f95zone.to/
190.115.31.182301 Moved Permanently 568 B IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET / HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Wed, 08 Feb 2023 21:30:28 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://f95zone.to/
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Wed, 08 Feb 2023 22:27:03 GMT
Date: Wed, 08 Feb 2023 21:30:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2777
Expires: Wed, 08 Feb 2023 22:16:45 GMT
Date: Wed, 08 Feb 2023 21:30:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 20:36:43 GMT
content-type: application/json
age: 3225
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8831
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 21:30:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: F4HR18WHqwAwvBoCBF1IjBfS6jFIMXt0VwQRImAowIr5VqLjNUGD7hUL/GTCB8LeGaoKR09zc+8=
x-amz-request-id: 5WRYAPPM7NWFQHWH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 20:46:06 GMT
age: 2662
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45738e30c314b66455cd65e708e6ab5d
7138e77bb479f0f215c3a8b0fb3d0bde3c04b327
13e7279a7c7920c04c1014b266ce84eec32672206142364bd95be5a95798a498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13E7279A7C7920C04C1014B266CE84EEC32672206142364BD95BE5A95798A498"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6729
Expires: Wed, 08 Feb 2023 23:22:37 GMT
Date: Wed, 08 Feb 2023 21:30:28 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:28 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
f95zone.to/
190.115.31.182200 OK 27 kB IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6101)
Hash 960c3424150dcd9be0d9ee386d6003fb
7076d233bbbce4df686ff38aaef61321ac3c38d0
39651c1937c133010f14fd8f8d57a9a57269cad6fc8fce15e042340fd17e8361
GET / HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 21:30:29 GMT
content-type: text/html; charset=utf-8
content-length: 26835
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 21:30:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
content-encoding: gzip
vary: Accept-Encoding
set-cookie: __ddg1_=M0HFn821iAM9k3csWNIR; Domain=.f95zone.to; HttpOnly; Path=/; Expires=Thu, 08-Feb-2024 21:30:28 GMT
xf_csrf=qQF4m-qLaiSYl-B-; path=/; secure
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
f95zone.to/assets/SamF95/Latest/vendor/tooltipster/css/tooltipster.bundle.min.css
190.115.31.182200 OK 989 B URL HTTP/2 f95zone.to/assets/SamF95/Latest/vendor/tooltipster/css/tooltipster.bundle.min.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (6495), with no line terminators
Hash 9356214b3aab86e5a2e662e7b5d3770b
a66b69432eccc02ef01be1cce51adc505c44c88f
178519da6ec0137ed2f703d54755ee8505845238c5ad8e7bba37c1e3f9f5ff04
GET /assets/SamF95/Latest/vendor/tooltipster/css/tooltipster.bundle.min.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Nov 2022 06:56:20 GMT
content-type: text/css
last-modified: Tue, 13 Nov 2018 21:10:28 GMT
etag: W/"5beb3dc4-195f"
expires: Wed, 22 Nov 2023 06:56:20 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 6791649
content-length: 989
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/assets/SamF95/Latest/vendor/jquery-loadmask-plus/jquery.loadmask-plus.min.css
190.115.31.182200 OK 473 B URL HTTP/2 f95zone.to/assets/SamF95/Latest/vendor/jquery-loadmask-plus/jquery.loadmask-plus.min.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (505), with CRLF line terminators
Hash 6e74cf58608f16bef0687b775548b6ba
820f8a6e6509b7e1f3eaac1431b0e3aceed9f26b
6f8f65826787f5231a5ed9575ba5a6b96ec4fb4ee15e86733513852dbc3d8731
GET /assets/SamF95/Latest/vendor/jquery-loadmask-plus/jquery.loadmask-plus.min.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 10 Dec 2022 17:19:19 GMT
content-type: text/css
last-modified: Tue, 13 Nov 2018 21:10:28 GMT
etag: W/"5beb3dc4-326"
expires: Sun, 10 Dec 2023 17:19:19 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
age: 5199070
content-length: 473
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/assets/fontawesome-free-5.11.2/css/v4-shims.min.css
190.115.31.182200 OK 4.0 kB URL HTTP/2 f95zone.to/assets/fontawesome-free-5.11.2/css/v4-shims.min.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (26440)
Hash 21c62642c84604e26eb28815b6865a34
c9485f21cbefb371969ed560af86247fe9f9d558
6e387d523993b5c8dfd0c1c09c55d008ba52a57394ca5c83f27d365a976a173f
GET /assets/fontawesome-free-5.11.2/css/v4-shims.min.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Nov 2022 06:56:20 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2019 15:53:56 GMT
vary: Accept-Encoding
etag: W/"5d88ea94-6802"
expires: Wed, 22 Nov 2023 06:56:20 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: br
age: 6791649
content-length: 3981
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/assets/SamF95/Latest/vendor/selectize.js/css/selectize.default.css
190.115.31.182200 OK 2.4 kB URL HTTP/2 f95zone.to/assets/SamF95/Latest/vendor/selectize.js/css/selectize.default.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
Hash f32f7818178f4dfd5e1254e16ace3d8e
d13bc84b0995507614fa41bebe2a799da71c401d
9fb9fa723ba25cb4f3b8c28efcecc85fd966260f0c4d8623f2d96aa55d4d5bb4
GET /assets/SamF95/Latest/vendor/selectize.js/css/selectize.default.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Nov 2022 06:56:21 GMT
content-type: text/css
last-modified: Tue, 13 Nov 2018 21:10:28 GMT
vary: Accept-Encoding
etag: W/"5beb3dc4-2e6a"
expires: Wed, 22 Nov 2023 06:56:21 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: br
age: 6791649
content-length: 2422
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=26&l=1&d=1672154331&k=4f19b0a5c6ac1a7f12d3c0192cd0c03183933279
190.115.31.182200 OK 72 kB URL HTTP/2 f95zone.to/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=26&l=1&d=1672154331&k=4f19b0a5c6ac1a7f12d3c0192cd0c03183933279
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (63364)
Hash b6106ecf0a31b3fc1c995c7e6af1086f
36e089131eaeaab20ec4fca1df7917291e12dae6
f411a9a615cc09d77e3fcbac904bcecdf11c70b77114f583df90a4ac4a231416
GET /css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=26&l=1&d=1672154331&k=4f19b0a5c6ac1a7f12d3c0192cd0c03183933279 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 27 Dec 2022 15:18:54 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Wed, 27 Dec 2023 15:18:52 GMT
last-modified: Tue, 27 Dec 2022 15:18:51 GMT
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=15768000
age: 3737499
ddg-cache-status: HIT,MISS
content-length: 72233
X-Firefox-Spdy: h2
f95zone.to/assets/fontawesome-free-5.11.2/css/all.min.css
190.115.31.182200 OK 12 kB URL HTTP/2 f95zone.to/assets/fontawesome-free-5.11.2/css/all.min.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (56656)
Hash 9f41b82158fd12e3adb06fb66b2afc80
2197ed2f616874f94a33272423cd07fffeb37f79
5379f2046c280a3920907d0154ec9a9bcfa434de7b12dcb6bcb2aeccd165d4b7
GET /assets/fontawesome-free-5.11.2/css/all.min.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 10 Dec 2022 13:06:09 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2019 15:53:56 GMT
vary: Accept-Encoding
etag: W/"5d88ea94-de0a"
expires: Sun, 10 Dec 2023 13:06:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 5214260
content-length: 12346
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/styles/uix_dark/fonts/icons/material-icons/css/materialdesignicons.min.css
190.115.31.182200 OK 31 kB URL HTTP/2 f95zone.to/styles/uix_dark/fonts/icons/material-icons/css/materialdesignicons.min.css
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2cde014229806d405cd90e3f8bac9e92
baf009c2b808945aa85914a3d315c94a3d83d7aa
57591850513967e24a79088ae745e57627cb3b9e52275ad3188e326536982d65
GET /styles/uix_dark/fonts/icons/material-icons/css/materialdesignicons.min.css HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 17 Oct 2022 10:54:48 GMT
content-type: text/css
last-modified: Sat, 30 May 2020 13:26:54 GMT
vary: Accept-Encoding
etag: W/"5ed25f1e-30ca6"
expires: Tue, 17 Oct 2023 10:54:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: br
age: 9887741
ddg-cache-status: HIT,MISS
content-length: 30973
