQAA%2F%2F9J2L07VAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662722837&pid=91283&sub2=icon&auid=568857fbf6f262ebba4cf66f69d6f918&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
192.243.61.226307 Temporary Redirect 0 B URL HTTP/1.1 casualproof.com/winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfTZjeK4%2B5cmqRR2o7aKkn4rEijKI16Mkp7YYyEjudfcc%2FevHedkBGD4sc%2FPWbTgM09cud3c0MeRh2z89g1sjyev5ha97CSwZYMA%2BlRKYbKMlScoSKGqmSoBv6BzGzb%2Bn2ZWZeE57l9njt%2Bpzhjz031%2BEvcx4Y6bXZCHnbiKFBx3JFx3A1jFau2CoPZNOzKXhuW%2Ftua7FPgtoEtGrMXf3uMYuIU%2BTkSfgSbHUFQE9y9DF558HWPrdxD6m8Et45nhdE6bQndR1FeRbnZ2MnO2EtTKnOdw%2F%2B9qDAehfH4kB4xrGWf7t7RFdu7oyvLvlstSurTFp%2FY5m7JS%2FX0l%2B%2BqzUobubxoR1%2B8KSbApHz4nrLlCs8l5WuWfbVAUiqzpI1Q7Mdl%2B75Kbju7vuBM7oqV228tLfcLo6wlndfgdFL8AEFjdvX7%2Fel%2FuP7CnyBTwziPvrtQCKRriGIbtrjsWc1gsst7UjBUzu%2BadnLZnHggu5QaPPE79mdY8igt%2BwcAAP%2F%2FAQAA%2F%2F9J2L07VAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662722837&pid=91283&sub2=icon&auid=568857fbf6f262ebba4cf66f69d6f918&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 192.243.61.226:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /winnotice?sid=H4sIAAAAAAAC%2F1RTz2skRRSu0b0sXvyx4sXFOSrIpHsm0%2BlxD8EYI8HsZtl10dtSXVWdPNPT1VR1TU9yCgriSQb8Bypfsgnq4o%2BDN43SWfAQEDK3gObiweuisGeZMSb4oHiv3vcO36vvq0923BlrwfHTxZt6i7KMz3RbQfPVD8LwRnOFcjdsDuPofjR7o2kGb%2FSiVvBa8x0lNvRMOwiDIAzC5hIZlerhzAQEFQ97YasXtGbbrbA7i6HxsK4ByxuQgzP2PEiOrzxqXAOJGnn%2F20VlN0pdvP5232W81AYDeXAv38h1laN%2FWaamgTQ%2FOJ%2BGtidLh9D5gylF6MHFYEJj1vjlEEl%2BcE4MyWBvyi3JoHIk8hlUgxoqq0G8htAfg%2BQJA4TErVXk%2Ff1b2lR881%2BUT9Axu%2FLkb1A1Zld%2Bv4a8%2F%2FVCRsPmXZ25knRuMUw9aFiD1moU7gjlFgNVRxDlRyD5K5t5soK8v7dqMw2Sfro7UQ1Ka2RqBG4Z3OQQg0sbcEUDfXnaFGEYzgVS8CDuCdGRcyqJZBDyuTTkYRDFcGJCb4SyGEFkIwizjcJsY4NGMO4zkK3huAcVHoXd70VhrxtBieP5PzrTAKfTZjeK4%2B5cmqRR2o7aKkn4rEijKI16Mkp7YYyEjudfcc%2FevHedkBGD4sc%2FPWbTgM09cud3c0MeRh2z89g1sjyev5ha97CSwZYMA%2BlRKYbKMlScoSKGqmSoBv6BzGzb%2Bn2ZWZeE57l9njt%2Bpzhjz031%2BEvcx4Y6bXZCHnbiKFBx3JFx3A1jFau2CoPZNOzKXhuW%2Ftua7FPgtoEtGrMXf3uMYuIU%2BTkSfgSbHUFQE9y9DF558HWPrdxD6m8Et45nhdE6bQndR1FeRbnZ2MnO2EtTKnOdw%2F%2B9qDAehfH4kB4xrGWf7t7RFdu7oyvLvlstSurTFp%2FY5m7JS%2FX0l%2B%2BqzUobubxoR1%2B8KSbApHz4nrLlCs8l5WuWfbVAUiqzpI1Q7Mdl%2B75Kbju7vuBM7oqV228tLfcLo6wlndfgdFL8AEFjdvX7%2Fel%2FuP7CnyBTwziPvrtQCKRriGIbtrjsWc1gsst7UjBUzu%2BadnLZnHggu5QaPPE79mdY8igt%2BwcAAP%2F%2FAQAA%2F%2F9J2L07VAQAAA%3D%3D&ap=${AUCTION_PRICE}&l=3617726&sub3=1662722837&pid=91283&sub2=icon&auid=568857fbf6f262ebba4cf66f69d6f918&icon=https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: casualproof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b12c591ec00d14adb283a3804dc6e5c4
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bb7ed03674a0fea94263bd4fb5706283
12a82f2c23ff610d8b57a394dacb5fdd7c233d08
26302a9c4971da6b32f44242114d76c77ee4f0b2ebc417a76105bbb6d733810f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 03:56:19 GMT
Expires: Wed, 14 Sep 2022 03:56:18 GMT
Etag: "12a82f2c23ff610d8b57a394dacb5fdd7c233d08"
Cache-Control: max-age=404338,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747f92f3cc530af6-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.248.225.238200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.248.225.238:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=d3d4fd0a-c755-438b-b8cc-d89aafc9dd83; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDB4wcMmbk6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 15988576
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0447338798f1ce07cefc1dce54418334
29421a64ec1098ea11c9d10b528a80164cb893b9
3ecc3c2939ee1c4ba0d690c0d93de05aa2cffc108d13d1c5f1df9090b34686e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECC3C2939EE1C4BA0D690C0D93DE05AA2CFFC108D13D1C5F1DF9090B34686E2"
Last-Modified: Tue, 06 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4019
Expires: Fri, 09 Sep 2022 12:34:18 GMT
Date: Fri, 09 Sep 2022 11:27:19 GMT
Connection: keep-alive
pt-static3.ptlwmstc.com/npe/_common/script/adblock/advertisement-v552169.js
93.93.51.200200 OK 21 B URL HTTP/2 pt-static3.ptlwmstc.com/npe/_common/script/adblock/advertisement-v552169.js
IP 93.93.51.200:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type ASCII text, with no line terminators
Hash 01c6e7ecb819ef28b0c9b962513a1596
1a49f493db7b91ed34a7040d36732352b9a5dc39
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
GET /npe/_common/script/adblock/advertisement-v552169.js HTTP/1.1
Host: pt-static3.ptlwmstc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: application/javascript
content-length: 21
last-modified: Fri, 09 Sep 2022 08:57:06 GMT
etag: "631affe2-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
45.133.44.9200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:05:18 19:19:17], baseline, precision 8, 200x200, components 3\012- data
Hash 70cf8250da1a25a7b445231428af7828
a849d338423d2919949340838c768bba90b9081c
b7060bc46dc459a00d4124523a26f0cbf31fba31d41fccae9f82bedaf22c1186
GET /cti/34/74/d7/3474d78aff0bf2df5207c5e1bcb89147/1591703087.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: image/jpeg
content-length: 33103
server: nginx/1.17.6
last-modified: Tue, 09 Jun 2020 11:44:50 GMT
etag: "5edf7632-814f"
expires: Sun, 11 Sep 2022 11:27:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/video.instant.message.css
8.254.252.214200 OK 4.7 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/video.instant.message.css
IP 8.254.252.214:0
File type ASCII text, with very long lines (4667), with no line terminators
Hash 9fba1a3e7202a1124dec5d68f4f07bd1
6d880383c56bbe8244e98f135c7e8ef76e65ebfb
857634cc0df9324a79abf3ae0dc675507c22f020260e3c6ba8b2f2d04c1d24ec
GET /sdk/v1/video.instant.message.css HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Cookie: ts_uid=d3d4fd0a-c755-438b-b8cc-d89aafc9dd83; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDB4wcMmbk6NJH
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: text/css
content-length: 4667
etag: "62d93607-123b"
last-modified: Thu, 21 Jul 2022 11:18:31 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 4319458
accept-ranges: bytes
X-Firefox-Spdy: h2
as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286
