femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558
301 Moved Permanently 0 B URL HTTP/1.1 femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /emma-stone-andrew-garfield-reunited-governors-awards-22558 HTTP/1.1
Host: femalefrag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 15:08:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 16:08:11 GMT
Location: https://femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThGkPOgWw9FzyVvRbx8YseBaaqZPc1WHenCIMBVAL6zpH6dndC2O2tRh7F%2FhDm5hoDBN6Tjj3fmwMDGKoe63NlKO4IQznZiynd5BqitxIfEfcCwZILlZTaAgSIm%2FW8JdrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 77247f3e6adb0b41-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11796
Expires: Wed, 30 Nov 2022 18:24:48 GMT
Date: Wed, 30 Nov 2022 15:08:12 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5776
Cache-Control: max-age=161963
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:07:35 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10452
Expires: Wed, 30 Nov 2022 18:02:24 GMT
Date: Wed, 30 Nov 2022 15:08:12 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 14:19:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2911
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8QZwJhRhJRKq/njk9ljuHgbO4Td4nb1aVRfe8YTqKm/i9HNro8NmlB3AH+KEVVibagJ4/FdyZZA=
x-amz-request-id: F5RTCB8QBPJXBRPV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 14:45:16 GMT
age: 1376
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5810
Cache-Control: max-age=149403
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Etag: "6386ffc5-117"
Expires: Fri, 02 Dec 2022 08:38:15 GMT
Last-Modified: Wed, 30 Nov 2022 07:01:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
cdn.zx-adnet.com/adx/optr21_19091901.js
200 OK 20 kB URL HTTP/2 cdn.zx-adnet.com/adx/optr21_19091901.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64489), with CRLF line terminators
Hash b37347ad00f57eb2d934c4d43346f783
225af7142062d3d37ed529328c9fae858854f603
440b08b2dbf4d45046fdcc060e5e5e2891d78f2669c5707bd3d522355f724d66
GET /adx/optr21_19091901.js HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600,public
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "8d667337f4b47f19e2bec17c6b3da3ea299231ef64ae69dbf0b8eacded0e31a3-br"
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Wed, 30 Nov 2022 15:08:12 GMT
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669820893.663311,VS0,VE2
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20001
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
IP
Hash 09ca2f8844e1fcffc90732a163a64c49
8b7b1a9f4287fd58df09d68faf0e1d96f00fac11
308955137b67f74964cc0f018813a4037325405f6b6059ae2766e105560e9606
POST /s/gts1d4/xrj4Uk1ibQE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5810
Cache-Control: max-age=149403
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Etag: "6386ffc5-117"
Expires: Fri, 02 Dec 2022 08:38:15 GMT
Last-Modified: Wed, 30 Nov 2022 07:01:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7CRoboto%2BSlab
200 OK 42 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A400%2C700%2C900%7CRoboto%2BSlab
IP
Hash a402f5c32c585762bd72c699270f13f4
8f0e60dadc7895c8db24681a27940a0d2e3e4458
c96f517d5c197bd4eb8bb9ebefc976b331669b9b2fe33b434ca7d3b3b3e9a4bd
GET /css?family=Lato%3A400%2C700%2C900%7CRoboto%2BSlab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 15:08:12 GMT
date: Wed, 30 Nov 2022 15:08:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 817 B IP
Hash f9a15f4b38a56ba19505ae14d3b5f300
1ffdef7ee961ceffde3af59f007d81817aebd27e
d294297f5a433c94b1d0082a2b60ae2d2cc5447cdec757df012511042f6e95e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash fe58fb8f7d5837568d4480d31ec4d1c5
cdc4351995771a0fe9a628cade93ebac3f8263cb
d8acd575a4bc3047b8cfe69245144ffe4d68084ccfc9860f6633200817cada91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5809
Cache-Control: max-age=100757
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Etag: "638641c0-117"
Expires: Thu, 01 Dec 2022 19:07:29 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:40 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a47f233c1f95c3b27b2266a9d833c49
93658d7ea90f1b74f783841783b2ad29f0e4787f
a2076509a79e23910e9ff566ae915fdb0c1154ca94be808885f0cf754788763f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2076509A79E23910E9FF566AE915FDB0C1154CA94BE808885F0CF754788763F"
Last-Modified: Tue, 29 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5534
Expires: Wed, 30 Nov 2022 16:40:26 GMT
Date: Wed, 30 Nov 2022 15:08:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:14:55 GMT
expires: Wed, 29 Nov 2023 17:14:55 GMT
cache-control: public, max-age=31536000
age: 78797
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cst.wpu.sh/static/adManager.js
301 Moved Permanently 169 B URL HTTP/2 cst.wpu.sh/static/adManager.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae
GET /static/adManager.js HTTP/1.1
Host: cst.wpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: text/html
content-length: 169
location: https://cst.cstwpush.com/static/adManager.js
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:22 GMT
expires: Fri, 24 Nov 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 527930
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 79024
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 14:08:56 GMT
cache-control: public,max-age=3600
age: 3556
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash fe58fb8f7d5837568d4480d31ec4d1c5
cdc4351995771a0fe9a628cade93ebac3f8263cb
d8acd575a4bc3047b8cfe69245144ffe4d68084ccfc9860f6633200817cada91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5810
Cache-Control: max-age=100757
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "638641c0-117"
Expires: Thu, 01 Dec 2022 19:07:30 GMT
Last-Modified: Tue, 29 Nov 2022 17:30:40 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
johannesburg.top/code/gm2wkzjzga5ha3ddf42a
200 OK 482 B URL HTTP/2 johannesburg.top/code/gm2wkzjzga5ha3ddf42a
IP
ASN #39572 DataWeb Global Group B.V.