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f95zone.to/css.php?css=public%3Aandy_quicksearch.less%2Cpublic%3Anode_list.less%2Cpublic%3Arellect_favicon.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=26&l=1&d=1672154331&k=73f86f9851693a4c193e817651a8ec369b65f86f
190.115.31.182200 OK 8.2 kB URL HTTP/2 f95zone.to/css.php?css=public%3Aandy_quicksearch.less%2Cpublic%3Anode_list.less%2Cpublic%3Arellect_favicon.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=26&l=1&d=1672154331&k=73f86f9851693a4c193e817651a8ec369b65f86f
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (19384)
Hash 9f78c1150fef89b4333e42af7c7564e5
136f3ed3a6a85e0b888d5e1718848b3fe91c20c6
647f49b759e281f1130490bdb5b8a518b96f75c354001b2a8eb48337532bd9c5
GET /css.php?css=public%3Aandy_quicksearch.less%2Cpublic%3Anode_list.less%2Cpublic%3Arellect_favicon.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Auix_extendedFooter.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less&s=26&l=1&d=1672154331&k=73f86f9851693a4c193e817651a8ec369b65f86f HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 27 Dec 2022 15:19:01 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Wed, 27 Dec 2023 15:19:01 GMT
last-modified: Tue, 27 Dec 2022 15:18:51 GMT
cache-control: public, max-age=31536000
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=15768000
age: 3737488
content-length: 8180
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/2115/2115973.jpg?1675337979
190.115.31.182200 OK 5.2 kB URL HTTP/2 f95zone.to/data/avatars/s/2115/2115973.jpg?1675337979
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 31daf14d76ba8435b30d85384cc83dda
cd5080fbc9875d1f9c0b34fdb69471cce3178b98
e185f7c035bc46cc38d1caa9060a1ace3c60442636bd6f645789096ec92690e9
GET /data/avatars/s/2115/2115973.jpg?1675337979 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 02 Feb 2023 11:40:47 GMT
content-type: image/jpeg
content-length: 5238
last-modified: Thu, 02 Feb 2023 11:39:39 GMT
etag: "63dba0fb-1476"
expires: Fri, 02 Feb 2024 11:40:47 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 553782
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/977/977871.jpg?1675798093
190.115.31.182200 OK 1.7 kB URL HTTP/2 f95zone.to/data/avatars/s/977/977871.jpg?1675798093
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 2bc805b797c5cae2feafb996dd3c64e2
907980863014184170c03698e2dc8a140a35f02e
e7bbc6c3e4837f8d785458fa4a6a5ef10fd2201c4f282238840592123f1d14b7
GET /data/avatars/s/977/977871.jpg?1675798093 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 10:48:58 GMT
content-type: image/jpeg
content-length: 1651
last-modified: Tue, 07 Feb 2023 19:28:13 GMT
etag: "63e2a64d-673"
expires: Thu, 08 Feb 2024 10:48:58 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 38491
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/119/119445.jpg?1592441669
190.115.31.182200 OK 1.9 kB URL HTTP/2 f95zone.to/data/avatars/s/119/119445.jpg?1592441669
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3\012- data
Hash 46e0b5a54b8534928219573526246460
a93f0a002b5426e6049c16a7bdb8eb403445e99f
041aefbadc517d830f6b5a327740ee3bf3abf1f4c674f44efb295403f544058e
GET /data/avatars/s/119/119445.jpg?1592441669 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 25 Jan 2023 06:49:31 GMT
content-type: image/jpeg
content-length: 1862
last-modified: Thu, 18 Jun 2020 00:54:29 GMT
strict-transport-security: max-age=15768000
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: "5eeabb45-746"
expires: Sat, 01 Jul 2023 15:38:03 GMT
cache-control: max-age=31536000
age: 1262458
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/81/81041.jpg?1674962317
190.115.31.182200 OK 6.0 kB URL HTTP/2 f95zone.to/data/avatars/s/81/81041.jpg?1674962317
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash dec0b72404710b69c607fe577443bb94
1dfef5b51812d431aee1eb129e1323e8c9aa8bf8
147a7e538608ea29a6b693a1a9f03671304d4ada167802f21f2dffe88aba9ea5
GET /data/avatars/s/81/81041.jpg?1674962317 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 29 Jan 2023 03:18:39 GMT
content-type: image/jpeg
content-length: 5962
last-modified: Sun, 29 Jan 2023 03:18:38 GMT
etag: "63d5e58e-174a"
expires: Mon, 29 Jan 2024 03:18:39 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 929510
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/1810/1810268.jpg?1673638820
190.115.31.182200 OK 2.6 kB URL HTTP/2 f95zone.to/data/avatars/s/1810/1810268.jpg?1673638820
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type GIF image data, version 89a, 48 x 48\012- data
Hash 1ed363a18aa40208b7bed665e1044c87
76c9678f344cda2be9c046a6a57c21577dd27bd2
1d14439c5648fdaf1332e53b6f1b3c25c62e656e1135893b8a19bc4bee45b720
GET /data/avatars/s/1810/1810268.jpg?1673638820 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 16 Jan 2023 19:29:33 GMT
content-type: image/jpeg
content-length: 2614
last-modified: Fri, 13 Jan 2023 19:40:20 GMT
etag: "63c1b3a4-a36"
expires: Tue, 16 Jan 2024 19:29:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 1994456
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/275/275299.jpg?1609518114
190.115.31.182200 OK 4.1 kB URL HTTP/2 f95zone.to/data/avatars/s/275/275299.jpg?1609518114
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b6632cda9ac8379062ea0162596b5ea
67a6be1725e91b33bd067415af1d5d15acc27769
eba87a003311912a73e9bf5776cdfc97237b9464c9621e66610aae7d9d9cc864
GET /data/avatars/s/275/275299.jpg?1609518114 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sun, 11 Dec 2022 19:01:04 GMT
content-type: image/jpeg
content-length: 4061
last-modified: Fri, 01 Jan 2021 16:21:56 GMT
etag: "5fef4c24-fdd"
expires: Mon, 11 Dec 2023 19:01:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 5106565
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/682/682588.jpg?1528990279
190.115.31.182200 OK 3.7 kB URL HTTP/2 f95zone.to/data/avatars/s/682/682588.jpg?1528990279
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 59991606c880e25a78c3aeed6dadee83
3e5cff76302683ff6a3a95675a100455040e69b3
002729b9dbe53e962f27da1188cca9f93a2321b55162cd6776fa2aacd55ceffe
GET /data/avatars/s/682/682588.jpg?1528990279 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 28 Jan 2023 14:52:22 GMT
content-type: image/jpeg
content-length: 3700
last-modified: Thu, 14 Jun 2018 15:31:19 GMT
etag: "5b228a47-e74"
expires: Sun, 28 Jan 2024 14:52:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 974288
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/4523/4523328.jpg?1648770311
190.115.31.182200 OK 2.1 kB URL HTTP/2 f95zone.to/data/avatars/s/4523/4523328.jpg?1648770311
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3\012- data
Hash 882be60fdd4633a4097044e59ffafd40
01ca945e09a1c36a66ee1fc6e12cc73bded8d89c
f450e5f241305f297fbb7b6c75cbab0d3cb614a195fc5b6e7913302547e0e9cf
GET /data/avatars/s/4523/4523328.jpg?1648770311 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 21:30:06 GMT
content-type: image/jpeg
content-length: 2112
last-modified: Thu, 31 Mar 2022 23:45:11 GMT
etag: "62463d07-840"
expires: Thu, 08 Feb 2024 21:30:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 23
ddg-cache-status: HIT,MISS
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/5793/5793842.jpg?1675868018
190.115.31.182200 OK 2.4 kB URL HTTP/2 f95zone.to/data/avatars/s/5793/5793842.jpg?1675868018
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type GIF image data, version 89a, 48 x 48\012- data
Hash 06028f6d348ba7d7c02d8f9579042c8a
194b90c4da12aa49a60702f8a11225a7a4f76854
6b7db9a8375572179c8384c6ec6f6b0b87b7759e43a44e886f2a01097526b97a
GET /data/avatars/s/5793/5793842.jpg?1675868018 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 14:53:39 GMT
content-type: image/jpeg
content-length: 2374
last-modified: Wed, 08 Feb 2023 14:53:38 GMT
etag: "63e3b772-946"
expires: Thu, 08 Feb 2024 14:53:39 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 23810
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/3/3740.jpg?1667294502
190.115.31.182200 OK 147 B URL HTTP/2 f95zone.to/data/avatars/s/3/3740.jpg?1667294502
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash cea9086c659b4204de3f3161656c218b
5678ee7cee3325a6d6987fe38b48803f0245b0fb