216.127.52.241200 3.0 kB URL HTTP/1.1 as.sexad.net/as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286
IP 216.127.52.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0c6d5155ef9e51e10c68786fb28fc505
86edb29f6752c09d9445c42454b970a5cab09746
e40c2827c0bd93120344ff2f9c4b75739d962d3bc67c40a5aeb12bf57f2fc19e
GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286 HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11662722839937_0_5106_4398=0001000; expires=Sun, 09-Oct-2022 11:27:19 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=8448-1662722839; expires=Mon, 06-Sep-2032 11:27:19 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
216.127.52.241200 4.9 kB URL HTTP/1.1 as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
IP 216.127.52.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (627)
Hash cdeb76395fbdc719dbc7dc8ae37edf63
409d12ee6de831960cbafc1aad838403d21652f2
5938914c62805ed6a767da00724a50bd6f997277179ce67dacfa9b7ab670c531
GET /as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.18.0
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11662722839937_0_5104_5671=0001000; expires=Sun, 09-Oct-2022 11:27:19 GMT; Max-Age=2592000; path=/as; secure; SameSite=None
iid=7867-1662722839; expires=Mon, 06-Sep-2032 11:27:19 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip
bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=703&ck=1&ref=https://chaturbate.com/tours/3/&ap=32&be=433&fe=618&dc=540&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662722830343,%22n%22:0,%22r%22:0,%22re%22:206,%22f%22:206,%22dn%22:206,%22dne%22:206,%22c%22:206,%22s%22:206,%22ce%22:206,%22rq%22:213,%22rp%22:412,%22rpe%22:412,%22dl%22:420,%22di%22:534,%22ds%22:539,%22de%22:546,%22dc%22:617,%22l%22:617,%22le%22:619%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOUwADBwFfA1JTVAFSCBh4Yy8TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtXVlFTUlRaGAEDBwQUVQdSUU5fDQUOHAcCDwAGB1RbXwkNWhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRgAFCgAIUwAEXVUGVkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRQx0bAAEXDRUDZkZJXQhFZhUHEBAQOVdGGwtDEXsNFxEWBgJ1Wl5YD35PBBAPBRpGXVxKUg5HXBMbPBQCAVwVG0wc&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=703&ck=1&ref=https://chaturbate.com/tours/3/&ap=32&be=433&fe=618&dc=540&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662722830343,%22n%22:0,%22r%22:0,%22re%22:206,%22f%22:206,%22dn%22:206,%22dne%22:206,%22c%22:206,%22s%22:206,%22ce%22:206,%22rq%22:213,%22rp%22:412,%22rpe%22:412,%22dl%22:420,%22di%22:534,%22ds%22:539,%22de%22:546,%22dc%22:617,%22l%22:617,%22le%22:619%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOUwADBwFfA1JTVAFSCBh4Yy8TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtXVlFTUlRaGAEDBwQUVQdSUU5fDQUOHAcCDwAGB1RbXwkNWhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRgAFCgAIUwAEXVUGVkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRQx0bAAEXDRUDZkZJXQhFZhUHEBAQOVdGGwtDEXsNFxEWBgJ1Wl5YD35PBBAPBRpGXVxKUg5HXBMbPBQCAVwVG0wc&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=703&ck=1&ref=https://chaturbate.com/tours/3/&ap=32&be=433&fe=618&dc=540&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662722830343,%22n%22:0,%22r%22:0,%22re%22:206,%22f%22:206,%22dn%22:206,%22dne%22:206,%22c%22:206,%22s%22:206,%22ce%22:206,%22rq%22:213,%22rp%22:412,%22rpe%22:412,%22dl%22:420,%22di%22:534,%22ds%22:539,%22de%22:546,%22dc%22:617,%22l%22:617,%22le%22:619%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVFIOUwADBwFfA1JTVAFSCBh4Yy8TFUMhJTshCU0XAwhVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwBQTFpUTVILGwgEVRMVQwMNCw05X1lYVhITA0NAT0YBA0pBZlYUVEoSPQoUQVwbDAgfWAEXVVBNVVZSGxkbUwRCTT4FFgEQFWZSXF5DCxsvLUFIQQ9JalpeFF9NExtBXkEodhcVEwhBZgINFgoXFEBqWl4PV1AFBw0HBkQDFwEBQx0bCBI8CgYSTlpLWkMLGwMOChxNBVZYGx1DWEk%2BDREDAghQT1hFCF5XQ1hBJg8PQRVqXg1ETQgNDRdBShtcSW4IQklDWEEmDw9BFWpeDURNCA0NF0FKG1xJbgBCV0NYVlRQVg0ZG1gRblgSDDwLEQEbDxtzDVhBQTEMCBYSUFpXQkFwakNOQQ0TOVpaV18EUk0IDQ07Fx9JUBsLQ3JYAw4GSyc1dRcVEwhBZhQRBhY8EkBFXBNbE0sEEQoABghNXFhdQx0bEwcSEQYVTWpJUBVZG1tATBAME0tGFgJOExVDFQ87CwlKQRsLQ1JRABYWFgEHTVAXUg5cG01AEA0XA2ZcXRNbABVDEQoQBjldWlRQCF8bW0AADAISTEdbUBVUFwINDkZPREtQSEQEQk0%2BCgwXF0QDF1pZAEVMEwACEAZIWlpUE00TWxMNFBcGFGZcXRNbEwtXVlFTUlRaGAEDBwQUVQdSUU5fDQUOHAcCDwAGB1RbXwkNWhNNE0sEBAYWBhQbDxtZFUVJElhMSwAHVEZaWQBFFw8HF0tBShtHXEAUVEoVPQ4BFw5WURsLQ3Z8NUBPRhMfTV1WXz5HXBMRCgsNRAMXCh9WExVDFwI7BwNPXFpUPldYDAsPHUFcG3pNWQRDG01AFgU8AlxDUFIEbk0YEgZGWURdUEpaFV5JQ05BEQI5VkZmVwBcUA0bQV5BKlBbTElDHRsUAzwLEDlPUEtCCF5XQ1hBRk9ETFRmUxNeThIHETsFB1RcVUhDCxsnCxEBBQlBFxUTFFBmAxAMExADS2pPVBNCUA4MQV5BXw8bCRNNE0wAPRAQEQ9XUhsLQ3xWGwsPCAJJDBsJEUlpCFBZQygKCExNGUlZB2ZXVlhEERADDA8fURgZJgcADwxJCwUIAVEACVBCJQ0RA19aQR5YBxdRQE9GBA9NalpeDFxQFUBZRgAFCgAIUwAEXVUGVkZPRElUS1AMQhtbQBg4QRJWQEttQwsZPUAbVTECZRcVET0TWgAPEwUKAVdpGwtBbRsVAywXITobGRltQ1JlQ1hDOEFXZRcVET0TST1AWUQ/RAlpGx1BbRsGBw0ABhRlFwMRPRNfPUBPRD9EXVxKUANdXD4RDBENAmUXAxE9Ewk9QB5GT0RcWVBWCFNVBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRJUJaFxAhVkMiSlZPQyMCGSURABIRJA0Va18yQUAyCkNGT0RcWVBWCFNVBD0QFA8PTWpNVBJFSj4MEEZZRBl3VUQTQ1wFLgwDCgh2Q1xDDVBAQTAGCgILXGZJSDJZVhYRQwAKFVpaT1QTSGYRAwQBQ0QVF1hSFVhPBD0QFA8PTWpNVBJFSkNYQUQhCkxHdVYIX3smQicXABBLdwgRQx0bAAEXDRUDZkZJXQhFZhUHEBAQOVdGGwtDEXsNFxEWBgJ1Wl5YD35PBBAPBRpGXVxKUg5HXBMbPBQCAVwVG0wc&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:19 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 747f92f469a31bfe-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=8307ce550edb5d93; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f10a29d7d8b6d7a5671cdf7afad95dea
5df90138cb0932f49b90efe159807bfff6fa7dbc
9ab5d40edc6f531ae85832ad71a132a2a7d7eba0b2c5fb320f35d5fe3698bf4d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5234
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 11:27:19 GMT
Last-Modified: Fri, 09 Sep 2022 10:00:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
code.jquery.com/jquery-2.1.3.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.1.3.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32180)
Hash de4fdb8e2e5d9b9624bad7ed2b726525
053a31e8e83b261e3863c4f9e652caba910a2b89
f44c9556d0ecebc0716a7fce2899c0b40ed96394bebafb2937f4305bf3b118f3
GET /jquery-2.1.3.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-encoding: gzip
content-length: 29507