Hash a401cf3b9a00b4e4942c04c651c62568
6b06c6602036763133f94ac568f44b24b8da3dab
2101c6b2644a618a0ea5cf5d62138803f3ecb4b20db27892415a30515fedb2b3
Analyzer Verdict Alert quad9 Sinkholed
GET /code/gm2wkzjzga5ha3ddf42a HTTP/1.1
Host: johannesburg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=71fef042-0d0f-4d44-a9b9-e555ec70c6af; expires=Fri, 30-Dec-2022 15:08:12 GMT; Max-Age=2592000; path=/; SameSite=None; domain=johannesburg.top; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5829
Cache-Control: max-age=156947
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:44:00 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
site2text-2021.web.app/tic?startqa=1&r=0.5108786424079724
200 OK 0 B URL HTTP/2 site2text-2021.web.app/tic?startqa=1&r=0.5108786424079724
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tic?startqa=1&r=0.5108786424079724 HTTP/1.1
Host: site2text-2021.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html
function-execution-id: 1bt78zbwdkkz
server: Google Frontend
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cloud-trace-context: d01d8d6e3a61ccb00e51f6fe1d1891a6;o=1
x-country-code: NO
x-orig-accept-language: en-US,en;q=0.5
x-robots-tag: noindex
accept-ranges: bytes
date: Wed, 30 Nov 2022 15:08:13 GMT
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669820893.051357,VS0,VE185
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 39f6d3e1769d3385e5df562f23d21ee7
ae3c368f63d3364c8d0caf8979eab53e9b0fbbbe
7c3a7ca38dfcd7142f5954e96b4fb6c6d3361d39ef7aabb3c07318e22697a3d9
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:13 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sun, 04 Dec 2022 12:09:50 GMT
ETag: "ae3c368f63d3364c8d0caf8979eab53e9b0fbbbe"
Last-Modified: Wed, 30 Nov 2022 12:09:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3534
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77247f4709a71c0e-OSL
ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
IP
Hash d9e5db27d84e5db7272dfa6defbd0fb5
69591995c6acf287c0c30476c8d88f9fb7633eb7
f91f79017837b24b4ef67c7d273de4497cf76dd52ebb5e2fae41d099faad2cee
POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/52083702/1?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 426 B URL HTTP/2 mc.yandex.ru/watch/52083702/1?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash c8aa7e1f64a6f459ce181fc64ee6d203
6471b174cdd36a43c1a12b086b6e5b029970d6de
99facf204d588ede771bf7cab139f24bc71bba84ee9524d02e1d3cf423adc7f5
GET /watch/52083702/1?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://femalefrag.com
Referer: https://femalefrag.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 426
date: Wed, 30 Nov 2022 15:08:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://femalefrag.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 15:08:13 GMT
last-modified: Wed, 30-Nov-2022 15:08:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5f34db963e9aaf23a38a613709cdcdc1
bcdb759b5acb111f26ff871b9a504d84111c9fa3
9247c0089724bed80dfa68449a0137bed9fd7eac628e6eb9cb1eddcfea92f2b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9247C0089724BED80DFA68449A0137BED9FD7EAC628E6EB9CB1EDDCFEA92F2B7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Wed, 30 Nov 2022 21:07:22 GMT
Date: Wed, 30 Nov 2022 15:08:13 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: opMSDJP7DtoTvS6U8DXnGA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ck87cMiVmtvGZKxU9CeoIlZc1I0=
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-origin: *
etag: "6384bff1-2b"
expires: Wed, 30 Nov 2022 16:08:13 GMT
accept-ranges: bytes
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/52083702?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 472 B URL HTTP/2 mc.yandex.ru/watch/52083702?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
Hash 1f4b4a5081bf26d78883f4dd38c4c81a
6139c5deb23ecf4c32904b44f1565bc0703dfc01
cf3665dca408aacb5d0d9d48e8b3102e4220f1d8c9fb1210cec83b8fadb9b0ba
GET /watch/52083702?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/52083702/1?wmode=7&page-url=https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15ly4knov7onia7cw1aby4%3Afp%3A623%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A103316216326%3Ahid%3A403699019%3Az%3A0%3Ai%3A20221130150811%3Aet%3A1669820892%3Ac%3A1%3Arn%3A587008004%3Arqn%3A1%3Au%3A1669820892535834943%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C132%2C68%2C0%2C274%2C0%2C%2C458%2C109%2C%2C%2C%2C968%3Ans%3A1669820890652%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669820892%3At%3AEmma%20Stone%20och%20Andrew%20Garfield%20%C3%A5terf%C3%B6renades%20vid%20guvern%C3%B6rernas%20utm%C3%A4rkelser%20-%20K%C3%A4ndis%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-origin: https://femalefrag.com
set-cookie: yandexuid=7909176471669820893; Expires=Thu, 30-Nov-2023 15:08:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7909176471669820893; Expires=Thu, 30-Nov-2023 15:08:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=578662371669820893; Path=/; SameSite=None; Secure
i=0hUMKmrDu1GpcbBo0fF5SNNgRM/6lkIJimMPkJRTzOioEhj2kIm2kFw1nkdhBGS0DXUkHQAdt8GfNb31oH/hQJExDvE=; Expires=Sat, 27-Nov-2032 15:08:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701356893.yc.1669820893#1701356893.yrts.1669820893#1701356893.yrtsi.1669820893; Expires=Thu, 30-Nov-2023 15:08:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30-Nov-2022 15:08:13 GMT