f4ac9e04ecf3320b182b794cad3136cb44f36c7e146d54a05b7678a992d9616d
GET /data/avatars/s/3/3740.jpg?1667294502 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 21 Dec 2022 14:39:09 GMT
content-type: image/jpeg
content-length: 147
last-modified: Tue, 01 Nov 2022 09:21:43 GMT
etag: "6360e527-93"
expires: Thu, 21 Dec 2023 14:39:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 4258280
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/global/20180112.min.js?_v=693939b5
190.115.31.182200 OK 4.0 kB URL HTTP/2 f95zone.to/js/themehouse/global/20180112.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (537)
Hash 34061dbb3ae6902bf06bfc30c3058cc7
df943b621d0d66969aec86be4457dfb5194b0ac2
43c29ecfebe3b467750473a0ddd70ab82d9a28cd4c16b8d008a1c2f85dc03ad6
GET /js/themehouse/global/20180112.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 06:55:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 13 Jul 2020 17:05:56 GMT
vary: Accept-Encoding
etag: W/"5f0c9474-2ca6"
expires: Wed, 06 Dec 2023 06:55:49 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 5582080
content-length: 3970
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/defer.min.js?_v=693939b5
190.115.31.182200 OK 4.0 kB URL HTTP/2 f95zone.to/js/themehouse/uix_dark/defer.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (546)
Hash 00dbbcf818a20fbc4680103acdd82abd
c776c6753de267191c26909b04c7ae8de19ee0d4
8f36ae91ebf3382f9923f133d993b0b2713ac0dde96bfe305c4b1b7e36d2ecf5
GET /js/themehouse/uix_dark/defer.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 06 Dec 2022 06:55:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
vary: Accept-Encoding
etag: W/"5ed25f1a-461f"
expires: Wed, 06 Dec 2023 06:55:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 5582079
content-length: 3952
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/js/vendor/vendor-compiled.js?_v=693939b5
190.115.31.182200 OK 22 kB URL HTTP/2 f95zone.to/js/vendor/vendor-compiled.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type Unicode text, UTF-8 text, with very long lines (10809)
Hash 5c6d47632d961f7d02df760a70c8b229
25ecaf9d6f3feaf3b1dfd494be94c8878df2056f
e0da41c6e1597134b796a6d328559ad8edddb3707f3d1ccc15c17c996e213c48
GET /js/vendor/vendor-compiled.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 19 Nov 2022 10:37:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:01:09 GMT
vary: Accept-Encoding
etag: W/"5ed25915-11b76"
expires: Sun, 19 Nov 2023 10:37:33 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 7037576
content-length: 21735
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/js/vendor/jquery/jquery-3.4.1.min.js?_v=693939b5
190.115.31.182200 OK 31 kB URL HTTP/2 f95zone.to/js/vendor/jquery/jquery-3.4.1.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (65451)
Hash 870f93e2a0cba1ccdedb822096ba0529
1dc7366169abfe8200eef86a7dbb066b1c888415
42e39acc0bc9209b1e11622629e40b627ebfc667614a02fa4aa6341a587af2a0
GET /js/vendor/jquery/jquery-3.4.1.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 19 Nov 2022 10:37:34 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:01:17 GMT
vary: Accept-Encoding
etag: W/"5ed2591d-15851"
expires: Sun, 19 Nov 2023 10:37:34 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 7037575
content-length: 30719
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/js/xf/core-compiled.js?_v=693939b5
190.115.31.182200 OK 59 kB URL HTTP/2 f95zone.to/js/xf/core-compiled.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (571)
Hash a1500e4801715bf66dd164624f0d044a
eba5a26f1545ae1f6eb52c8d6c0589de03f0bce7
20fc240072fa5ec5af55dd07be31879cbb0994378031c82d01d8c1b0a81851b3
GET /js/xf/core-compiled.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 19 Nov 2022 10:37:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:01:12 GMT
vary: Accept-Encoding
etag: W/"5ed25918-323d8"
expires: Sun, 19 Nov 2023 10:37:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
content-encoding: gzip
age: 7037574
content-length: 59142
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/data/avatars/s/1408/1408191.jpg?1559523283
190.115.31.182200 OK 1.9 kB URL HTTP/2 f95zone.to/data/avatars/s/1408/1408191.jpg?1559523283
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3\012- data
Hash 94609263ea54ee43e4347abde642b570
cd156776334fc89d0fd654c61aea17fd753012c2
2ccfb41797d986aa20cac33fd3b4020fbd0e89dac1dcee968bf701ef3901b400
GET /data/avatars/s/1408/1408191.jpg?1559523283 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 04:55:09 GMT
content-type: image/jpeg
content-length: 1870
last-modified: Mon, 03 Jun 2019 00:54:43 GMT
etag: "5cf46fd3-74e"
expires: Sun, 04 Feb 2024 04:55:09 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 405320
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de1b4c615fe81369f4f94c3fcca2d21d
2fc629f6fed8f9e57bd620773bf605346b5f9653
ae9dbb635719de8700ec72427117360861857ecae280d2abcb32ac3e5cf0a074
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE9DBB635719DE8700EC72427117360861857ECAE280D2ABCB32AC3E5CF0A074"
Last-Modified: Tue, 07 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Wed, 08 Feb 2023 23:50:30 GMT
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de1b4c615fe81369f4f94c3fcca2d21d
2fc629f6fed8f9e57bd620773bf605346b5f9653
ae9dbb635719de8700ec72427117360861857ecae280d2abcb32ac3e5cf0a074
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE9DBB635719DE8700EC72427117360861857ECAE280D2ABCB32AC3E5CF0A074"
Last-Modified: Tue, 07 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8401
Expires: Wed, 08 Feb 2023 23:50:30 GMT
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: keep-alive
static.f95zone.to/assets/favicon-32x32.png
190.115.31.182200 OK 1.7 kB URL HTTP/2 static.f95zone.to/assets/favicon-32x32.png
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ab6f5b09842c96b2ca7170779291de5
dccdad175c208b37dd27ca264f894c6ee948a69e
f658dc0b364cdb4f70607207c80a39b0fc6d5a2e4283d53a231f585d634a5584
GET /assets/favicon-32x32.png HTTP/1.1
Host: static.f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 23 Jun 2022 12:28:12 GMT
content-type: image/png
content-length: 1679
last-modified: Tue, 09 May 2017 21:59:40 GMT
etag: "59123bcc-68f"
expires: Fri, 23 Jun 2023 12:28:12 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
access-control-allow-origin: https://f95zone.to
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
age: 19904582
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-67186250-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-67186250-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 860a1844132b56c3dcce072b004e3a65
968cb6623504dea001dd0b31d977ff3ea23dd30c
a4b8603cce6d6dbe05d8eb2a35243d531b4502af5d19233017c4486d8cc6c9f7
GET /gtag/js?id=UA-67186250-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 21:30:29 GMT
expires: Wed, 08 Feb 2023 21:30:29 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.f95zone.to/assets/logo.png
190.115.31.182200 OK 100 kB URL HTTP/2 static.f95zone.to/assets/logo.png
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type PNG image data, 4688 x 813, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100313 bytes)
Hash 58b57829a9c6eba7c99b9a9738a16461
5660811d90712fce13c8fe5823341fdc6e77ec7c
1bff7c1b11553f22825566cdadb9ab73ddb214b804f17be1b5a6a8b38bcebfd8
GET /assets/logo.png HTTP/1.1
Host: static.f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 11 Feb 2022 13:57:28 GMT
content-type: image/png
content-length: 100313
last-modified: Tue, 13 Nov 2018 22:42:52 GMT
etag: "5beb536c-187d9"
expires: Sat, 11 Feb 2023 13:57:28 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
age: 31303982
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 21:14:52 GMT
age: 937
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/index.min.js?_v=693939b5
190.115.31.182200 OK 3.3 kB URL HTTP/2 f95zone.to/js/themehouse/uix_dark/index.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (558)
Hash f064ae95f4ba734c84d1a6a93d155839
b96f8415a27351f3e6cf377d8018daf42f053e5d
c4210ec6c64bd33deb74842e9ca21bd8c22007842717248d2de4863118b99d08
GET /js/themehouse/uix_dark/index.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 21:15:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