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-14960"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662722840.dop014.sk1.t,1662722840.cds264.sk1.hn,1662722840.cds215.sk1.c
X-Firefox-Spdy: h2
pt-static2.ptlwmstc.com/npe/ba/fklf/script/fk.lf-v552169.js
93.93.51.200200 OK 197 kB URL HTTP/2 pt-static2.ptlwmstc.com/npe/ba/fklf/script/fk.lf-v552169.js
IP 93.93.51.200:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Size 197 kB (196610 bytes)
Hash 9599ef000c0ac3402c9db2c2b11cdbfe
12f17b774cf52e9dc7b0a676101c5ae89dd272b5
8fdd809024c6bc3e727640f982a44d2ce317a297827a8750269395764b222723
GET /npe/ba/fklf/script/fk.lf-v552169.js HTTP/1.1
Host: pt-static2.ptlwmstc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 08:57:06 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"631affe2-4f73c"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2
pt.wmptctl.com/fsLHZ/f58.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
93.93.51.191200 OK 43 B URL HTTP/2 pt.wmptctl.com/fsLHZ/f58.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /fsLHZ/f58.gif?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 09-Oct-22 11:27:20 GMT; SameSite=None; Secure
expires: Fri, 09 Sep 2022 11:27:19 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/4be84e3674e3202bcb72f3c7f1964c9c_glamour_896x504.jpg
93.93.51.190200 OK 95 kB URL HTTP/2 galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/4be84e3674e3202bcb72f3c7f1964c9c_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 12b59c3109e64a371f62d49d6322e595
4ec7ef39681fe1e272588d63d51aa6de4a029662
dde44c5fbc64ce7617b077ae97927da448c59ee23ce52e09e32c4bf94a7ccca6
GET /ff268cab8d9fbae1ed7506f97496274f14/4be84e3674e3202bcb72f3c7f1964c9c_glamour_896x504.jpg HTTP/1.1
Host: galleryn11.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: image/jpeg
content-length: 94827
last-modified: Tue, 12 Oct 2021 14:22:45 GMT
etag: "12b59c3109e64a371f62d49d6322e595"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 23 Sep 2022 11:27:20 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10721591
X-HW: 1662722840.dop022.sk1.t,1662722840.cds237.sk1.shn,1662722840.dop022.sk1.t,1662722840.cds228.sk1.c
Access-Control-Allow-Origin: *
galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/948f3597795f5d4bd9c22e809f818a43_glamour_896x504.jpg
93.93.51.190200 OK 34 kB URL HTTP/2 galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f19/948f3597795f5d4bd9c22e809f818a43_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 7156fa52d3ab283ff1d6c423134bf715
eeda79fea84635582378af872a569748ec2ec3fe
b0554b4af4f1a90f36da38b9af7c6c9f9a3c50f617a93b1b526bab4acff212e6
GET /ff268cab8d9fbae1ed7506f97496274f19/948f3597795f5d4bd9c22e809f818a43_glamour_896x504.jpg HTTP/1.1
Host: galleryn11.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: image/jpeg
content-length: 34365
last-modified: Tue, 02 Nov 2021 05:23:16 GMT
etag: "7156fa52d3ab283ff1d6c423134bf715"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 23 Sep 2022 11:27:20 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/d514da6a39434505b032a77121dd0547_glamour_896x504.jpg
93.93.51.190200 OK 58 kB URL HTTP/2 galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1d/d514da6a39434505b032a77121dd0547_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Hash 9e66cc7ba2efd45154846882707ee285
51543e0fe39d3b122099d5a7ae8d54df8d77d13b
1852df8b501d07cc5ffe9a56ce5b92666efdc1b00d2a13e03539e6cb6aa7b683
GET /ff268cab8d9fbae1ed7506f97496274f1d/d514da6a39434505b032a77121dd0547_glamour_896x504.jpg HTTP/1.1
Host: galleryn11.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: image/jpeg
content-length: 58463
last-modified: Sun, 21 Aug 2022 09:16:18 GMT
etag: "9e66cc7ba2efd45154846882707ee285"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 23 Sep 2022 11:27:20 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10677530
X-HW: 1662722840.dop065.sk1.t,1662722840.cds260.sk1.shn,1662722840.cds260.sk1.c
Access-Control-Allow-Origin: *
bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1168&ck=1&ref=https://chaturbate.com/tours/3/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1168&ck=1&ref=https://chaturbate.com/tours/3/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/6f524845d1?a=24279235&v=1216.487a282&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1168&ck=1&ref=https://chaturbate.com/tours/3/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
content-type: text/plain
Content-Length: 2010
Origin: https://chaturbate.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 747f92f70c5d1bfe-OSL
Access-Control-Allow-Origin: https://chaturbate.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/40e73d31997394e47f6984f1e65655ea_glamour_896x504.jpg
93.93.51.190200 OK 151 kB URL HTTP/2 galleryn11.awemdia.com/ff268cab8d9fbae1ed7506f97496274f14/40e73d31997394e47f6984f1e65655ea_glamour_896x504.jpg
IP 93.93.51.190:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 896x504, components 3\012- data
Size 151 kB (150986 bytes)
Hash 2a34c5419f1f9c20e6908a438d22c567
8efb3db9974a39bd7411d612d8d98638dfb40568
27b3df24158eb16276bed7b9ec28d0191c9a1d02bae82ccc341676f3a3338280
GET /ff268cab8d9fbae1ed7506f97496274f14/40e73d31997394e47f6984f1e65655ea_glamour_896x504.jpg HTTP/1.1
Host: galleryn11.awemdia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: image/jpeg
content-length: 150986
last-modified: Sat, 18 Jun 2022 15:28:16 GMT
etag: "2a34c5419f1f9c20e6908a438d22c567"
access-control-allow-origin: *
x-content-type-options: nosniff
x-cache-source: Origin
x-cache-status: R-HIT
expires: Fri, 23 Sep 2022 11:27:20 GMT
server: unknown
x-cdn-node: sesto
cache-control: max-age=1209600
x-real-source: -
accept-ranges: bytes
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png
205.185.208.20200 OK 3.3 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/1/49/814986/1040948/1040948_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c992f93419cff2c1c149dfc70e710c6
ea1808199ce5bb59a63edea6fd39bbbf5e7511d7
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c
GET /a7/creatives/1/49/814986/1040948/1040948_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1661776299"
Content-Length: 3346
Content-Type: image/png