last-modified: Wed, 30-Nov-2022 15:08:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
200 OK 36 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash 6526ebb58269a09c62b43a7bdb364351
0a1cc5da2419d9b0e9bcc347649d234159db0371
605e80dfbf0fae8414f2aec5eb52f7c74a3d0fcdd1dfe90563f5c61cc7bcda6e
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 04 Dec 2022 11:51:15 GMT
ETag: "ef728d3107277760d3758c573425bbbec0df3962"
Last-Modified: Wed, 30 Nov 2022 11:51:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2893
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77247f48f94b0af6-OSL
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (40252)
Hash 881905b6287a08f796f5ecab2aaa43e8
99fcf0d921abeeb25b80527be1d7d37d59e58f9e
15a24c1440b2e447d74c08c67b1ca3545132697e224d0fdfc6e748ce32140b2e
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27269
date: Wed, 30 Nov 2022 15:08:13 GMT
expires: Wed, 30 Nov 2022 15:08:13 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1407 / 137 of 1000 / last-modified: 1669810540"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 8c48eb6eb381455c34c6880cd17488ca
5b376141334eec8b943e0cb1bfce75f4b3490f72
c2f401aabd4d6422b0723ae6696621f76dec8253fea2f90a1aabbefd349b7a25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5708
Cache-Control: max-age=118674
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "63868823-118"
Expires: Fri, 02 Dec 2022 00:06:07 GMT
Last-Modified: Tue, 29 Nov 2022 22:30:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558;0.6641059049574822
200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?r;s1280*1024*24;uhttps%3A//femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558;0.6641059049574822
IP
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?r;s1280*1024*24;uhttps%3A//femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558;0.6641059049574822 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 30 Nov 2022 15:08:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Mon, 29 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash dc36a33da93069b50f5c8a0865315dba
4ca43809500f60bd7de693bec3d8db8f6ad37110
91376a5c5eb91db572f1ddf8a50bd6e9ba299c4e37e8bdfd02dc1ca0e711c0bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5795
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:38 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
htlb.casalemedia.com/cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c3761f2b1bd5a8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214283c21bf7b9b58%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
200 OK 38 B URL HTTP/2 htlb.casalemedia.com/cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c3761f2b1bd5a8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214283c21bf7b9b58%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6e12ae4d69c32e4c704c8fef7b5badf0
19fe312244b214f361fcf0b7bcfecb6399f410b7
17107291da2057095fcd7d4f49cefc63626273ef93596dfcdd83e652f8b7f059
GET /cygnus?s=420039&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213c3761f2b1bd5a8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffemalefrag.com%2Femma-stone-andrew-garfield-reunited-governors-awards-22558%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214283c21bf7b9b58%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22420039%22%2C%22sid%22%3A%22750x100%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22optad360.com%22%2C%22sid%22%3A%224863746%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D HTTP/1.1
Host: htlb.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:13 GMT
content-type: application/json
content-length: 38
cf-ray: 77247f497de40b69-OSL
access-control-allow-origin: https://femalefrag.com
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GABsfHxLPLwJPXHWT1BO82ns7PZ7mjMzL1Fpemt3QCMO2cyponr%2BjK0lMT1waYxCzHfacaq3n4jSJ1MPn9HU%2BuIiWN9z%2Be3Qc3aSPUdiQr4uBXZceyqkCIuAM%2Ftw%2FW6bhCioYq9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6ccd2c54aa62e5ed7721db3dc9a15d0a
0b7c4aacd9a6e4e337de58b2313e24507853759b
c2532f2fc4ac1a784f2e57bfe036afbe311a90d017c59dd77714334b9308afd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: max-age=132063
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "6386bc31-1d7"
Expires: Fri, 02 Dec 2022 03:49:16 GMT
Last-Modified: Wed, 30 Nov 2022 02:13:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 6ccd2c54aa62e5ed7721db3dc9a15d0a
0b7c4aacd9a6e4e337de58b2313e24507853759b
c2532f2fc4ac1a784f2e57bfe036afbe311a90d017c59dd77714334b9308afd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5771
Cache-Control: max-age=132063
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "6386bc31-1d7"
Expires: Fri, 02 Dec 2022 03:49:16 GMT
Last-Modified: Wed, 30 Nov 2022 02:13:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83d1238aaf86ae79a31dcf0a5bca7516
3017e2ad15dd6d42b3f71c6ac3ac1da6e8c606aa
b47d1596d25d8fc12203870b694286c9b9ade5ca8b8f25257c9559d222c01113
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B47D1596D25D8FC12203870B694286C9B9ADE5CA8B8F25257C9559D222C01113"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Wed, 30 Nov 2022 19:24:44 GMT
Date: Wed, 30 Nov 2022 15:08:13 GMT
Connection: keep-alive
storage.googleapis.com/s2t-images/mr.js?0.6374727060791168
200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.6374727060791168
IP