etag: W/"5ed25f1a-1fe7"
expires: Sat, 15 Jul 2023 21:15:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17972094
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f95zone.to/js/themehouse/uix_dark/vendor/hover-intent/jquery.hoverIntent.min.js?_v=693939b5
190.115.31.182200 OK 23 kB URL HTTP/2 f95zone.to/js/themehouse/uix_dark/vendor/hover-intent/jquery.hoverIntent.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (515)
Hash 8a376987f6e5adb2e1b8b865e946b87e
951153834a5f31ca42dbe88523033b284490074a
86f96f011127586b5c156681c1692d26607d27fdf66e40c2f36de68da23d2165
GET /js/themehouse/uix_dark/vendor/hover-intent/jquery.hoverIntent.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 20:21:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:51 GMT
etag: W/"5ed25f1b-654"
expires: Sat, 15 Jul 2023 20:21:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17975365
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/styles/fonts/fa/fa-solid-900.woff2?_v=5.12.1
190.115.31.182200 OK 138 kB URL HTTP/2 f95zone.to/styles/fonts/fa/fa-solid-900.woff2?_v=5.12.1
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
Size 138 kB (137962 bytes)
Hash 6934bae039357b939fab2a57d9fe0fed
c2b78272caa69e0044c0989d0e3d2927a8609b5b
887659f0a7475c468bba56af2cbd8ce712ab106f58df62ff6c6014c3684c2ec8
GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.12.1 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 12 Feb 2022 05:49:06 GMT
content-type: font/woff2
last-modified: Sat, 30 May 2020 13:04:34 GMT
etag: W/"5ed259e2-21b08"
expires: Sun, 12 Feb 2023 05:49:06 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
age: 31246883
ddg-cache-status: HIT,HIT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f95zone.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 04:29:08 GMT
expires: Wed, 07 Feb 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 147681
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/deferNodesCollapse.min.js?_v=693939b5
190.115.31.182200 OK 24 kB URL HTTP/2 f95zone.to/js/themehouse/uix_dark/deferNodesCollapse.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (516)
Hash b86f83c61ceda13cf19480a39d91648a
6c379fd4c8f86e1f8b3d26b78983ed93e0742907
6a089fcc5d9d2e8c33bc33045f3b1567e6a2829aa4acf3237dd42756acca5f24
GET /js/themehouse/uix_dark/deferNodesCollapse.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 20:11:41 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
etag: W/"5ed25f1a-b62"
expires: Sat, 15 Jul 2023 20:11:41 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17975973
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/styles/uix_dark/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=4.4.95
190.115.31.182200 OK 256 kB URL HTTP/2 f95zone.to/styles/uix_dark/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=4.4.95
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 256372, version 1.0\012- data
Size 256 kB (256372 bytes)
Hash 7ec5dab7e7ff250971d2ff50379778dc
7261e30211812556fd7e046cf6ea09dead829162
bc9ecde67d9898b6483204a8b2d49442b68be3b1460429b1c8d811253e577772
GET /styles/uix_dark/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=4.4.95 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://f95zone.to/styles/uix_dark/fonts/icons/material-icons/css/materialdesignicons.min.css
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Mar 2022 21:14:43 GMT
content-type: font/woff2
content-length: 256372
last-modified: Sat, 30 May 2020 13:26:56 GMT
etag: "5ed25f20-3e974"
expires: Wed, 22 Mar 2023 21:14:43 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
age: 27908191
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
f95zone.to/assets/fontawesome-free-5.11.2/webfonts/fa-solid-900.woff2
190.115.31.182200 OK 76 kB URL HTTP/2 f95zone.to/assets/fontawesome-free-5.11.2/webfonts/fa-solid-900.woff2
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 75728, version 330.32636\012- data
Hash 44d537ab79f921fde5a28b2c1636f397
b2879f9e1d0985a96842bf7f55a2b2cc4c636d04
3d1080625d3030e88357b3ac9aa377dcec23f1b529c4ad03f7a9a435ccae04be
GET /assets/fontawesome-free-5.11.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://f95zone.to/assets/fontawesome-free-5.11.2/css/all.min.css
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 22 Nov 2022 06:56:24 GMT
content-type: font/woff2
content-length: 75728
last-modified: Mon, 23 Sep 2019 15:53:56 GMT
etag: "5d88ea94-127d0"
expires: Wed, 22 Nov 2023 06:56:24 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 6791645
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e839a7c6edbd90ecec3af58f991e9d9c
371b558f538ba76ea4b467a1261d541dfa19d004
9d82898e02be9c9eb5a7c28aaee28423a05342bfe328f630937bfbb7bfccf0b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4630
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:29 GMT
Last-Modified: Wed, 08 Feb 2023 20:13:20 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
f95zone.to/styles/fonts/fa/fa-duotone-900.woff2?_v=5.12.1
190.115.31.182200 OK 185 kB URL HTTP/2 f95zone.to/styles/fonts/fa/fa-duotone-900.woff2?_v=5.12.1
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type Web Open Font Format (Version 2), TrueType, length 184868, version 330.-16188\012- data
Size 185 kB (184868 bytes)
Hash d03e9c2b44ce4ad169037070c1faf2d1
10783f822aabc2541d85340e2d5097ab7f182099
5cf2dea4437f40b914e9bcb6fc763630b0a58c20b6fc6a765a540cc11f078a62
GET /styles/fonts/fa/fa-duotone-900.woff2?_v=5.12.1 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://f95zone.to/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=26&l=1&d=1672154331&k=4f19b0a5c6ac1a7f12d3c0192cd0c03183933279
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 14 Feb 2022 14:06:08 GMT
content-type: font/woff2
content-length: 184868
last-modified: Sat, 30 May 2020 13:04:32 GMT
etag: "5ed259e0-2d224"
expires: Tue, 14 Feb 2023 14:06:08 GMT
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
age: 31044261
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2239
Expires: Wed, 08 Feb 2023 22:07:48 GMT
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: keep-alive
static.trafficjunky.com/invocation/embeddedads/production/embeddedads.es6.min.js
205.185.208.79200 OK 19 kB URL HTTP/2 static.trafficjunky.com/invocation/embeddedads/production/embeddedads.es6.min.js
IP 205.185.208.79:0
File type Unicode text, UTF-8 text, with very long lines (61721), with no line terminators
Hash 537fa1af171ad0c8fbad263fdd18dfa1
678c11a875cc06db1ce46d8aed850e610755dbdd
4fd8538b5c668334f22723a4cdec9216a149a6785bb7534a91a8b5ed40d6e87d
GET /invocation/embeddedads/production/embeddedads.es6.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:29 GMT
etag: "1675718101"
cache-control: max-age=31536000
content-encoding: gzip
content-length: 18612
content-type: application/javascript
last-modified: Mon, 06 Feb 2023 21:15:01 GMT
accept-ranges: bytes
x-hw: 1675891829.dop009.sk1.t,1675891829.cds010.sk1.hn,1675891829.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10662550
X-HW: 1675891829.dop066.sk1.t,1675891829.cds257.sk1.shn,1675891829.cds257.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10584719
X-HW: 1675891829.dop214.sk1.t,1675891829.cds263.sk1.shn,1675891829.cds263.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/50/529/815065/1042570/1042570_logo.png
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/50/529/815065/1042570/1042570_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e1cc3c88e5bdd1ceee9496a85da7f42
a5ccfc76a649ac4758942a64fe16afec379036c2
c42c062b36270f1b0260b41a019289d34e5eea6f511065b712cc107f067d56f6
GET /a7/creatives/50/529/815065/1042570/1042570_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:30:29 GMT
Connection: Keep-Alive
ETag: "1663288927"
Content-Length: 4996
Content-Type: image/png
Last-Modified: Fri, 16 Sep 2022 00:42:07 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10580492
X-HW: 1675891829.dop023.sk1.t,1675891829.cds256.sk1.shn,1675891829.dop023.sk1.t,1675891829.cds222.sk1.c
Access-Control-Allow-Origin: *
static.trafficjunky.com/invocation/idsync/production/idsync.min.js?v=1675814400000