Last-Modified: Mon, 29 Aug 2022 12:31:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10673825
X-HW: 1662722840.dop065.sk1.t,1662722840.cds260.sk1.shn,1662722840.dop065.sk1.t,1662722840.cds017.sk1.c
Access-Control-Allow-Origin: *
m.sancdn.net/common/videojs/videojs.min-original-v2.css
69.16.175.10200 OK 12 kB URL HTTP/1.1 m.sancdn.net/common/videojs/videojs.min-original-v2.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (11336)
Hash 4b6813504d31e3b11655aafacf165db4
96517f0033bd59f277cd2eefa7d088ae6ff82dad
063b4a568733054fea7f238a10b384170ce29c136d3194feed44d8c8b451f55d
GET /common/videojs/videojs.min-original-v2.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1385146323"
Cache-Control: max-age=86400
Content-Length: 11451
Content-Type: text/css
Last-Modified: Fri, 22 Nov 2013 18:52:03 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662722840.dop208.sk1.t,1662722840.cds221.sk1.shn,1662722840.dop208.sk1.t,1662722840.cds018.sk1.c
m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
69.16.175.10200 OK 20 kB URL HTTP/1.1 m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
IP 69.16.175.10:0
File type HTML document, ASCII text, with very long lines (14756)
Hash 70d492eca4141bdd1452977dd893dd63
9cd9504b3afdeca86a03251591e1afab36ae2c57
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Content-Type: application/javascript
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662722840.dop203.sk1.t,1662722840.cds206.sk1.shn,1662722840.dop203.sk1.t,1662722840.cds026.sk1.c
m.sancdn.net/common/fontawesome-430/font-awesome.min.css
69.16.175.10200 OK 24 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/font-awesome.min.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (23523)
Hash 3738ef90dad175977dc8a695809bb71a
98aa676ba7987caa86d49ab1b71f73896d08ad13
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Content-Type: text/css
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662722840.dop024.sk1.t,1662722840.cds209.sk1.shn,1662722840.cds209.sk1.c
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/categories.js
172.67.69.220200 OK 78 kB URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/categories.js
IP 172.67.69.220:0
File type ASCII text, with very long lines (9227), with no line terminators
Hash 8b1e2e3fc4f0bfe20d0cd27c1fe218d2
5fca810885a9024f7dfd5bcc2ad0a087c512bd27
23ba9a1b207542b3b39aa5e77283af1e9fc6042705112a7123bb57dd52a172ee
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/categories.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxNzViZWQ5M2Y4ZmEzIiwiaWF0IjoxNjYyNzIyODM1LCJleHAiOjE2NjMzMjc2MzV9.spsNvElaqB8Fg8rEADo6tH-5zR7Gabhm357XaF7h1RY; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiYThiNDFhNmNjYTkzNSIsImlhdCI6MTY2MjcyMjgzNSwiZXhwIjoxNjY1MzE0ODM1fQ.FU0sJlpPCjIbExsf-0_SIXvMq3hWXU-lyDurYh3oUvs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:00 GMT
etag: W/"240b-1826d2c11d8"
cf-cache-status: HIT
age: 3033200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVA04STlev4l1GjiX9%2Bb2wqWZIf0pAwYGS1GXHhrE6H2UeVdd4pBQK%2BdzPqWcIhql6yp1iinQuuHWoVLESzZoZ62monp%2FswOxdeeNmhjTlVxBjA08%2F7ltvnMy9gizw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92dc0e71b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
as.sexad.net/px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other
216.127.52.241200 35 B URL HTTP/1.1 as.sexad.net/px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other
IP 216.127.52.241:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /px.gif?stno=3-937-fap247.com-0-5104-0-0-3001-5671-3&p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286
Cookie: iid=7867-1662722839
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx/1.18.0
Date: Fri, 09 Sep 2022 11:27:20 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1662722840; expires=Mon, 06-Sep-2032 11:27:20 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
camschat.net/900250/cuntempire.webp
66.230.180.98200 OK 122 kB URL HTTP/2 camschat.net/900250/cuntempire.webp
IP 66.230.180.98:0
Size 122 kB (122013 bytes)
Hash e863d396e07f28f8dcc99d7201f423c0
b57f202b6bb1f61270834b85a32f564fc685d76f
a6064c5194f60323f1b7e647ec6bb7d566a82427d470c389be3b96ddf5d16146
GET /900250/cuntempire.webp HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/900250/game.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: image/webp
last-modified: Mon, 12 Apr 2021 15:04:52 GMT
vary: Accept-Encoding
etag: W/"60746194-1dc40"
content-encoding: gzip
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
69.16.175.10200 OK 57 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0
IP 69.16.175.10:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /common/fontawesome-430/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://as.sexad.net
Connection: keep-alive
Referer: https://m.sancdn.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:20 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 56780
Content-Type: application/octet-stream
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662722840.dop017.sk1.t,1662722840.cds213.sk1.shn,1662722840.cds213.sk1.c
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyGSMROmTMMxLciMGYOjBQ0ZYsq0EDNGxowWY3LcCGODRo0cZHKYySHiYZg6YzLSIHOjhpgZNmC0gDHGxg2TNsO0wHHDzMuYMmSUgYGjY42CPTXaWWgjhw0ZD-HUEbNwBg4bNWD4hAOnLQ2qckXMgTNRB42GM5DmeDimTV2_MZzamOFzI8WHYty4WSjjRs3FjEW0cYNRR2XBaTd3hvv3YZ0YGdHQoQNnjo4XL8K4MEiHs4sxb9q8OFOGzosYMILXQDrjB500bcr0aJhDBo0cMWzWoDEjBpc6wWXYCENnTI-_imdcz74djpgeWfIQ-eImypwsU5zIgIODSpQxVG7cicOGjZwjQnyhRQ44SFGHHW2IYUMQWizhBAxvhEGFE1PUIcMcTsQwwxtjNMFEDGIUIUMaeFQhBBFEREFHDFq0UMUTJyZxhx5JyNBGHW3YcYQRdOSgxhBKmBEDFkw8AUMcWBAxhhw2UlEHFWHgcUMQX5xRRRJESFFFGmHB0cZjIrzhJZhk5JZRcmSkIVsYc7wRgwtu9BbWGNwttEV1XaQlR1A6wOBCcBWJIIYZC_kpHGFefgHHnoX-CegNaIkghx2HxfVQGWOM2aejMMxAAw2m1cGlDiKQMQMZNJhBBgxSjVFUDSa5JcZKOIwUEg45hBGGGTGRQQYOM4SVxmEiQOdCDn6e5EJDNIQlxxfDZmQssi4oy2xYdYSRURNv6JFGf2G8UMOfIKCARQwx7AACE2m4UQceIODx1hc1qTupDmb9mQIIR2C6xhsvyAADcAMPDIIRachRhhlv4PFCvjDMyacITjwR1hvPjpRRxWGxMXERToR1kB1fKMwGRTXccAOwNuAQ3ENynDGZZzVQ9dDIX4ghx0I44HBzGSS38QYZlL0VKBlyvNHWQ28o5JmeDeexEKiSLpzaaq299gKaas7W5ptx-hbWHJNmlDQd3GHcQh1upEFHC4m5IFIMMog88UFfzF23RV8yZMNZkMoA7GAi0NFG3X4DntXgNEDaWMll7PVFnYlXtvgMhAM9ORsI0eH0nTTkCZEYfZW68E9sTJSWx4US1hkMfSgQEA%3D%3D&s=4678ea100ea404088675699447cb9e086eb256520838ba7d0b49e88cd39742081662722839&w=t&r=1&d=641&priv=false