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.6374727060791168 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvKojmX8U9Tac9nXqq1ssOjKSfJcCEYGaaEOOyPTHgmUO5r8SK0G53bmStDD9C04nqYYl-hhcra2iBuCKJEe011pZqsvUHC
date: Wed, 30 Nov 2022 15:08:13 GMT
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 15:08:13 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
200 OK 24 kB IP
File type ASCII text, with very long lines (65354)
Hash f6f3d8def3a5a1627093ae7d76e48a32
aa4060925b6fc466219ebc3fd49c89499cf752e6
30825eb9420265442797641e62b2a49312707343c029c1cbabc351c8b4293141
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://femalefrag.com/
Origin: https://femalefrag.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:13 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
etag: W/"c56b6332dacf72f135afcd153ae22448"
last-modified: Wed, 23 Nov 2022 15:43:17 GMT
vary: Origin, Accept-Encoding
access-control-expose-headers:
cf-cache-status: HIT
age: 449031
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m30kW3oHS0vg9RhUQ3DskvdI2P7DcUnBY%2Fwt5DS6AQmbZcCfJdWMSzoz1WsbRIbWgAqEo6SCYux%2BE0VsJZ%2FuhAhiWcuLCy1Z2oRK69ZrzLil0a41tWJgc05XRzvmgAcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77247f49aac2b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 139 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 122927c22ba11f1a86909309bdd9dba8
54c4a1af23e410336c6270de50d23bd8dbbd1f5a
3bb7cf140a066f528043fcfa430eb88992eb0987eb978a951534e836dbcea8e4
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 764
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://femalefrag.com
AN-X-Request-Uuid: 1c4b9a56-1fbd-47a3-bc48-e8502d132d9a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 10 kB URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash 2273b3cc788f3fa5419ab1c41b5589fd
008817ad1025e42597bfd6979055852b987e299d
a2222efce8750152c4a93c877f8ac69245f2c63bb7a9e467d557226e3b42cef3
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 546
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-origin: https://femalefrag.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 580
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-origin: https://femalefrag.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4b4a5081bf26d78883f4dd38c4c81a
6139c5deb23ecf4c32904b44f1565bc0703dfc01
cf3665dca408aacb5d0d9d48e8b3102e4220f1d8c9fb1210cec83b8fadb9b0ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 539837c4936e91e7a216f8b78a86f94c
267a366df8e87d6ffdc8f7d0a2fa74f512d1e463
fa7ae7cdb8548378bdc1231443f72929634c4279a5a8712ecf25c26e9a92bef8
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 711
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://femalefrag.com
AN-X-Request-Uuid: a4f881d4-1fa1-42c5-bdb7-92c567d62d61
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash eacb9365a3f376b65d82ce111de73ae5
13df90d1a00481469916e2facf9d3b3d178e8bb8
58a55d3cef32a31b312230ecc7701e5fd284c608b096069cff0cfb47858b3509
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=109033
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "6386620d-1d7"
Expires: Thu, 01 Dec 2022 21:25:26 GMT
Last-Modified: Tue, 29 Nov 2022 19:48:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash eacb9365a3f376b65d82ce111de73ae5
13df90d1a00481469916e2facf9d3b3d178e8bb8
58a55d3cef32a31b312230ecc7701e5fd284c608b096069cff0cfb47858b3509
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Last-Modified: Wed, 30 Nov 2022 13:32:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash eacb9365a3f376b65d82ce111de73ae5
13df90d1a00481469916e2facf9d3b3d178e8bb8
58a55d3cef32a31b312230ecc7701e5fd284c608b096069cff0cfb47858b3509
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5817
Cache-Control: max-age=109033
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:13 GMT
Etag: "6386620d-1d7"
Expires: Thu, 01 Dec 2022 21:25:26 GMT
Last-Modified: Tue, 29 Nov 2022 19:48:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
adx.adform.net/adx/openrtb
204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 626
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://femalefrag.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 591
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://femalefrag.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 30 Nov 2022 15:13:14 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2bef77c5fd08530fac1fb336daf16f06
d4ced7c232dd290432ef720d4ef5f32e2770a52e
a585f80e330848b8cc5be3c8dfc1770caea0dc9df9b0f07fe9ffa794492dfd4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A585F80E330848B8CC5BE3C8DFC1770CAEA0DC9DF9B0F07FE9FFA794492DFD4A"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8527
Expires: Wed, 30 Nov 2022 17:30:21 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
na.nawpush.com/tags/1349?version_name=b
200 OK 685 B URL HTTP/2 na.nawpush.com/tags/1349?version_name=b
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (685), with no line terminators
Hash 2fd6ca29753cad9ce12aa13d53eee313
7fe3f0a9950681207809d6adde714df18d2f1934
0d1e621afd8c01a2699342d80e949bb78c994b3142fc08674ae0c1642530a1b0
GET /tags/1349?version_name=b HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:14 GMT
content-type: application/json
content-length: 685