205.185.208.79200 OK 18 kB URL HTTP/2 static.trafficjunky.com/invocation/idsync/production/idsync.min.js?v=1675814400000
IP 205.185.208.79:0
File type Unicode text, UTF-8 text, with very long lines (46765), with no line terminators
Hash e574ed41b6a8bc07595b9bbfacdcff66
11f637b4d9e2c646b34890b8833d47500f28bbac
d4b88364e0963bc281e65edbbe7996cdd19675411071348b36902a6bc7e90f4e
GET /invocation/idsync/production/idsync.min.js?v=1675814400000 HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:29 GMT
etag: "1661799765"
cache-control: max-age=31536000
content-encoding: gzip
content-length: 17666
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 19:02:45 GMT
accept-ranges: bytes
x-hw: 1675891829.dop009.sk1.t,1675891829.cds010.sk1.hn,1675891829.cds257.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 19377af41c1289e7643ebd82bdbee4e3
f6581b5a2dbcab7c598ad233ad2ae8c124a5da4f
6f8fe30a0b599ad059d2826780e8852eb18b8fc2654e6237c73f2b01160c86ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Last-Modified: Wed, 08 Feb 2023 19:56:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 19377af41c1289e7643ebd82bdbee4e3
f6581b5a2dbcab7c598ad233ad2ae8c124a5da4f
6f8fe30a0b599ad059d2826780e8852eb18b8fc2654e6237c73f2b01160c86ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Last-Modified: Wed, 08 Feb 2023 19:56:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 19377af41c1289e7643ebd82bdbee4e3
f6581b5a2dbcab7c598ad233ad2ae8c124a5da4f
6f8fe30a0b599ad059d2826780e8852eb18b8fc2654e6237c73f2b01160c86ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Last-Modified: Wed, 08 Feb 2023 19:56:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
hw-cdn2.ang-content.com/a7/creatives/50/529/815065/1042570/1042570_video.mp4
205.185.208.20206 Partial Content 357 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/50/529/815065/1042570/1042570_video.mp4
IP 205.185.208.20:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 357 kB (356869 bytes)
Hash e97ed1cc53b83f1b8ff3197d62d8fffb
f347e6865a2ed8013e6053e26e36b7ec550ec0b2
e0b8f419183ce15e8aba958a251b3b3e49ac74d7868b542060553f3c153250f4
GET /a7/creatives/50/529/815065/1042570/1042570_video.mp4 HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Wed, 08 Feb 2023 21:30:30 GMT
Connection: Keep-Alive
ETag: "1663289303"
Content-Length: 356869
Content-Range: bytes 0-356868/356869
Content-Type: video/mp4
Last-Modified: Fri, 16 Sep 2022 00:48:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10580492
X-HW: 1675891829.dop066.sk1.t,1675891830.cds257.sk1.shn,1675891830.dop066.sk1.t,1675891830.cds250.sk1.c
Access-Control-Allow-Origin: *
ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757831%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886040
66.254.114.38200 OK 0 B URL HTTP/2 ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757831%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886040
IP 66.254.114.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757831%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886040 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f95zone.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: application/json
content-length: 0
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
access-control-allow-origin: https://f95zone.to
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 19:44:05 GMT
expires: Wed, 08 Feb 2023 21:44:05 GMT
cache-control: public, max-age=7200
age: 6385
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.19.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.19.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TETE8IYgwAGSwH7Rq1Y9Qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SRgDkECt5fTNyxTtQqLuRKauYN8=
f95zone.to/index.php?sam-item/20/track-view
190.115.31.182200 OK 100 B URL HTTP/2 f95zone.to/index.php?sam-item/20/track-view
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text
Hash 94bb70f22b6c26f3882d20683dc7caf7
43f7eda22624004006ddfbdf659d62c795c8ddd7
821b28d1f43e4319114b3501e0c50834b717aeb8edca8d4712505a8aa8be9a1b
POST /index.php?sam-item/20/track-view HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 143
Origin: https://f95zone.to
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: application/json; charset=utf-8
content-length: 100
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2023 21:30:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
content-encoding: gzip
vary: Accept-Encoding
set-cookie: xf_sam_ad_views=%7B%2220%22%3A1675891830%7D; path=/; secure; HttpOnly
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&gjid=2096444183&_gid=1321495394.1675891886&_u=YEBAAUAAAAAAACAAI~&z=75640895
64.233.162.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&gjid=2096444183&_gid=1321495394.1675891886&_u=YEBAAUAAAAAAACAAI~&z=75640895
IP 64.233.162.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&gjid=2096444183&_gid=1321495394.1675891886&_u=YEBAAUAAAAAAACAAI~&z=75640895 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://f95zone.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://f95zone.to
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 21:30:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4b39eb95df25d95c3aaabbf897c5f4eb
1b80cda5dd2ee56df5f8577ffcf82642e473616d
699bb26b819a1a56e70d40d2a933fdac56339ffd32c791813853ca26b66d9992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5490
Cache-Control: max-age=103092
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Etag: "63e2eeb8-118"
Expires: Fri, 10 Feb 2023 02:08:42 GMT
Last-Modified: Wed, 08 Feb 2023 00:37:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.trafficjunky.net/deep_pixel?info=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw%2FjfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx%2FTBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
66.254.114.38200 OK 35 B URL HTTP/2 ads.trafficjunky.net/deep_pixel?info=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw%2FjfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx%2FTBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
IP 66.254.114.38:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /deep_pixel?info=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw%2FjfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx%2FTBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
ads.trafficjunky.net/deep_pixel?info=CiQxZDgxMzIxMy02ODg1LTQwNmQtODMzZS1jY2NhYTAzZDU1NDIQ9qiQnwYaImNiNWM0NmVkNzAwZDQyY2NiMDBkNmU4OThmOGM2Y2NiLTEgAjCRpWs4kaVrQLHlBkjlrvnfA1IGMTQ3NTcxWNXrqd4DYPnqnvUDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTeIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AK9udDrBeAC7e3NmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
66.254.114.38200 OK 35 B URL HTTP/2 ads.trafficjunky.net/deep_pixel?info=CiQxZDgxMzIxMy02ODg1LTQwNmQtODMzZS1jY2NhYTAzZDU1NDIQ9qiQnwYaImNiNWM0NmVkNzAwZDQyY2NiMDBkNmU4OThmOGM2Y2NiLTEgAjCRpWs4kaVrQLHlBkjlrvnfA1IGMTQ3NTcxWNXrqd4DYPnqnvUDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTeIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AK9udDrBeAC7e3NmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0
IP 66.254.114.38:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /deep_pixel?info=CiQxZDgxMzIxMy02ODg1LTQwNmQtODMzZS1jY2NhYTAzZDU1NDIQ9qiQnwYaImNiNWM0NmVkNzAwZDQyY2NiMDBkNmU4OThmOGM2Y2NiLTEgAjCRpWs4kaVrQLHlBkjlrvnfA1IGMTQ3NTcxWNXrqd4DYPnqnvUDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c%2BIBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTeIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AK9udDrBeAC7e3NmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE%3D&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A105.0%29+Gecko%2F20100101+Firefox%2F105.0 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: image/gif
content-length: 35
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hw-cdn2.ang-content.com/a7/creatives/39/524/800869/996559/996559_logo.png
205.185.208.20200 OK 16 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/39/524/800869/996559/996559_logo.png
IP 205.185.208.20:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2aaacb14c0816c811151f7e5ad369e9f
2b51b630dcbbdcd9cb0e9c298a5d4323de0f19f5