136.243.75.209200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyGSMROmTMMxLciMGYOjBQ0ZYsq0EDNGxowWY3LcCGODRo0cZHKYySHiYZg6YzLSIHOjhpgZNmC0gDHGxg2TNsO0wHHDzMuYMmSUgYGjY42CPTXaWWgjhw0ZD-HUEbNwBg4bNWD4hAOnLQ2qckXMgTNRB42GM5DmeDimTV2_MZzamOFzI8WHYty4WSjjRs3FjEW0cYNRR2XBaTd3hvv3YZ0YGdHQoQNnjo4XL8K4MEiHs4sxb9q8OFOGzosYMILXQDrjB500bcr0aJhDBo0cMWzWoDEjBpc6wWXYCENnTI-_imdcz74djpgeWfIQ-eImypwsU5zIgIODSpQxVG7cicOGjZwjQnyhRQ44SFGHHW2IYUMQWizhBAxvhEGFE1PUIcMcTsQwwxtjNMFEDGIUIUMaeFQhBBFEREFHDFq0UMUTJyZxhx5JyNBGHW3YcYQRdOSgxhBKmBEDFkw8AUMcWBAxhhw2UlEHFWHgcUMQX5xRRRJESFFFGmHB0cZjIrzhJZhk5JZRcmSkIVsYc7wRgwtu9BbWGNwttEV1XaQlR1A6wOBCcBWJIIYZC_kpHGFefgHHnoX-CegNaIkghx2HxfVQGWOM2aejMMxAAw2m1cGlDiKQMQMZNJhBBgxSjVFUDSa5JcZKOIwUEg45hBGGGTGRQQYOM4SVxmEiQOdCDn6e5EJDNIQlxxfDZmQssi4oy2xYdYSRURNv6JFGf2G8UMOfIKCARQwx7AACE2m4UQceIODx1hc1qTupDmb9mQIIR2C6xhsvyAADcAMPDIIRachRhhlv4PFCvjDMyacITjwR1hvPjpRRxWGxMXERToR1kB1fKMwGRTXccAOwNuAQ3ENynDGZZzVQ9dDIX4ghx0I44HBzGSS38QYZlL0VKBlyvNHWQ28o5JmeDeexEKiSLpzaaq299gKaas7W5ptx-hbWHJNmlDQd3GHcQh1upEFHC4m5IFIMMog88UFfzF23RV8yZMNZkMoA7GAi0NFG3X4DntXgNEDaWMll7PVFnYlXtvgMhAM9ORsI0eH0nTTkCZEYfZW68E9sTJSWx4US1hkMfSgQEA%3D%3D&s=4678ea100ea404088675699447cb9e086eb256520838ba7d0b49e88cd39742081662722839&w=t&r=1&d=641&priv=false
IP 136.243.75.209:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyGSMROmTMMxLciMGYOjBQ0ZYsq0EDNGxowWY3LcCGODRo0cZHKYySHiYZg6YzLSIHOjhpgZNmC0gDHGxg2TNsO0wHHDzMuYMmSUgYGjY42CPTXaWWgjhw0ZD-HUEbNwBg4bNWD4hAOnLQ2qckXMgTNRB42GM5DmeDimTV2_MZzamOFzI8WHYty4WSjjRs3FjEW0cYNRR2XBaTd3hvv3YZ0YGdHQoQNnjo4XL8K4MEiHs4sxb9q8OFOGzosYMILXQDrjB500bcr0aJhDBo0cMWzWoDEjBpc6wWXYCENnTI-_imdcz74djpgeWfIQ-eImypwsU5zIgIODSpQxVG7cicOGjZwjQnyhRQ44SFGHHW2IYUMQWizhBAxvhEGFE1PUIcMcTsQwwxtjNMFEDGIUIUMaeFQhBBFEREFHDFq0UMUTJyZxhx5JyNBGHW3YcYQRdOSgxhBKmBEDFkw8AUMcWBAxhhw2UlEHFWHgcUMQX5xRRRJESFFFGmHB0cZjIrzhJZhk5JZRcmSkIVsYc7wRgwtu9BbWGNwttEV1XaQlR1A6wOBCcBWJIIYZC_kpHGFefgHHnoX-CegNaIkghx2HxfVQGWOM2aejMMxAAw2m1cGlDiKQMQMZNJhBBgxSjVFUDSa5JcZKOIwUEg45hBGGGTGRQQYOM4SVxmEiQOdCDn6e5EJDNIQlxxfDZmQssi4oy2xYdYSRURNv6JFGf2G8UMOfIKCARQwx7AACE2m4UQceIODx1hc1qTupDmb9mQIIR2C6xhsvyAADcAMPDIIRachRhhlv4PFCvjDMyacITjwR1hvPjpRRxWGxMXERToR1kB1fKMwGRTXccAOwNuAQ3ENynDGZZzVQ9dDIX4ghx0I44HBzGSS38QYZlL0VKBlyvNHWQ28o5JmeDeexEKiSLpzaaq299gKaas7W5ptx-hbWHJNmlDQd3GHcQh1upEFHC4m5IFIMMog88UFfzF23RV8yZMNZkMoA7GAi0NFG3X4DntXgNEDaWMll7PVFnYlXtvgMhAM9ORsI0eH0nTTkCZEYfZW68E9sTJSWx4US1hkMfSgQEA%3D%3D&s=4678ea100ea404088675699447cb9e086eb256520838ba7d0b49e88cd39742081662722839&w=t&r=1&d=641&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=d3d4fd0a-c755-438b-b8cc-d89aafc9dd83; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDB4wcMmbk6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=969388
185.94.237.101200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=969388
IP 185.94.237.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF, LF line terminators
Hash 7cdd989794f4cc47f1ad1fc05d4ee6c5
7af283d44bbb4ef65fc5d278c8f09de72428f40a
abdbd71e63f46bc927b2c4c2e0d86380ee680b32784ddc8403f571ff681d6886
GET /adshow.php?adzone=969388 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 11:27:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a969af5a46fc4177417df38500d129e1; expires=Sat, 09-Sep-2023 11:27:19 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps61=1; expires=Sat, 10-Sep-2022 11:27:19 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExOTY5NDI7aToxNjYyOTgyMDM5O30%3D; expires=Mon, 12-Sep-2022 11:27:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Mon, 12-Sep-2022 11:27:19 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
93.93.51.191200 OK 118 kB URL HTTP/2 pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Size 118 kB (118230 bytes)
Hash 3882093d2d8c4c9d4d6a8c896357f167
9827b54d771e07d9645d4e04ffc06717a792e6cd
cd12e49fc6d6efb6c747b499009c80af279b211093b78ba3b05eba9760daa545
GET /live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3 HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
date: Fri, 09 Sep 2022 11:27:20 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 09-Oct-22 11:27:20 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
m1.nsimg.net//media/1/2/1/12125264.jpg
207.178.0.95200 OK 19 kB URL HTTP/1.1 m1.nsimg.net//media/1/2/1/12125264.jpg
IP 207.178.0.95:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Hash c283c7001c86ecd1f877f8b3df001331
00716e2eb453a1c18ab3b4c11b50e0acb7d37957
5a4bea49854a6f0945e43c33dc13b3e0675e886243c55e0b1a551e38521cee6b
GET //media/1/2/1/12125264.jpg HTTP/1.1
Host: m1.nsimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Sep 2022 11:27:20 GMT
Content-Type: image/jpeg
Content-Length: 19074
Connection: keep-alive
Last-Modified: Sun, 30 Jan 2022 05:22:34 GMT
ETag: "61f6209a-4a82"
Expires: Sat, 09 Sep 2023 06:45:24 GMT
Cache-Control: max-age=31536000
X-Varnish: 222597647 222512481
Age: 1925
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
pt.wmptctl.com/y4zFh/EJA.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3
93.93.51.191200 OK 43 B URL HTTP/2 pt.wmptctl.com/y4zFh/EJA.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /y4zFh/EJA.gif?c=object_container&%3Bsite=wl3&%3BcobrandId=240622&%3Bpsid=cybermike&%3Bpstool=302_1&%3Bpsprogram=cbrnd&%3Bcampaign_id=118122&%3BforcedPerformers%5B0%5D=&%3Bvp%5BshowChat%5D=false&%3Bvp%5BchatAutoHide%5D=false&%3Bvp%5BshowCallToAction%5D=false&%3Bvp%5BshowPerformerName%5D=false&%3Bvp%5BshowPerformerStatus%5D=false&%3Bfilters=&%3BsubAffId=%7BSUBAFFID%7D&%3BcategoryName=girl&%3BembedTool=1&%3Borigin=camschat.net&%3Brrc=3 HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/live-feed?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=302_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net&rrc=3
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:21 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 09-Oct-22 11:27:21 GMT; SameSite=None; Secure
expires: Fri, 09 Sep 2022 11:27:20 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 136b56116cde53dc6a695f58ad71dfc7
4a553aa61103bd1ddb73ce1aa0481eab48f0fd3b
7488572861bee1ef92c66a95df03deed9f5fbeb262b7c5de79451e909484c870
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7488572861BEE1EF92C66A95DF03DEED9F5FBEB262B7C5DE79451E909484C870"