server: nginx/1.18.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=femalefrag.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=femalefrag.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=femalefrag.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 15:08:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=femalefrag.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=femalefrag.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=femalefrag.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 30 Nov 2022 15:08:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12dbe410f2237e9c17f78cb542ed6cfc
18b0e9b23bd7a00ccb9ab86fb330abc70cac75fc
99e11e28cd5afb25f8720593fa8a5382b3080e8cb847b97ae81e5788e2391567
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E11E28CD5AFB25F8720593FA8A5382B3080E8CB847B97AE81E5788E2391567"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9078
Expires: Wed, 30 Nov 2022 17:39:32 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3402a11f28d369c1ad537c8e44ba5568
17c9fc852ca71dc4d46f786537adda4ee0e9a3ef
dd142866516f3293fab9f67f092d37b70c39fc58512734c8e88dab5c5faf7264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3add42e21fa78ec337b44afc54d34e58
19502537251d81268a48c72d4effab5b2841ea28
09b4f1eb459d45b9b2c12cc957664996ea344df17a0d5d440a669da77e232ed3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09B4F1EB459D45B9B2C12CC957664996EA344DF17A0D5D440A669DA77E232ED3"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6418
Expires: Wed, 30 Nov 2022 16:55:12 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
200 OK 2.7 kB URL HTTP/2 d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 30 Nov 2022 15:08:14 GMT
expires: Thu, 30 Nov 2023 15:08:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=1349
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1349
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=1349 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://femalefrag.com/
Origin: https://femalefrag.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://femalefrag.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 722fad1bd0c6d414d8522b97eb44ee53
d55bb399ae77080ce6bc9055c073f1a2426a1c7a
d7ffee45454fcfcd7659bad141d51da9b02a1d218df3b0a5d161179c881dfc15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7FFEE45454FCFCD7659BAD141D51DA9B02A1D218DF3B0A5D161179C881DFC15"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12489
Expires: Wed, 30 Nov 2022 18:36:23 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
adx.adform.net/adx/openrtb
200 OK 1.5 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash 26157303243b2d2f0fe8a840067edd55
270bc804e773c894eede9b252ff177b11e45be2e
30c50bb1672ba80898447ef4f6dca19fa03567f569bc01224c98a0e41444e8b4
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://femalefrag.com/
Origin: https://femalefrag.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://femalefrag.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/wp-banners.js
200 OK 2.6 kB URL HTTP/2 js.wpshsdk.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 8196be88bc2affbddde066fe6d9fe1ce
f32758aa8fbb32e3fe6962edc2a256190b00e2ad
83bfe2611292c48c40bfc31cdf902a368d942057c785dc29699edd5772205828
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Wed, 30 Nov 2022 15:13:14 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9583
Expires: Wed, 30 Nov 2022 17:47:57 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9583
Expires: Wed, 30 Nov 2022 17:47:57 GMT
Date: Wed, 30 Nov 2022 15:08:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 61002
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 62607
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
200 OK 39 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP
Hash 6790975331427cfa526885a9c2ba0a03
f94b30492ccea927393e6e2e63712c27cdb1954b
e2530c750b9625af9a40efaba622bd20d2ffd51b06531dc1e27bd5e4e79c1430
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://femalefrag.com/
Origin: https://femalefrag.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 15:08:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://femalefrag.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=1349
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1349
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=1349 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 30 Nov 2022 15:08:14 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://femalefrag.com
Set-Cookie: id=14401540853806419607; Expires=Thu, 30 Nov 2023 15:08:14 GMT; Secure; SameSite=None
Vary: Origin
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 36913
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
age: 61883
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 62710
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14625), with no line terminators
Hash 5ae3e54ae4a3df427d1e363407d8d90e
6b41779194a3582bbe2ee7d5acbcacc6685665a0
2899cc242cf1c7b6643bff556719b16ee83628cb75468260e1e1bc18bf22d02c
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022112901&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 30 Nov 2022 15:08:14 GMT
server: cafe
content-length: 11043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 03687b58fa7e1174e7ea84b360637ffd
7c09ef060716a365b3300c8de24f507f66e9197c
4e971d51fc0862dbd41239b7df741429d308a1e323d8624af0a6cf80eab153e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash a3ed3bd55e63afb93ca880c5d41f46ca
f3d7b43be3033163ddf968fbfdd38455e213ef4f
1428644baa5b7b71d95d4c9ded9c773da47629af09c78a38480f8b4e9945cc88