c6f084bf2cbf871312c3c508455dfeff2bb11dc8909d98ab1a43897b16bedf4e
GET /a7/creatives/39/524/800869/996559/996559_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 21:30:30 GMT
Connection: Keep-Alive
ETag: "1620652277"
Content-Length: 15603
Content-Type: image/png
Last-Modified: Mon, 10 May 2021 13:11:17 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10419606
X-HW: 1675891829.dop066.sk1.t,1675891830.cds257.sk1.shn,1675891830.dop066.sk1.t,1675891830.cds212.sk1.c
Access-Control-Allow-Origin: *
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 21:30:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-67186250-3&cid=264511828.1675891886&jid=2066930682&_u=YEBAAUAAAAAAACAAI~&z=1928841310 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 21:30:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 713fc571353a4e9dbddfcbf1d041665a
60a5560d16182d4fd8c57db4a115dd0fab1797d3
f97126d0cae26997a4bf1ad5ea8cb590673648138d13f62a4bda3762f413679d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F97126D0CAE26997A4BF1AD5EA8CB590673648138D13F62A4BDA3762F413679D"
Last-Modified: Tue, 07 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12397
Expires: Thu, 09 Feb 2023 00:57:07 GMT
Date: Wed, 08 Feb 2023 21:30:30 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4b39eb95df25d95c3aaabbf897c5f4eb
1b80cda5dd2ee56df5f8577ffcf82642e473616d
699bb26b819a1a56e70d40d2a933fdac56339ffd32c791813853ca26b66d9992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5490
Cache-Control: max-age=103092
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Etag: "63e2eeb8-118"
Expires: Fri, 10 Feb 2023 02:08:42 GMT
Last-Modified: Wed, 08 Feb 2023 00:37:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d6f5a5e227740905025ee384af172f2
59d9c0e94aa9b72351b97f54b206ad12c9157d77
a6e87d75e28ab3181bb639fddac2564c31ab206dacd174d200f1081969fbe261
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A6E87D75E28AB3181BB639FDDAC2564C31AB206DACD174D200F1081969FBE261"
Last-Modified: Wed, 08 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6393
Expires: Wed, 08 Feb 2023 23:17:03 GMT
Date: Wed, 08 Feb 2023 21:30:30 GMT
Connection: keep-alive
onegamepics.com/bnr/4/de2/35edc7/de235edc79e982b28138f6efeb9c6ac2.png
172.67.203.233200 OK 86 kB URL HTTP/2 onegamepics.com/bnr/4/de2/35edc7/de235edc79e982b28138f6efeb9c6ac2.png
IP 172.67.203.233:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fa8887b7cada9dafb2758a6b1e5f6db
8f5f5e0bbb1dcb9d6cf1f385651b17ccdc251b37
67103e8aad67a97cdf5fb6352adebf29446b4634207bbab696705bdb395c77b2
GET /bnr/4/de2/35edc7/de235edc79e982b28138f6efeb9c6ac2.png HTTP/1.1
Host: onegamepics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: image/png
content-length: 86449
last-modified: Thu, 02 Jun 2022 13:42:03 GMT
etag: "6298be2b-151b1"
expires: Wed, 08 Feb 2023 15:56:30 GMT
cache-control: max-age=345600
cf-cache-status: HIT
age: 106440
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAEIDbM6dPfwxesEBSUnJujRnjY0ZcQ2cqsP7u1jkvXfcav5NDsjcCNHOdFFOOjjXnQQIF3ZY3mTn0bguJi2VQ7o%2BwHTjf1oiURkGNaU3aobkkIVQO5d094LbHls6Fufz%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796777861823b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.adtng.com/get/10000605?time=1595953806142&uuid=15d68cb4ed94467a8e7c37923478d628&impid=15d68cb4ed94467a8e7c37923478d628-1&tj_zid=1757911&tj_cid=1006510471&tj_aid=1531282081&infos=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw/jfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx/TBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE=
66.254.114.171200 OK 9.7 kB URL HTTP/2 a.adtng.com/get/10000605?time=1595953806142&uuid=15d68cb4ed94467a8e7c37923478d628&impid=15d68cb4ed94467a8e7c37923478d628-1&tj_zid=1757911&tj_cid=1006510471&tj_aid=1531282081&infos=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw/jfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx/TBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE=
IP 66.254.114.171:0
Hash 90d70b80e0026b2e78fc5f83e095f95d
9446e6de81c51f00019db62a9f155173b06a0551
17f0bf9558f9b7ff32d47ddc16368f1aa8beb2dc39499cf0c246a0e18feab66c
GET /get/10000605?time=1595953806142&uuid=15d68cb4ed94467a8e7c37923478d628&impid=15d68cb4ed94467a8e7c37923478d628-1&tj_zid=1757911&tj_cid=1006510471&tj_aid=1531282081&infos=CiQ2OTJhZTk2OC0yMWEwLTQzY2UtOThjNy04ZjcyZmM2MjY0YWIQ9qiQnwYaIjE1ZDY4Y2I0ZWQ5NDQ2N2E4ZTdjMzc5MjM0NzhkNjI4LTEgAjDXpWs416VrQK3jBkiHw/jfA1IGMTQ3NTcxWNXrqd4DYOWUsPMDciA2MzFjZDJlZTJiNGY0Y2Y4OWE5OGM1MTNjMDhkOTU4M5IBAk5PygEOYmxpeCBzb2x1dGlvbnPSAQR3aWZp2gEHd2luZG93c+IBDDkxLjkwLjQyLjE1NPoBDDkxLjkwLjQyLjE1NIICB2RlZDc2NTWIAgWSAgdmaXJlZm94qgIHd2luZG93c7ICBTEwNS4w2AKhhZbaBeACx/TBmAT6AgExggMCe32SAwdkZXNrdG9wmgMCZW6oAwE= HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: adtool_guid=Ch5KHmPkFHUMaCIMv9OaAg==; RNLBSERVERID=ded7078
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63E41475-42FE72AB01BBDC41-9505322
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d6f5a5e227740905025ee384af172f2
59d9c0e94aa9b72351b97f54b206ad12c9157d77
a6e87d75e28ab3181bb639fddac2564c31ab206dacd174d200f1081969fbe261
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A6E87D75E28AB3181BB639FDDAC2564C31AB206DACD174D200F1081969FBE261"
Last-Modified: Wed, 08 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6393
Expires: Wed, 08 Feb 2023 23:17:03 GMT
Date: Wed, 08 Feb 2023 21:30:30 GMT
Connection: keep-alive
sync.atsptp.com/d/jsfp/9e4947f35751465411fd1a4f5c358c78
66.254.114.220200 OK 36 B URL HTTP/2 sync.atsptp.com/d/jsfp/9e4947f35751465411fd1a4f5c358c78
IP 66.254.114.220:0
File type ASCII text, with no line terminators
Hash f513c5d909f95e10e26cca5cdfc4ba54
e947115ee3fcdd1902f5e85de970d88c8496bc74
bb4f745a640534ab0bcdbd2105e7fda5c00932ab954afc886e10ab733d2ee874
GET /d/jsfp/9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: sync.atsptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f95zone.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
set-cookie: d_uidb=7bb81e3c-5287-a074-0a8c-cffc2087ecff; Max-Age=31536000; Expires=Thu, 08 Feb 2024 21:30:30 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax
date: Wed, 8 Feb 2023 21:30:30 GMT
access-control-allow-origin: https://f95zone.to
vary: Origin
access-control-allow-credentials: true
content-type: text/plain
content-length: 36
x-trace: 2B7374C1476ED078E8ED815B6A3D8257AF00D0279A000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63E41476-42FE72DC01BBB4C0-4C0FC6
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&lr=1&partner=8c7c01962f4e2c3e4ed0abe5cbafc84289b3e8521c6f0b5a27c2e73ae5e07e86 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c8500d206cbb4421a23d2517e78eb206; expires=Thu, 08 Feb 2024 21:30:30 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
runative-syndicate.com/api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef
136.243.43.25200 OK 35 B URL HTTP/2 runative-syndicate.com/api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef
IP 136.243.43.25:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 2869c5a1f853bbcd
set-cookie: ts_rt_dedc7df9-c920-4b4b-a9e4-2a904ca2f8ef=AAMC; expires=Thu, 08 Feb 2024 21:30:30 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/B4-YctRJ5lw
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/B4-YctRJ5lw
IP 142.250.74.163:0
Hash 53c0f9949015243b262f6873d251eb0c
bed90704bb853bbfb99d1a7b9784f52ae428edaa
8e8d8c1cf4fe3ad35b2ecb21e3919a923afe1ac702a42d23e2bca70b328e0708
POST /s/gts1p5/B4-YctRJ5lw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/B4-YctRJ5lw
142.250.74.163200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/B4-YctRJ5lw
IP 142.250.74.163:0
Hash 53c0f9949015243b262f6873d251eb0c
bed90704bb853bbfb99d1a7b9784f52ae428edaa
8e8d8c1cf4fe3ad35b2ecb21e3919a923afe1ac702a42d23e2bca70b328e0708
POST /s/gts1p5/B4-YctRJ5lw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 21:30:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e
136.243.69.157200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/cd5a54e9-d886-4c75-af65-8b819a80f59e HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: fd056d3b50e705aa