Last-Modified: Wed, 07 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7181
Expires: Fri, 09 Sep 2022 13:27:02 GMT
Date: Fri, 09 Sep 2022 11:27:21 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/css/animate.css
104.21.51.177200 OK 57 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/css/animate.css
IP 104.21.51.177:0
Hash 89586732a975feac4185183d986d54fc
ac1231bf48a6343b3d64a881803b68fbe2589ad4
c1576ca40b5d65766e6e33588a69ce095b7ebb51c185b0d9d77dff1709ae1d0d
GET /sb/ssp/sweep/social-box/white-small/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:02:02 GMT
etag: W/"6149c9ba-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3200120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8M0jScCC9dQBFzyUobcHH6rAAV%2BX3CV1n9NIgyuQWNe0aCHjit3iuCCosup7U%2BTSR5cfSWY7kMC21IPUjZWd9OcNLU3EvWsgGMktWAeB0LMHJFdXKQekoKdiVlz535MDnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e7dd540b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 55f6017a7dfb6dd6d90055bfc72bbba9
62531faaaf316367f1ac53fc7e09d8a2fbe25a4a
c1b04ffc98409e0c3a345017a2e5e5f49a99a31edc844fb4ce07688858cfa056
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 11:27:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 07:51:02 GMT
Expires: Tue, 13 Sep 2022 07:51:01 GMT
Etag: "62531faaaf316367f1ac53fc7e09d8a2fbe25a4a"
Cache-Control: max-age=332019,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 747f92ff1c380b45-OSL
dss-relay-109-71-166-18.dditscdn.com/?psid=&pstool=
109.71.166.34101 Switching Protocols 0 B URL HTTP/1.1 dss-relay-109-71-166-18.dditscdn.com/?psid=&pstool=
IP 109.71.166.34:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?psid=&pstool= HTTP/1.1
Host: dss-relay-109-71-166-18.dditscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pt.wmptctl.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xb2e8KsVpnY5KG3Xv7XhSw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: unknown
Date: Fri, 09 Sep 2022 11:27:21 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PZJZvhIB9tXVwtipiDQwmTQlkZQ=
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee9340025af774eed83fa3ae0ebb4b65
b868b62d5f2bc802c565d35ea59e200aaf6ab986
729127258be88fe97e4c777b08ba709900028c41a052b6868cab515e545e8c56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F134e6c5d-5cc9-4c6a-9a5c-5703f2809918.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4776
x-amzn-requestid: 49312697-395a-4058-8899-0203e69bf26b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDU5jHA_IAMFhkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63179b70-7b17771e456072e87327ff23;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 19:11:44 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BWKpFwEjVenSFCMPbtJ_RfXRZCc5YgIHWBbXfd74xsAC6MtP_UrQ4Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:50:28 GMT
age: 49015
etag: "b868b62d5f2bc802c565d35ea59e200aaf6ab986"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
104.16.93.42200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
IP 104.16.93.42:0
GET /CACHE/js/output.6f6724a00cb8.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-id-2: JSy2VAlm3gAahvlCm5/iqNOQuasckcIrq13CGup8iDmNjJ/I2mSXsAw6q4OzSeK3RH88h3oFZ3U=
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
x-amz-request-id: 2D5V5B3Y2TWH6PZC
cf-cache-status: HIT
age: 1864799
expires: Sun, 09 Oct 2022 11:27:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mlUHLt58nUqIPxWsbohvS4B4XXSfRSZUN9u7K8%2Fdf%2F3j2fkp%2FPPq2isHE3p8LuMtjQoMZ4lG0YQHGeTrTGBLfA6k%2BeNxTV%2FCoGkdNaLJvUrQHrauh68pjG22pia1VqQWVyrKFLrfKssUuT%2Bcnc7dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=N8q87fSWpBb._h2_DVg7Ff60VGWbrptkSUPnJaA2UwM-1662722839481-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 747f92f2a8f7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/video.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/video.js
IP 172.67.69.220:0
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/video.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:01 GMT
etag: W/"597e-1826d2c1430"
cf-cache-status: HIT
age: 3033209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnJD7%2B7an%2FdAcRYUKjpKTBy8gD3UZ%2FqAw3tVRQOixs0n9zz6sajz9%2BnQjRw2MYf7Ep0nwL8%2BtzSO%2BGDi04SNfoKVsayFCn9Vt816ZZkH6Ogp8aU1yenNKfo0AITCrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c3db509-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
IP 104.21.51.177:0
GET /sb/ssp/sweep/social-box/white-small/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3201766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LJjuiFhvykuji6CJYe1PAH%2F%2FyJSwnu3SMjZ%2BVl%2FopTtgA4nYy2yIGBatjOE1TUvgSX%2BXNu7yUlkhMhfOg%2BrHDfMA7NDe%2FK7SJ3EZgGEAcKYcreKTixz9uAWW3oj5jOL1Cs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e80d890b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
camschat.net/900250/game.php
66.230.180.98200 OK 0 B URL HTTP/2 camschat.net/900250/game.php
IP 66.230.180.98:0
GET /900250/game.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/900250/adnium.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 34
last-modified: Fri, 09 Sep 2022 11:26:43 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIzu64GlEHZAr4z0Iy5so02phjV9NdxrFU%2FKi9CTdDBaDD2rPeks%2BcA0NVfubl9vLTBOtjyIhuSh5dfBbx9E%2BF7f%2BYwsUqUHk%2BqUmWSj1S%2FsOzXRYGy61Vi2CbShPXq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e7aa09b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303894?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391866?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/js/script.js
104.21.51.177200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/sweep/social-box/white-small/js/script.js
IP 104.21.51.177:0
GET /sb/ssp/sweep/social-box/white-small/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1214413
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZ%2Fr8%2FMkLBBEm0PleLxne7us%2F1y4R0AUfc4FoJOAsrFhxdoUiW9c0Hyw1G0qJNcX6vPj6qKhwXNm%2BI16czDivFQd1A0dcXce%2F7WAZwdz8uIlQgm3L9Um65P6OoVIIRsKKMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e98f080b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
136.243.83.47200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/81050e2dae874825b1263242bcb82944.html?