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 30 Nov 2022 15:08:14 GMT
date: Wed, 30 Nov 2022 15:08:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce--uU0I6CgDaHsr18a7-VAhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj34ozGATAB&v=APEucNXK1hc7bUK5sGtonR0IcsFGhH85sVnh2NvWPlwE9FIDyfZN6saSx7g-vaNgG916a6GpOwBJRs2VTVgAvJx0O_Pr6vlAffYt4sPnPgyNpFtSEf__oeHXc7vNZOJn0V3j7FNmEJ6MhTU5ZiZGVh9CuPSKebQAB1OLKDzL40zal5aPFKGHHxvU_QjUkaK8RPiz2D1uIkCq246wWMhK0yq7oZ2EGSzDHVXWO_IakRTRfJ6xpJXZQIDu6OIYsvlsF8-19At4-uatmLdQSCV6-QTX6rnoT2j6jnTevmIh0mb_yrfZJrpkpExaBgLV3Z9i8LhFOxDuEkTsQb_E3g2JXVsUTd9S28lcM61owap-1DukbpZe-ui7aTy90gPb9AH_AlX1gKwHguBOLxmK2Uuj_72x3FD32LferUWhzjXv9WPU9BuMNknxIFJIw7IgUczH-Qy5a39SQUgUgiq7rkcLkRFWk_YEHRtx47Z2Hs-bur9GQz6Wk_SqoOurbeO3hkV7XAErvsxOcg8nYZ_w0nlY8PQ3u3MoLd5liSzeOrTR8NEplQ9XRsAob_xxLZ_yxMmWYP3u1WkV8jMz3K8UM0hBpLCiMB930tSGFqcte72GsZJdcu2cCHaXSrM3Ook9eHqFKPZjdtD6sev4k1A62SB5pOHGRPmZgnaIy4RorzB74hRVOfs0yHqKRB-MvKG5ZbEeCSsNfc1ymTFNO_6lUb9qAa0WUi1CICBG9UEHTGbI46sI0zB6NqHajL5501nqgrSCwNmKKgUAgvBehjXSc39QpjpIRRsFlBwiZYBWjA-xk1gzaR9ZaJyXvdcr-DrYMv1BD4UDtXS2KNw7-DG1OJ-msBho7o02alko64Z051wDeil2ar62mmwSVwe-8ZmlAhQWIUBR6yZ9SuPiMLjtlpH5GU4ms-G8YbLt7k1qqmXXsoRBbRN9KWO0-wWeBco5h8VJNpPi8Cpobog4sB4ojX90eqMQlSUPsc5A3p5fVMqFMYqc_UPBhMFSonGYeY5TY9BqI908TXw5o9wOhN9Y-vkHwrYDLgKGVYOhVA
200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj34ozGATAB&v=APEucNXK1hc7bUK5sGtonR0IcsFGhH85sVnh2NvWPlwE9FIDyfZN6saSx7g-vaNgG916a6GpOwBJRs2VTVgAvJx0O_Pr6vlAffYt4sPnPgyNpFtSEf__oeHXc7vNZOJn0V3j7FNmEJ6MhTU5ZiZGVh9CuPSKebQAB1OLKDzL40zal5aPFKGHHxvU_QjUkaK8RPiz2D1uIkCq246wWMhK0yq7oZ2EGSzDHVXWO_IakRTRfJ6xpJXZQIDu6OIYsvlsF8-19At4-uatmLdQSCV6-QTX6rnoT2j6jnTevmIh0mb_yrfZJrpkpExaBgLV3Z9i8LhFOxDuEkTsQb_E3g2JXVsUTd9S28lcM61owap-1DukbpZe-ui7aTy90gPb9AH_AlX1gKwHguBOLxmK2Uuj_72x3FD32LferUWhzjXv9WPU9BuMNknxIFJIw7IgUczH-Qy5a39SQUgUgiq7rkcLkRFWk_YEHRtx47Z2Hs-bur9GQz6Wk_SqoOurbeO3hkV7XAErvsxOcg8nYZ_w0nlY8PQ3u3MoLd5liSzeOrTR8NEplQ9XRsAob_xxLZ_yxMmWYP3u1WkV8jMz3K8UM0hBpLCiMB930tSGFqcte72GsZJdcu2cCHaXSrM3Ook9eHqFKPZjdtD6sev4k1A62SB5pOHGRPmZgnaIy4RorzB74hRVOfs0yHqKRB-MvKG5ZbEeCSsNfc1ymTFNO_6lUb9qAa0WUi1CICBG9UEHTGbI46sI0zB6NqHajL5501nqgrSCwNmKKgUAgvBehjXSc39QpjpIRRsFlBwiZYBWjA-xk1gzaR9ZaJyXvdcr-DrYMv1BD4UDtXS2KNw7-DG1OJ-msBho7o02alko64Z051wDeil2ar62mmwSVwe-8ZmlAhQWIUBR6yZ9SuPiMLjtlpH5GU4ms-G8YbLt7k1qqmXXsoRBbRN9KWO0-wWeBco5h8VJNpPi8Cpobog4sB4ojX90eqMQlSUPsc5A3p5fVMqFMYqc_UPBhMFSonGYeY5TY9BqI908TXw5o9wOhN9Y-vkHwrYDLgKGVYOhVA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CN-KGhDw3uOiAxj34ozGATAB&v=APEucNXK1hc7bUK5sGtonR0IcsFGhH85sVnh2NvWPlwE9FIDyfZN6saSx7g-vaNgG916a6GpOwBJRs2VTVgAvJx0O_Pr6vlAffYt4sPnPgyNpFtSEf__oeHXc7vNZOJn0V3j7FNmEJ6MhTU5ZiZGVh9CuPSKebQAB1OLKDzL40zal5aPFKGHHxvU_QjUkaK8RPiz2D1uIkCq246wWMhK0yq7oZ2EGSzDHVXWO_IakRTRfJ6xpJXZQIDu6OIYsvlsF8-19At4-uatmLdQSCV6-QTX6rnoT2j6jnTevmIh0mb_yrfZJrpkpExaBgLV3Z9i8LhFOxDuEkTsQb_E3g2JXVsUTd9S28lcM61owap-1DukbpZe-ui7aTy90gPb9AH_AlX1gKwHguBOLxmK2Uuj_72x3FD32LferUWhzjXv9WPU9BuMNknxIFJIw7IgUczH-Qy5a39SQUgUgiq7rkcLkRFWk_YEHRtx47Z2Hs-bur9GQz6Wk_SqoOurbeO3hkV7XAErvsxOcg8nYZ_w0nlY8PQ3u3MoLd5liSzeOrTR8NEplQ9XRsAob_xxLZ_yxMmWYP3u1WkV8jMz3K8UM0hBpLCiMB930tSGFqcte72GsZJdcu2cCHaXSrM3Ook9eHqFKPZjdtD6sev4k1A62SB5pOHGRPmZgnaIy4RorzB74hRVOfs0yHqKRB-MvKG5ZbEeCSsNfc1ymTFNO_6lUb9qAa0WUi1CICBG9UEHTGbI46sI0zB6NqHajL5501nqgrSCwNmKKgUAgvBehjXSc39QpjpIRRsFlBwiZYBWjA-xk1gzaR9ZaJyXvdcr-DrYMv1BD4UDtXS2KNw7-DG1OJ-msBho7o02alko64Z051wDeil2ar62mmwSVwe-8ZmlAhQWIUBR6yZ9SuPiMLjtlpH5GU4ms-G8YbLt7k1qqmXXsoRBbRN9KWO0-wWeBco5h8VJNpPi8Cpobog4sB4ojX90eqMQlSUPsc5A3p5fVMqFMYqc_UPBhMFSonGYeY5TY9BqI908TXw5o9wOhN9Y-vkHwrYDLgKGVYOhVA HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 15:08:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 15:23:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 15:08:15 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS92IzwF8vUiI__laN4DiYoePjMwhTzxYbz1xTfGpb49Hm_UrcD6qRPwxRJXDbg_lOJvo4Kki1nB5XvhmDsHt01zu8wF1fvVyIamxF_nu1ehcRsS1WMflDSSvnmvu9BZ39c2TmvQMW1baeHRrXI1Tn2IU1LdaaA8Yrj2OliKVgJ9j2oas&cry=1&dbm_d=AKAmf-A00ineNj5UbXeghQKG4VwcJDBZvipc8_xp8sKU-uyJw6CYSi8dE5XoT6J0JlMri50W-p6Mni8W8XRJLLh9GtLXAF1qp7B0BzOpLlzl6R5xFjpHSDCK0W_6M9SAb2Ro95Q0lH0_7woRwrw6UEo7eIY5l6inekMStMSoTVuWpLt9hI7jTBpYX-Qt01TJwbzgv9fCs_TBaWTDrWW0gH_GbST3sfmN232bTgOsJXowJlYxOuT0Uj01ZgJXONR1RTfAJ6aUtCuEbfEv3M25yE1oxuBTRhkCjYJ3gt7xZMRlDzeCKs4GpOY9ZHYLq_yvWfddvWPpFpoSOWpSexngJ_4mAxqzqIkjuulDWF6PKGT2NEfY0ifepbZhFIxIHXKmOLV6F29T_WpW2x53DTBxOEjt57fFbV_yvUsEYgRN1QVDQ_PqhCxtgEDJlUKwybCivi8Sz1TaA64aKtMTCNOmrfJbXqXa0rZ1MCVCKypLxSAd16SJEtbeu2Rx6PwYDPgGD0BoXcIWNegUkZVFaViE4drRgOkovXahFk328opaAr-YE3a0TjEpSv9LOeZGE4shrXCaZbzfMdIqUALd5Cp4KmaaD_vTppke7xxLQg94n1sjDOEpWa-yX09aIGWcTyJKscSfp_lVF6V0BIy18qaiuBpP3ZberuNt9Gr8451R1pas_eM3uXCyYrl2u-wQJPwOmOtWI2z07PmY2Kn3TBoYkDeQoMDZVCgpFO9PoWl0jQAwgUWHJb2aqMBVfQHdlUKQ2J9OpReYCuUNpveppCsp8IE4U7Ew5R7Q0h4uE-j0FIbmbS3sSPbfgKenIJQguS68t4V5TO9VDBmvTozlnSM3Bs03i4qpeeRmTFxRByNgwbe6K7ZbSnL2_GkG1bndXvnPbcLOXc5QwiDiP_7ZzeuN3ofZ8opVsJ01x63Obh31yzQwBtXecoRxJ1_k55KOnwFQiX1EmXPQZ4GHJC5fa7h7g62ZADRvsUFWiVThzfjPOwsTa6KsglxX_MCBxVHNvx04DU7Y_NjJOBFe5guIuUTEdO-QCQ-LL95wJCS5bCOAkVa-MBKM9nRvmue5UnhjDOhGiJpmOjKaazSFmO5wBhJtUTh3Fp6ziDsIGa9HNPWlrthnOjMujx3VEU6161oNoS8SuOcAJ4fTJhrSZS8z6N2Y7aPFXlhCuGThlAUuZO2KDnmNikKUsByP3SviD7fdDb7pYFbvTgf3IRFLa3F3PlFlvWd5LKOq6nyYJCUhpV_6Iw9k-S30fGR9kvn0nbeq5wkg-wAhzMALB9YD6Ko9oKoPXJvRDgPo8iHeZK3kL7qt_ZkKF1sLnQR5DWL6VSS5Dvok3Py3sFhPl0mFkUlWmPBJpsbBAVEobre-tsFyj3bHxiyK4Gp0R0US3FUcU_DrzgdRMPn2aqUamMcZMmGVor56VV0GWrRcC3YfYwOxo_cqKAM8oHYiNQEWkV69fGUegyBSf4bFiG-gfzIaKerE3UgavOjzKkX8mE68mxRXFAyueZhwQ0eMMclBSjiZWiYW-lO34_DILUIGx8JfqDTpXCM--8jmoHN3Ui6OrBsj_e5khkPtIrvaz41eJw1CKO_BbvVxm2ygalNHsYG1HbOPAipuwFBbvRGuAKNHUz8gKvoTYZjyF54I9aEevbHv85mSv2WcuVnUrIK-FRJGyq2jCk21bJOAkRkT68zL-ZMfD-qCChCu_ii1SQKWxuR4bn5J11-zEZ2zz8IJ4A2GlBHe1C19uZRRU4lavBUDbu92PkthA2JGkDzOwGDHPAFTy8kFM8W0hwTiMG2kdvpGEuguqOvl93f4_EeLlUF7UzxYTH-tWeLKL-lvPvh7y6jyBK9lmVp7quQWbXlED829n4QK3MIPL7PeSan1OeWgmqzwnHA5TCeqS4Y9FPqGNJmABvK4ASzj0g-kV1ykfBmVzRbTmXumfb0LDvahX_gMsYRUvUjn1NDG1NcWMFkJGjogwsWsmuFtI36Od-F7o_J7ou_sjavP7aANOoYPua2bWKjoWf7mGZ8TCSsalPl95wg02dWes4wNV56MXm2Z63NInZrbbWEhUDSLdjpe6Tjx_3vP9yEPYfW6NguiZysz9eeSEmXPT0DFRRHKfd5vbyQuovDhMbDiPMav_0suBWbBUYucM2057cSBqaQxkDYvbvYGquOdW9h89zfmCCDiT6Fo1iaY4aSplaWk6sNpDN59cNWtNkkt1wFS4OTySQZk2wG9ihQqrxD8ivR26MhSqdETrTiDDy5QN7Ck7wJIIuFf2jWqA0usuGIw7aMBx6TqmS5QeTUdQKD3_CG1JWdbuj8zTWYfD0EPGkvqEhx-ozmd3bQfgMEbY-JpJNkrER9GB8LxbAciOJgGdGy9XohrzyxVZX3H1DvuLO9ZOHoiBtN5P8rIxYOyylb92dAeLIrcdygKNcQTMruHbiRQQ5ggvK_a1MA2WN6hjkI7fdjlyFsG78AtlwJVW1tmi3ShUso91CRx8FivYSPXJS0hEFajjkd0GXwxY2-je2M4Slg2zCCmfmcxtLgtWNOW0J2UIziJEFVMe4bl7GEnvej5_trZABt3EzCP2PvExqhmrObwZyLSrg2_3uJGNmK9G0S-3naW9Sio00lnrcRKDgdCc2lLB_9NJLqxPWRFvAjRhZ0nCqS3kw56cb9vdmlejBIkAMNDT87tOOyeQH00WJi9asi9eDSKXym3szXrkynTv28Zu8QPf05-a8t4Pp1JI3yhcozGVvKQIXW-aOb2Fe6mH1Jy0DoZULuY37Q8iXO-3FFXIV8EMM8DMsCf9U97Kr6aRI74RYvKObAd025g-A7kL9cce74IjlKp41MCwpRfDBtQKbB2eIlPv9TbBWXelkdNSnImqNmOgudDMarl3t5hy9bb3CyhvxOIv06swZaWRd3jrzsMU5yCXyJW9xYHP6sQ0EStVkqmabPzv_SK6ggh3f4ZGZEDjDgqfhEbVWIBthk0HFxBcsn-w4gKNGrWkuf2P3YI6XJtyDcsUxGENAikYdu2E1GRFbEx_B0g2pB6OgMCUysQsVDJiQqWPMQAkXk4MnQoahURKkIfuoU1pdWT5YCIOZN7LHFSEQhnVJhSSB5zc7yDgocabtOrthBSrKSww0_fvslyNMDp2qzd1qDT9QppsvTN7FiDxRmehQ1vESGGtwmwoaIELy0opa0B1Hr-wD90MCJXdhvsNIWNot6WU_BHIQeNBxk_iXZldS5hOPYghuhypcv_05ka1adT8T46Y4TMMu6x34oQrj8VPLUiCMm1Puf7PYdXGXX23N8zSZm12EUuw-C-8xwikSwquRuJD8b3fIUxkjblt9MGJhZVjJu57hw1VMMEtrQyYVJG4r5007tlx7ey6ZULbq6vDB8a1zFWuxL3y5npCRY4naKn7UZd3-c2cCT5EtQYzjJXygEdmWTA_6xwgRg7YJshz_hTNpq6yEh_701woZgrtX8L5UJd68UPY9ogddPQND2iNUfQdGXRCFl4pVhoVI17MUbw5RtbGxmSsSJkxanS_JIptuMJXOSoeDzi5RRUaxzKKc-XbOLFdR7NTvGjwLQ2PlQcw1rfI_P5WbIMUS3O5UC27Z6fpaamtOx88hWargJG5Ms5LNckTG6WtWEhJJK6jLKo4FUcG-gXAT1W2Jyj2YPSfSqYLQmv6ITqdxm6NZfFWwZycAHSAB7IFAnNNyWqckm_Vd5Sbd8H4788xSZZcH_e7PeQJDjvcjwj3BZilX5mzucLnDl9__jyvXqzcMcRcJiQrLnZor-y_pW2GwG5qucE2LRPgEVensd4t1PIr0FI_MPOQEtfM7g3twDqOrTP90F2XxYwbwwwkCiC4vLQe-2BvzKhwVRlY6QQLWgkL4IiHg2Qc70R7qxgOF8Pe8sqfsLKYhz13iJoyCG-XmPlRGPU-t5HLG8k53av9-dBmyNG5j68iWkVvIj488cx88WEatBhenvFbjAptE180r8fcCy3tRPZN_Gli42t1wNhmm9_beuLuXJAFlnOUcHDz-lmQH2ekkPqNHnOfyzgLxVlcC41vncE115hffz8tyRiZJHoM0vHtm2DIe86LuqTvOrOQ7evLB02RgEnc8rOzuI653gtxw_c44Pke1hzcjKI0VBO5RclWtBDFOYkDGK0muViIo2UiOEfyU943m5OCZoP8OC21cPdQVPhNE7DdiX3gWpJhW8-mo482xMK-_yfLFXeA1cIOF1s8uT82OmdAgLdRdJ-Yi9OzYF3TJsMPZa4B9wTjrcUMRsUfQfEQi8dR_PMl4jaNNnzpi5BaM08q3yYvxeOfNq36_ZmAYsUguq7x3Sl20Tt3B4fluco3ySE5Prb_cWzie3unpHQvOc9JN2Qr52-ybZ9opHEYpRxJzLv5wtsgbCruGCtDbsSPK8ncMCrdFfJ6C8wFHc&cid=CAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM&rfl=1%2Chttps%253A%252F%252Ffemalefrag.com%252F%240
200 OK 11 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AS92IzwF8vUiI__laN4DiYoePjMwhTzxYbz1xTfGpb49Hm_UrcD6qRPwxRJXDbg_lOJvo4Kki1nB5XvhmDsHt01zu8wF1fvVyIamxF_nu1ehcRsS1WMflDSSvnmvu9BZ39c2TmvQMW1baeHRrXI1Tn2IU1LdaaA8Yrj2OliKVgJ9j2oas&cry=1&dbm_d=AKAmf-A00ineNj5UbXeghQKG4VwcJDBZvipc8_xp8sKU-uyJw6CYSi8dE5XoT6J0JlMri50W-p6Mni8W8XRJLLh9GtLXAF1qp7B0BzOpLlzl6R5xFjpHSDCK0W_6M9SAb2Ro95Q0lH0_7woRwrw6UEo7eIY5l6inekMStMSoTVuWpLt9hI7jTBpYX-Qt01TJwbzgv9fCs_TBaWTDrWW0gH_GbST3sfmN232bTgOsJXowJlYxOuT0Uj01ZgJXONR1RTfAJ6aUtCuEbfEv3M25yE1oxuBTRhkCjYJ3gt7xZMRlDzeCKs4GpOY9ZHYLq_yvWfddvWPpFpoSOWpSexngJ_4mAxqzqIkjuulDWF6PKGT2NEfY0ifepbZhFIxIHXKmOLV6F29T_WpW2x53DTBxOEjt57fFbV_yvUsEYgRN1QVDQ_PqhCxtgEDJlUKwybCivi8Sz1TaA64aKtMTCNOmrfJbXqXa0rZ1MCVCKypLxSAd16SJEtbeu2Rx6PwYDPgGD0BoXcIWNegUkZVFaViE4drRgOkovXahFk328opaAr-YE3a0TjEpSv9LOeZGE4shrXCaZbzfMdIqUALd5Cp4KmaaD_vTppke7xxLQg94n1sjDOEpWa-yX09aIGWcTyJKscSfp_lVF6V0BIy18qaiuBpP3ZberuNt9Gr8451R1pas_eM3uXCyYrl2u-wQJPwOmOtWI2z07PmY2Kn3TBoYkDeQoMDZVCgpFO9PoWl0jQAwgUWHJb2aqMBVfQHdlUKQ2J9OpReYCuUNpveppCsp8IE4U7Ew5R7Q0h4uE-j0FIbmbS3sSPbfgKenIJQguS68t4V5TO9VDBmvTozlnSM3Bs03i4qpeeRmTFxRByNgwbe6K7ZbSnL2_GkG1bndXvnPbcLOXc5QwiDiP_7ZzeuN3ofZ8opVsJ01x63Obh31yzQwBtXecoRxJ1_k55KOnwFQiX1EmXPQZ4GHJC5fa7h7g62ZADRvsUFWiVThzfjPOwsTa6KsglxX_MCBxVHNvx04DU7Y_NjJOBFe5guIuUTEdO-QCQ-LL95wJCS5bCOAkVa-MBKM9nRvmue5UnhjDOhGiJpmOjKaazSFmO5wBhJtUTh3Fp6ziDsIGa9HNPWlrthnOjMujx3VEU6161oNoS8SuOcAJ4fTJhrSZS8z6N2Y7aPFXlhCuGThlAUuZO2KDnmNikKUsByP3SviD7fdDb7pYFbvTgf3IRFLa3F3PlFlvWd5LKOq6nyYJCUhpV_6Iw9k-S30fGR9kvn0nbeq5wkg-wAhzMALB9YD6Ko9oKoPXJvRDgPo8iHeZK3kL7qt_ZkKF1sLnQR5DWL6VSS5Dvok3Py3sFhPl0mFkUlWmPBJpsbBAVEobre-tsFyj3bHxiyK4Gp0R0US3FUcU_DrzgdRMPn2aqUamMcZMmGVor56VV0GWrRcC3YfYwOxo_cqKAM8oHYiNQEWkV69fGUegyBSf4bFiG-gfzIaKerE3UgavOjzKkX8mE68mxRXFAyueZhwQ0eMMclBSjiZWiYW-lO34_DILUIGx8JfqDTpXCM--8jmoHN3Ui6OrBsj_e5khkPtIrvaz41eJw1CKO_BbvVxm2ygalNHsYG1HbOPAipuwFBbvRGuAKNHUz8gKvoTYZjyF54I9aEevbHv85mSv2WcuVnUrIK-FRJGyq2jCk21bJOAkRkT68zL-ZMfD-qCChCu_ii1SQKWxuR4bn5J11-zEZ2zz8IJ4A2GlBHe1C19uZRRU4lavBUDbu92PkthA2JGkDzOwGDHPAFTy8kFM8W0hwTiMG2kdvpGEuguqOvl93f4_EeLlUF7UzxYTH-tWeLKL-lvPvh7y6jyBK9lmVp7quQWbXlED829n4QK3MIPL7PeSan1OeWgmqzwnHA5TCeqS4Y9FPqGNJmABvK4ASzj0g-kV1ykfBmVzRbTmXumfb0LDvahX_gMsYRUvUjn1NDG1NcWMFkJGjogwsWsmuFtI36Od-F7o_J7ou