set-cookie: ts_rt_cd5a54e9-d886-4c75-af65-8b819a80f59e=AAMC; expires=Thu, 08 Feb 2024 21:30:30 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash a28222744ed7330bea9a621b935adcc1
d6c82547cae9ebf20c9e2534b2b072977d721399
14be94c7e087e140464c8d3cb8b77642c6ed07cde45992faa54d577cf26df94a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149906
Date: Wed, 08 Feb 2023 21:30:31 GMT
Etag: "63e3a415-1d7"
Expires: Fri, 10 Feb 2023 15:08:57 GMT
Last-Modified: Wed, 08 Feb 2023 13:31:01 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eLNuvAavdeuNb-Vi5Dxnfcmxa32sZfDQDormU7DLHqylK1GgnxQqlw==
Age: 5876
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1faf2a2e6a404794817cf2c4286f0252
171a83de83f8837b2bfdda1cb66d6e435d533137
f9aed77727fd51d0f4149b3a1e3ab9aa28b526d01d2a5a55fa074da293b3ffc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F9AED77727FD51D0F4149B3A1E3AB9AA28B526D01D2A5A55FA074DA293B3FFC1"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13324
Expires: Thu, 09 Feb 2023 01:12:35 GMT
Date: Wed, 08 Feb 2023 21:30:31 GMT
Connection: keep-alive
syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.exoclick.com/tag.php?goal=c413c2e3b989836e2023687a6fe7f55b
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=c413c2e3b989836e2023687a6fe7f55b HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 21:30:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83755%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-02-08%22%3B%7D%7D; expires=Thu, 08 Feb 2024 21:30:31 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.exoclick.com/tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=e2bbb6c289a1f6fc299b4c365e04ea7c HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 21:30:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A45506%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222023-02-08%22%3B%7D%7D; expires=Thu, 08 Feb 2024 21:30:31 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706
35.156.167.37307 Temporary Redirect 0 B URL HTTP/2 simplewebanalysis.com/px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706
IP 35.156.167.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px.gif?akey=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 08 Feb 2023 21:30:31 GMT
content-type: image/gif
content-length: 0
location: https://professionalswebcheck.com/dbs?uuid=46e6955d-1aee-49a8-9642-b7b5677f5d0c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjc1ODkxODMxfSwiYWNjbCI6eyAiMjAsMSI6MTY3NTg5MTgzMX19.MHyQ-URCHQ-N1UMWEusK16Q0QDEHhKmjldNSKtHS9rY
server: nginx/1.17.6
set-cookie: uid_id2=46e6955d-1aee-49a8-9642-b7b5677f5d0c:1:1; expires=Sat, 05 Feb 2033 21:30:31 GMT; secure; SameSite=None
ak=29,1675891831; expires=Tue, 09 May 2023 21:30:31 GMT; secure; SameSite=None
acl=20,1,1675891831; expires=Tue, 09 May 2023 21:30:31 GMT; secure; SameSite=None
expires: Wed, 08 Feb 2023 21:30:31 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
ads.trafficjunky.net/fla/log?action=ad_view&ad_id=1047267941&campaign_id=1006510471&initial_zone_id=1757911&member_id=1003124181&zone_id=1757911
66.254.114.38200 OK 0 B URL HTTP/2 ads.trafficjunky.net/fla/log?action=ad_view&ad_id=1047267941&campaign_id=1006510471&initial_zone_id=1757911&member_id=1003124181&zone_id=1757911
IP 66.254.114.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fla/log?action=ad_view&ad_id=1047267941&campaign_id=1006510471&initial_zone_id=1757911&member_id=1003124181&zone_id=1757911 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:31 GMT
content-length: 0
set-cookie: RNLBSERVERID=ded7525; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5317
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:30:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5317
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:30:31 GMT
Connection: keep-alive
syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553
66.254.114.233200 OK 95 B URL HTTP/1.1 syndication.traffichaus.com/adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553
IP 66.254.114.233:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /adserve/r.php?k=GAME&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322831553 HTTP/1.1
Host: syndication.traffichaus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Wed, 08 Feb 2023 21:30:31 GMT
content-type: image/png
transfer-encoding: chunked
set-cookie: re_94511_R0FNRQ=eyJ0IjoiR0FNRSIsImEiOiI5NDUxMSIsImQiOiIiLCJkaCI6Ijk2OTIwNWIwMjQ3NzU0MjUwZDkyMWQ4ZGE0NTg3NWZhIiwiYmgiOiI0OGMwMTFkMjY0OGFmZTA0NTVkMjAzOTY3YWExMzBhNSIsImlwIjoiOTEuOTAuNDIuMTU0IiwiZSI6MTcwMTgxMTgzMX0%3D; expires=Tue, 05-Dec-2023 21:30:31 GMT; Max-Age=25920000; path=/
RNLBSERVERID=ded5931; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63E41477-42FE72E901BB2A36-A8D08E
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5317
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:30:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5317
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 21:30:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:56 GMT
age: 84995
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 84266
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 85708
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f175de8eebe398f5de2829cd551b3f04
e6da63e9b03289bfded190d999a20da78232437c
b5d1ee4bd6186cbac1e4ac037766c9e453e166b0cfb2e08004cb11b8bb7daa88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffcee4072-2c9e-4db4-b200-065a1ef67ace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10202
x-amzn-requestid: 15e6c7ee-acef-4638-9a15-a01864ac74f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PEYFZOoAMFzEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c54f-3681217a71e5b9472b9cdb8a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PyOVGtKFSYIU2don5C7_L_pTUxdP_VEAhLZUhtBWo2PZ4kvPqaTg9g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:13:47 GMT
etag: "e6da63e9b03289bfded190d999a20da78232437c"
content-type: image/jpeg
age: 83804
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 83474
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 15:13:11 GMT
age: 22640
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
professionalswebcheck.com/dbs?uuid=46e6955d-1aee-49a8-9642-b7b5677f5d0c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjc1ODkxODMxfSwiYWNjbCI6eyAiMjAsMSI6MTY3NTg5MTgzMX19.MHyQ-URCHQ-N1UMWEusK16Q0QDEHhKmjldNSKtHS9rY
35.156.167.37200 OK 7 B URL HTTP/2 professionalswebcheck.com/dbs?uuid=46e6955d-1aee-49a8-9642-b7b5677f5d0c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjc1ODkxODMxfSwiYWNjbCI6eyAiMjAsMSI6MTY3NTg5MTgzMX19.MHyQ-URCHQ-N1UMWEusK16Q0QDEHhKmjldNSKtHS9rY
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /dbs?uuid=46e6955d-1aee-49a8-9642-b7b5677f5d0c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjI5IjoxNjc1ODkxODMxfSwiYWNjbCI6eyAiMjAsMSI6MTY3NTg5MTgzMX19.MHyQ-URCHQ-N1UMWEusK16Q0QDEHhKmjldNSKtHS9rY HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://forgoodplay.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:31 GMT
content-type: image/gif
content-length: 7
server: nginx/1.17.6
set-cookie: uid_id2=46e6955d-1aee-49a8-9642-b7b5677f5d0c:1:1; expires=Sat, 05 Feb 2033 21:30:31 GMT; secure; SameSite=None
ak=29,1675891831; expires=Tue, 09 May 2023 21:30:31 GMT; secure; SameSite=None
acl=20,1,1675891831; expires=Tue, 09 May 2023 21:30:31 GMT; secure; SameSite=None
expires: Wed, 08 Feb 2023 21:30:31 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
f95zone.to/js/siropu/am/core.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/siropu/am/core.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/siropu/am/core.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 19:19:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 16 Jan 2020 13:26:31 GMT
etag: W/"5e206487-2124"
expires: Sat, 15 Jul 2023 19:19:37 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17979097
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/styles/fonts/fa/fa-brands-400.woff2?_v=5.12.1
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/styles/fonts/fa/fa-brands-400.woff2?_v=5.12.1
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.12.1 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 24 Jan 2023 06:30:29 GMT
content-type: font/woff2