IP 136.243.83.47:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/81050e2dae874825b1263242bcb82944.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://media.aso1.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: e9e793a596499b8a
set-cookie: ts_uid=d3d4fd0a-c755-438b-b8cc-d89aafc9dd83; expires=Thu, 09 Mar 2023 11:27:19 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYsCEDB4wcMmbk6NJH; expires=Sat, 10 Sep 2022 11:27:19 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=2fe4c4ee-fd47-44f4-bb76-a26b6715ea2b
93.93.51.225200 OK 0 B URL HTTP/2 api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=2fe4c4ee-fd47-44f4-bb76-a26b6715ea2b
IP 93.93.51.225:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=2fe4c4ee-fd47-44f4-bb76-a26b6715ea2b HTTP/1.1
Host: api-protected.protoawegw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pt.wmptctl.com/
Origin: https://pt.wmptctl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:21 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
server: unknown
content-encoding: gzip
X-Firefox-Spdy: h2
a.bestcontentfood.top/warp/4788750?r=1760
104.21.52.148200 OK 0 B URL HTTP/2 a.bestcontentfood.top/warp/4788750?r=1760
IP 104.21.52.148:0
Analyzer Verdict Alert fortinet Phishing
GET /warp/4788750?r=1760 HTTP/1.1
Host: a.bestcontentfood.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: application/javascript; charset=UTF-8
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q1PxoSgE2MOuZX0qzQRxvO445%2FGFC5qZxIOqR6suOe3EV%2Fzk74yauCpuEiujFSQ3JRbJyiQhEvF4ah2leE53rJhYS3ove96fd6ke8bIplBeDw0IVx4X8fDElTwhifY7F%2Fjtd63BA1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92eadf770afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/login.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/vMq0fywG6ReNUm9yukIYR/pages/login.js
IP 172.67.69.220:0
GET /_next/static/vMq0fywG6ReNUm9yukIYR/pages/login.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScript2Groups=push1-push1%2Cpush2-push2%2Cpop-desk%2CTest-Code%20; k2sAccessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoiYWNjZXNzVG9rZW4iLCJpc3MiOiJrMnMiLCJjSWQiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJqdGkiOiIxNzViZWQ5M2Y4ZmEzIiwiaWF0IjoxNjYyNzIyODM1LCJleHAiOjE2NjMzMjc2MzV9.spsNvElaqB8Fg8rEADo6tH-5zR7Gabhm357XaF7h1RY; k2sRefreshToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI1YjM5Y2ZjY2ZjNGUwNzFjNzE4MWQ0ZmQiLCJhdWQiOiJjbGllbnQiLCJ0eXBlIjoicmVmcmVzaFRva2VuIiwiaXNzIjoiazJzIiwiY0lkIjoiNWIzOWNmY2NmYzRlMDcxYzcxODFkNGZkIiwianRpIjoiYThiNDFhNmNjYTkzNSIsImlhdCI6MTY2MjcyMjgzNSwiZXhwIjoxNjY1MzE0ODM1fQ.FU0sJlpPCjIbExsf-0_SIXvMq3hWXU-lyDurYh3oUvs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:43:00 GMT
etag: W/"ba5-1826d2c11d8"
cf-cache-status: HIT
age: 3033199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTmPV9XSW3ZIzZ6JMnfVR7LEe9pCPRqlEBC5IJxt08KtD3Xppss24jak0Io%2BUnfznilMvmTy1EEN%2B0YD2GN7%2BEmmBtackub6Aywpor6jfyVgDia97dE6O5dodNQlkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92dbfe67b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap
IP 216.58.211.10:0
GET /css?family=Roboto:100,300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 11:27:14 GMT
date: Fri, 09 Sep 2022 11:27:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/runtime/webpack-f4d22593ad73f080a168.js
IP 172.67.69.220:0
GET /_next/static/runtime/webpack-f4d22593ad73f080a168.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 05 Aug 2022 08:42:28 GMT
etag: W/"2fb2-1826d2b92c0"
cf-cache-status: HIT
age: 3033775
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxI%2FpuZvr5jQgrjh%2FfDGavGPWKMbzwcu4BtJO5ACnIaeL8QjamujfPakkkAZQ65xIyQJGXnJligRB6IHC3%2BXKgnboZVW1qum%2FFG7M1LOSleVA%2FqP2pTeeFjl8jxZJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c50b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662710400
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662710400
IP 172.67.69.220:0
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662710400 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pI7syaoSciNamR0DscQGGlO91v0CDJrEXWunKt5y2Iu9D5afwVpDYycPhYQ8MvVFq12V1WjnhUoitA0Z8airzjfV4TpBOoQERcSBYg5aq5khEzmYYbTuFnA%2BjDh%2B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d71f6ab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
93.93.51.191200 OK 0 B URL HTTP/2 pt.wmptctl.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net
IP 93.93.51.191:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /live-feed/fk/?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=camschat.net HTTP/1.1
Host: pt.wmptctl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
date: Fri, 09 Sep 2022 11:27:19 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sun, 09-Oct-22 11:27:19 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
media.aso1.net/js/ifr.html
104.21.234.154200 OK 0 B URL HTTP/2 media.aso1.net/js/ifr.html
IP 104.21.234.154:0
GET /js/ifr.html HTTP/1.1
Host: media.aso1.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html
last-modified: Thu, 28 Jul 2022 09:55:04 GMT
etag: W/"62e25cf8-6ea"
expires: Tue, 02 Aug 2022 06:53:11 GMT
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-cache-status: HIT
age: 1878937
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhY%2FHdy1vgfQENG8enDzWzlXYQ6geo1%2Fp7Ixn3Dop1UoIcY6H9am0Amq%2F2mOrIuIfoax19TFHGWwguw3Z2cqLSL4bRcCHP7%2BGqIljLnxhTi%2ByAvf2O7LbW3DkzGw96O33g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747f92e93e120726-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pt-static3.ptlwmstc.com/npe/ba/elf/script/elf-v552169.js
93.93.51.200200 OK 0 B URL HTTP/2 pt-static3.ptlwmstc.com/npe/ba/elf/script/elf-v552169.js
IP 93.93.51.200:0
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /npe/ba/elf/script/elf-v552169.js HTTP/1.1
Host: pt-static3.ptlwmstc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.wmptctl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:20 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 08:57:06 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"631affe2-8d554"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2
xfantazy.com/video/5e0ed14deac0b76cd9c54962
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/video/5e0ed14deac0b76cd9c54962
IP 172.67.69.220:0
GET /video/5e0ed14deac0b76cd9c54962 HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; Domain=xfantazy.com; Path=/; Expires=Thu, 09 Sep 2032 11:27:14 GMT; HttpOnly
experiment-popup-payment-7=0; Path=/; Expires=Fri, 16 Sep 2022 11:27:14 GMT
experiment-save-to-button-2=0; Path=/; Expires=Fri, 16 Sep 2022 11:27:14 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AaSdJS2mZuMW0zTLTqIvs5gQX78%2BgTji%2B1ul%2FzPyHO5m3iTJq19zMdTJAf%2FqJGbYcXpCxW4YR8BIO7LtZBwCGERp1H9PuqdEnrFQZV%2F8g8s2NE1uWzp3PAL0gCkeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d0cd9ab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/303891?p=1&s1=%subid1%&kw=
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/303891?p=1&s1=%subid1%&kw= HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=f9ylb9Ptq7EADFdTdSca; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391868?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
camschat.net/900250/awe900250.php
66.230.180.98200 OK 0 B URL HTTP/2 camschat.net/900250/awe900250.php
IP 66.230.180.98:0
GET /900250/awe900250.php HTTP/1.1
Host: camschat.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/900250/adnium.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
content-encoding: gzip
X-Firefox-Spdy: h2
xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/css/styles.f80584c6.chunk.css
IP 172.67.69.220:0
GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0; safeMode=0; advancedOptions=0; viewedVideoCounter=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:15 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Fri, 05 Aug 2022 08:43:45 GMT
etag: W/"2fd40-1826d2cbfbc"
cf-cache-status: HIT
age: 2822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDisCd00inphCsEXdFoX9Y%2BcWgLnjUH1CgzVoxqJGrxXsTaIKpa52iGaLQZ4oZwkc3ej2LSIXKtZcgYplQYOcAh0QHwybpIryt%2B42E1CB5HWT%2BEDZZx8zfL6qHIn3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d8e980b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
104.21.62.145200 OK 0 B URL HTTP/2 a.medfoodsafety.com/loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true
IP 104.21.62.145:0
GET /loader?a=4787912&v=2&t=1&s=4776911&p=8575&if=true HTTP/1.1
Host: a.medfoodsafety.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:18 GMT
content-type: text/html
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YiBtjLNzQaasQplo88vgsJuX63kSDoAnrAFGxxbMowYNzQyeQ210U5dvP9rt8SjJcV8c05kHq8t7j5ccHmZd6JKrn1bv8jTQZt9XG7%2BQdwadCQPv%2FdLzJg0H5hKndcDpnxxUvTO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92ec4884b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js
IP 172.67.69.220:0
GET /_next/static/chunks/47.6c9a4510342e4dd3af77.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"620-181397f9e59"
cf-cache-status: HIT
age: 8163995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTtDVQiEMZaER8TNZUHZ93XVKk5sJbzkgekcD5JiXr8vOiDER7xZc1J3T0HnTc2h0qRqA35MLD%2BNkYjkECMaCBCWPDqX4g5Ul2ZXPLtc092ZRbdgpZXwJ3i3Nm3XTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c4bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js
IP 172.67.69.220:0
GET /_next/static/chunks/59.edff5ae0d8d83054b552.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:20:14 GMT
etag: W/"c8b-179fb71df0d"
cf-cache-status: HIT
age: 29179902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DREK5peV41XdCALkJHgQIz0TaWl8zwv8laNTZRdNGd5I6tXPog8Tr3X0gHivoeXmmCPUUmCzdy7nmGiQRaM7%2FacEEGZgWge2XmP445Dx7Is0qmSccR2wSnkW7kWOHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c4ab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
172.67.69.220200 OK 0 B URL HTTP/2 xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js
IP 172.67.69.220:0
GET /_next/static/chunks/16.2fcecc4fbe403da70f1d.js HTTP/1.1
Host: xfantazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/5e0ed14deac0b76cd9c54962
Cookie: visitorId=tvqu3y2h3oqaj9rpbrhe1f; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 11:27:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:49 GMT
etag: W/"4f4a-179fb7093d6"
cf-cache-status: HIT
age: 29179902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTUjDJvisVd3I3Lz827AZfHSV%2FzUqID0ViTYB%2B8oODwNS%2BerxIhgS%2FIxuv8Fpm2%2Fmn41Gf5jm9NOyZbMs4k4qBPqzzWw%2B7Hk2xC%2BZkYfHVc2O8zxeGw2nca%2FMwwJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747f92d50c48b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
135.181.208.216200 OK 0 B URL HTTP/2 a.focusde.info/api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280
IP 135.181.208.216:0
ASN #24940 Hetzner Online GmbH
GET /api/spots/391867?host=xfantazy.com&ev=196&wh=939&ww=1280 HTTP/1.1
Host: a.focusde.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=sijrrnNPvvoaNJHCe8O6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 11:27:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1693825670%3A1662722837716532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_-LLIXv2SUbzlNUdkUVHly5ROwl8aAtdPBZxe6fpTkWoQTYYAMOmYz2aaPBduABwIw0mAiQ
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1693825670%3A1662722837716532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_-LLIXv2SUbzlNUdkUVHly5ROwl8aAtdPBZxe6fpTkWoQTYYAMOmYz2aaPBduABwIw0mAiQ
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1693825670%3A1662722837716532&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo_-LLIXv2SUbzlNUdkUVHly5ROwl8aAtdPBZxe6fpTkWoQTYYAMOmYz2aaPBduABwIw0mAiQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Sep 2022 11:27:17 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-R34I6y0eAiktAsLY2-6JjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=t3DXTnKoNPh_UQ_-PBBvay8v1pNg6qJ_LU8889LSsuCiYDEaP7h81wfqgE7vEIr69LWbgUvSXm_aZaUriKOwm1sYmJGav6Uom5SaDcqYxx4SAMxMBwbgj3KEdKhVfupoT74QSrXkWzXPiniMnSUb-HOi2ba-ln2HWPV-B8QX1C8; expires=Sat, 11-Mar-2023 11:27:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
chaturbate.com/in/?track=adnium-900x250&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f
104.18.100.40302 Found 0 B URL HTTP/2 chaturbate.com/in/?track=adnium-900x250&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f
IP 104.18.100.40:0
GET /in/?track=adnium-900x250&tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Sep 2022 11:27:19 GMT
content-type: text/html; charset=utf-8
location: /tours/3/?tour=x1Rd&campaign=taOsB&c=1&p=0&gender=f&disable_sound=0
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_x1Rd=1; expires=Wed, 14-Sep-2022 11:27:19 GMT; Max-Age=432000; Path=/
us_x1Rd=1; Path=/
affkey="eJwdjFsKgCAQAK8S+135gD7qswsE3WAzRREjdAMjuntsnzMD8wDB1EBV6w5tAyadjIRLmZkpR2bcj3ClbpSy6kFyyKw90VkmIQymYjxSf1gSXNE57ubebE4hWnb/WCt4PzeUIDE="; Domain=.chaturbate.com; expires=Sun, 09-Oct-2022 11:27:19 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Fri, 09-Sep-2022 17:27:19 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0\0548UAXRV=1"; expires=Sun, 09-Oct-2022 11:27:19 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr81737257-9cb3-4a76-aa36-99cc1bd80d80:1oWcAJ:KWE-PLp3hPCNmAdpEie6ZPInI2U; Domain=.chaturbate.com; expires=Wed, 04-Jun-2025 11:27:19 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=bF53OjApGuJbEMWZj8V3oDU8v2uWUZz.txYIGezXh14-1662722839-0-AT3R0dIT49wR9srzpK8DrEgJDRr4YZiOWy36Ce0aUhLxEc1OfO0cG3RTWExeInVq0emjnyMRwfV5m3IfuN9dsI0=; path=/; expires=Fri, 09-Sep-22 11:57:19 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 747f92efd9da0b41-OSL
X-Firefox-Spdy: h2