last-modified: Sat, 30 May 2020 13:04:34 GMT
strict-transport-security: max-age=15768000
accept-ranges: bytes
ddg-cache-status: HIT,HIT
etag: W/"5ed259e2-12ad4"
expires: Fri, 23 Jun 2023 11:57:55 GMT
cache-control: max-age=31536000
age: 1350000
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/deferWidthToggle.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/themehouse/uix_dark/deferWidthToggle.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/themehouse/uix_dark/deferWidthToggle.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 21:29:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
etag: W/"5ed25f1a-94c"
expires: Sat, 15 Jul 2023 21:29:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17971342
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757841%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886042
66.254.114.38200 OK 0 B URL HTTP/2 ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757841%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886042
IP 66.254.114.38:0
GET /ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757841%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886042 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f95zone.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=f95zone.com; Expires=Fri, 10 Mar 2023 21:30:30 GMT; Secure
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=f95zone.com; Expires=Fri, 10 Mar 2023 21:30:30 GMT; Secure
access-control-allow-origin: https://f95zone.to
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757911%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886043
66.254.114.38200 OK 0 B URL HTTP/2 ads.trafficjunky.net/ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757911%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886043
IP 66.254.114.38:0
GET /ads_batch?data=%5B%7B%22spots%22%3A%5B%7B%22zone%22%3A1757911%7D%5D%7D%5D&clientType=mobile&channel[site]=F95zone&site_id=147571&device_type=tablet&_=1675891886043 HTTP/1.1
Host: ads.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://f95zone.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: application/json
cache-control: private, no-cache, proxy-revalidate, no-store, max-age=0
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=f95zone.com; Expires=Fri, 10 Mar 2023 21:30:30 GMT; Secure
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=f95zone.com; Expires=Fri, 10 Mar 2023 21:30:30 GMT; Secure
access-control-allow-origin: https://f95zone.to
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706
104.21.86.46200 OK 0 B URL HTTP/2 twistconcept.com/index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706
IP 104.21.86.46:0
GET /index.min.js?pk=068f30d41a2c432d6c8a96d5a7fc6706 HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://forgoodplay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 08:49:08 GMT
etag: W/"624ea584-28c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psnWPO2yFHksIWMINe4wY0PX64tyIBGkRehByVZZTEfq6v9sWVw1LhSGFOIvXqeDq0e8Lkco0LpcyuFfC7yaWLjxR5mIC7U%2Fq2oCGO4qumy%2FwH0V9ds7pVaaIDZGZE0qUqmX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79677787389bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/ripple.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/themehouse/uix_dark/ripple.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/themehouse/uix_dark/ripple.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 22:12:44 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
etag: W/"5ed25f1a-58c"
expires: Sat, 15 Jul 2023 22:12:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17968665
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/js/xf/preamble.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/xf/preamble.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/xf/preamble.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 21:02:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:01:12 GMT
etag: W/"5ed25918-d17"
expires: Sat, 15 Jul 2023 21:02:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17972896
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
forgoodplay.com/iframe/5f19b86c21931?iframe&ag_custom_domain=f95zone.to%27&keyword=&tjimpid=cb5c46ed700d42ccb00d6e898f8c6ccb-1&tjrequestid=cb5c46ed700d42ccb00d6e898f8c6ccb
104.21.44.235200 OK 0 B URL HTTP/2 forgoodplay.com/iframe/5f19b86c21931?iframe&ag_custom_domain=f95zone.to%27&keyword=&tjimpid=cb5c46ed700d42ccb00d6e898f8c6ccb-1&tjrequestid=cb5c46ed700d42ccb00d6e898f8c6ccb
IP 104.21.44.235:0
GET /iframe/5f19b86c21931?iframe&ag_custom_domain=f95zone.to%27&keyword=&tjimpid=cb5c46ed700d42ccb00d6e898f8c6ccb-1&tjrequestid=cb5c46ed700d42ccb00d6e898f8c6ccb HTTP/1.1
Host: forgoodplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 21:30:30 GMT
content-type: text/html
set-cookie: f_15121_97223_86400={"t":1675978230,"v":0}; Expires=Thu, 09-Feb-23 21:30:30 GMT; Domain=forgoodplay.com; Path=/; Secure; SameSite=None
c_ce2ad9925f869217a8bdef965ea1f7c1=1; Expires=Thu, 09-Feb-23 21:30:30 GMT; Domain=forgoodplay.com; Path=/; Secure; SameSite=None
z_06f8566d5af9d4881c9486e8ecc12861=1; Expires=Thu, 09-Feb-23 21:30:30 GMT; Domain=forgoodplay.com; Path=/; Secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgc453qExUpA%2FW0BvoO7SI50OGmiprJluTc2IZh6FhTQc3Tq3O1J8%2B9Zvuoip8EwncJQlIKiQpGIEkZnqwZzNqMosc9r7xSwwTFRVMMJtAqP7s15SDZK8PSqL2YTm2gcdko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796777845ad4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/uix_dark/deferFab.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/themehouse/uix_dark/deferFab.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/themehouse/uix_dark/deferFab.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 21:19:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 30 May 2020 13:26:50 GMT
etag: W/"5ed25f1a-cec"
expires: Sat, 15 Jul 2023 21:19:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17971885
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/js/siropu/am/ads.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/siropu/am/ads.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/siropu/am/ads.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 21:33:32 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 16 Jan 2020 13:26:31 GMT
etag: W/"5e206487-44"
expires: Sat, 15 Jul 2023 21:33:32 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17971017
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/reactplus/hiddenContent.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/themehouse/reactplus/hiddenContent.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/themehouse/reactplus/hiddenContent.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 22:02:57 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 25 Jun 2019 10:51:54 GMT
etag: W/"5d11fcca-628"
expires: Sat, 15 Jul 2023 22:02:57 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17969297
ddg-cache-status: HIT,HIT
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
f95zone.to/js/themehouse/reactplus/defaultReaction.min.js?_v=693939b5
190.115.31.182200 OK 0 B URL HTTP/2 f95zone.to/js/themehouse/reactplus/defaultReaction.min.js?_v=693939b5
IP 190.115.31.182:0
ASN #262254 DDOS-GUARD CORP.
GET /js/themehouse/reactplus/defaultReaction.min.js?_v=693939b5 HTTP/1.1
Host: f95zone.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=M0HFn821iAM9k3csWNIR; xf_csrf=qQF4m-qLaiSYl-B-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Fri, 15 Jul 2022 22:18:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 25 Jun 2019 10:51:54 GMT
etag: W/"5d11fcca-526"
expires: Sat, 15 Jul 2023 22:18:50 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
accept-ranges: bytes
age: 17968299
ddg-cache-status: HIT,MISS
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto:300,400,500,600,700|Ubuntu:300,400
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700,900|Roboto:300,400,500,600,700|Ubuntu:300,400
IP 142.250.74.106:0
GET /css?family=Lato:300,400,700,900|Roboto:300,400,500,600,700|Ubuntu:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 21:30:29 GMT
date: Wed, 08 Feb 2023 21:30:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2