_sjavP7aANOoYPua2bWKjoWf7mGZ8TCSsalPl95wg02dWes4wNV56MXm2Z63NInZrbbWEhUDSLdjpe6Tjx_3vP9yEPYfW6NguiZysz9eeSEmXPT0DFRRHKfd5vbyQuovDhMbDiPMav_0suBWbBUYucM2057cSBqaQxkDYvbvYGquOdW9h89zfmCCDiT6Fo1iaY4aSplaWk6sNpDN59cNWtNkkt1wFS4OTySQZk2wG9ihQqrxD8ivR26MhSqdETrTiDDy5QN7Ck7wJIIuFf2jWqA0usuGIw7aMBx6TqmS5QeTUdQKD3_CG1JWdbuj8zTWYfD0EPGkvqEhx-ozmd3bQfgMEbY-JpJNkrER9GB8LxbAciOJgGdGy9XohrzyxVZX3H1DvuLO9ZOHoiBtN5P8rIxYOyylb92dAeLIrcdygKNcQTMruHbiRQQ5ggvK_a1MA2WN6hjkI7fdjlyFsG78AtlwJVW1tmi3ShUso91CRx8FivYSPXJS0hEFajjkd0GXwxY2-je2M4Slg2zCCmfmcxtLgtWNOW0J2UIziJEFVMe4bl7GEnvej5_trZABt3EzCP2PvExqhmrObwZyLSrg2_3uJGNmK9G0S-3naW9Sio00lnrcRKDgdCc2lLB_9NJLqxPWRFvAjRhZ0nCqS3kw56cb9vdmlejBIkAMNDT87tOOyeQH00WJi9asi9eDSKXym3szXrkynTv28Zu8QPf05-a8t4Pp1JI3yhcozGVvKQIXW-aOb2Fe6mH1Jy0DoZULuY37Q8iXO-3FFXIV8EMM8DMsCf9U97Kr6aRI74RYvKObAd025g-A7kL9cce74IjlKp41MCwpRfDBtQKbB2eIlPv9TbBWXelkdNSnImqNmOgudDMarl3t5hy9bb3CyhvxOIv06swZaWRd3jrzsMU5yCXyJW9xYHP6sQ0EStVkqmabPzv_SK6ggh3f4ZGZEDjDgqfhEbVWIBthk0HFxBcsn-w4gKNGrWkuf2P3YI6XJtyDcsUxGENAikYdu2E1GRFbEx_B0g2pB6OgMCUysQsVDJiQqWPMQAkXk4MnQoahURKkIfuoU1pdWT5YCIOZN7LHFSEQhnVJhSSB5zc7yDgocabtOrthBSrKSww0_fvslyNMDp2qzd1qDT9QppsvTN7FiDxRmehQ1vESGGtwmwoaIELy0opa0B1Hr-wD90MCJXdhvsNIWNot6WU_BHIQeNBxk_iXZldS5hOPYghuhypcv_05ka1adT8T46Y4TMMu6x34oQrj8VPLUiCMm1Puf7PYdXGXX23N8zSZm12EUuw-C-8xwikSwquRuJD8b3fIUxkjblt9MGJhZVjJu57hw1VMMEtrQyYVJG4r5007tlx7ey6ZULbq6vDB8a1zFWuxL3y5npCRY4naKn7UZd3-c2cCT5EtQYzjJXygEdmWTA_6xwgRg7YJshz_hTNpq6yEh_701woZgrtX8L5UJd68UPY9ogddPQND2iNUfQdGXRCFl4pVhoVI17MUbw5RtbGxmSsSJkxanS_JIptuMJXOSoeDzi5RRUaxzKKc-XbOLFdR7NTvGjwLQ2PlQcw1rfI_P5WbIMUS3O5UC27Z6fpaamtOx88hWargJG5Ms5LNckTG6WtWEhJJK6jLKo4FUcG-gXAT1W2Jyj2YPSfSqYLQmv6ITqdxm6NZfFWwZycAHSAB7IFAnNNyWqckm_Vd5Sbd8H4788xSZZcH_e7PeQJDjvcjwj3BZilX5mzucLnDl9__jyvXqzcMcRcJiQrLnZor-y_pW2GwG5qucE2LRPgEVensd4t1PIr0FI_MPOQEtfM7g3twDqOrTP90F2XxYwbwwwkCiC4vLQe-2BvzKhwVRlY6QQLWgkL4IiHg2Qc70R7qxgOF8Pe8sqfsLKYhz13iJoyCG-XmPlRGPU-t5HLG8k53av9-dBmyNG5j68iWkVvIj488cx88WEatBhenvFbjAptE180r8fcCy3tRPZN_Gli42t1wNhmm9_beuLuXJAFlnOUcHDz-lmQH2ekkPqNHnOfyzgLxVlcC41vncE115hffz8tyRiZJHoM0vHtm2DIe86LuqTvOrOQ7evLB02RgEnc8rOzuI653gtxw_c44Pke1hzcjKI0VBO5RclWtBDFOYkDGK0muViIo2UiOEfyU943m5OCZoP8OC21cPdQVPhNE7DdiX3gWpJhW8-mo482xMK-_yfLFXeA1cIOF1s8uT82OmdAgLdRdJ-Yi9OzYF3TJsMPZa4B9wTjrcUMRsUfQfEQi8dR_PMl4jaNNnzpi5BaM08q3yYvxeOfNq36_ZmAYsUguq7x3Sl20Tt3B4fluco3ySE5Prb_cWzie3unpHQvOc9JN2Qr52-ybZ9opHEYpRxJzLv5wtsgbCruGCtDbsSPK8ncMCrdFfJ6C8wFHc&cid=CAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM&rfl=1%2Chttps%253A%252F%252Ffemalefrag.com%252F%240
IP
File type ASCII text, with very long lines (15155), with no line terminators
Hash c3291b2efc6639f5724cf10cb9bc2368
6830135ca12c6241e3ecfc400153e7b8de96d34e
b7df0574b564c338e9282f312bec346d7b132a618fcbd14e52547ea16f35d81c
GET /dbm/ad?dbm_c=AKAmf-AS92IzwF8vUiI__laN4DiYoePjMwhTzxYbz1xTfGpb49Hm_UrcD6qRPwxRJXDbg_lOJvo4Kki1nB5XvhmDsHt01zu8wF1fvVyIamxF_nu1ehcRsS1WMflDSSvnmvu9BZ39c2TmvQMW1baeHRrXI1Tn2IU1LdaaA8Yrj2OliKVgJ9j2oas&cry=1&dbm_d=AKAmf-A00ineNj5UbXeghQKG4VwcJDBZvipc8_xp8sKU-uyJw6CYSi8dE5XoT6J0JlMri50W-p6Mni8W8XRJLLh9GtLXAF1qp7B0BzOpLlzl6R5xFjpHSDCK0W_6M9SAb2Ro95Q0lH0_7woRwrw6UEo7eIY5l6inekMStMSoTVuWpLt9hI7jTBpYX-Qt01TJwbzgv9fCs_TBaWTDrWW0gH_GbST3sfmN232bTgOsJXowJlYxOuT0Uj01ZgJXONR1RTfAJ6aUtCuEbfEv3M25yE1oxuBTRhkCjYJ3gt7xZMRlDzeCKs4GpOY9ZHYLq_yvWfddvWPpFpoSOWpSexngJ_4mAxqzqIkjuulDWF6PKGT2NEfY0ifepbZhFIxIHXKmOLV6F29T_WpW2x53DTBxOEjt57fFbV_yvUsEYgRN1QVDQ_PqhCxtgEDJlUKwybCivi8Sz1TaA64aKtMTCNOmrfJbXqXa0rZ1MCVCKypLxSAd16SJEtbeu2Rx6PwYDPgGD0BoXcIWNegUkZVFaViE4drRgOkovXahFk328opaAr-YE3a0TjEpSv9LOeZGE4shrXCaZbzfMdIqUALd5Cp4KmaaD_vTppke7xxLQg94n1sjDOEpWa-yX09aIGWcTyJKscSfp_lVF6V0BIy18qaiuBpP3ZberuNt9Gr8451R1pas_eM3uXCyYrl2u-wQJPwOmOtWI2z07PmY2Kn3TBoYkDeQoMDZVCgpFO9PoWl0jQAwgUWHJb2aqMBVfQHdlUKQ2J9OpReYCuUNpveppCsp8IE4U7Ew5R7Q0h4uE-j0FIbmbS3sSPbfgKenIJQguS68t4V5TO9VDBmvTozlnSM3Bs03i4qpeeRmTFxRByNgwbe6K7ZbSnL2_GkG1bndXvnPbcLOXc5QwiDiP_7ZzeuN3ofZ8opVsJ01x63Obh31yzQwBtXecoRxJ1_k55KOnwFQiX1EmXPQZ4GHJC5fa7h7g62ZADRvsUFWiVThzfjPOwsTa6KsglxX_MCBxVHNvx04DU7Y_NjJOBFe5guIuUTEdO-QCQ-LL95wJCS5bCOAkVa-MBKM9nRvmue5UnhjDOhGiJpmOjKaazSFmO5wBhJtUTh3Fp6ziDsIGa9HNPWlrthnOjMujx3VEU6161oNoS8SuOcAJ4fTJhrSZS8z6N2Y7aPFXlhCuGThlAUuZO2KDnmNikKUsByP3SviD7fdDb7pYFbvTgf3IRFLa3F3PlFlvWd5LKOq6nyYJCUhpV_6Iw9k-S30fGR9kvn0nbeq5wkg-wAhzMALB9YD6Ko9oKoPXJvRDgPo8iHeZK3kL7qt_ZkKF1sLnQR5DWL6VSS5Dvok3Py3sFhPl0mFkUlWmPBJpsbBAVEobre-tsFyj3bHxiyK4Gp0R0US3FUcU_DrzgdRMPn2aqUamMcZMmGVor56VV0GWrRcC3YfYwOxo_cqKAM8oHYiNQEWkV69fGUegyBSf4bFiG-gfzIaKerE3UgavOjzKkX8mE68mxRXFAyueZhwQ0eMMclBSjiZWiYW-lO34_DILUIGx8JfqDTpXCM--8jmoHN3Ui6OrBsj_e5khkPtIrvaz41eJw1CKO_BbvVxm2ygalNHsYG1HbOPAipuwFBbvRGuAKNHUz8gKvoTYZjyF54I9aEevbHv85mSv2WcuVnUrIK-FRJGyq2jCk21bJOAkRkT68zL-ZMfD-qCChCu_ii1SQKWxuR4bn5J11-zEZ2zz8IJ4A2GlBHe1C19uZRRU4lavBUDbu92PkthA2JGkDzOwGDHPAFTy8kFM8W0hwTiMG2kdvpGEuguqOvl93f4_EeLlUF7UzxYTH-tWeLKL-lvPvh7y6jyBK9lmVp7quQWbXlED829n4QK3MIPL7PeSan1OeWgmqzwnHA5TCeqS4Y9FPqGNJmABvK4ASzj0g-kV1ykfBmVzRbTmXumfb0LDvahX_gMsYRUvUjn1NDG1NcWMFkJGjogwsWsmuFtI36Od-F7o_J7ou_sjavP7aANOoYPua2bWKjoWf7mGZ8TCSsalPl95wg02dWes4wNV56MXm2Z63NInZrbbWEhUDSLdjpe6Tjx_3vP9yEPYfW6NguiZysz9eeSEmXPT0DFRRHKfd5vbyQuovDhMbDiPMav_0suBWbBUYucM2057cSBqaQxkDYvbvYGquOdW9h89zfmCCDiT6Fo1iaY4aSplaWk6sNpDN59cNWtNkkt1wFS4OTySQZk2wG9ihQqrxD8ivR26MhSqdETrTiDDy5QN7Ck7wJIIuFf2jWqA0usuGIw7aMBx6TqmS5QeTUdQKD3_CG1JWdbuj8zTWYfD0EPGkvqEhx-ozmd3bQfgMEbY-JpJNkrER9GB8LxbAciOJgGdGy9XohrzyxVZX3H1DvuLO9ZOHoiBtN5P8rIxYOyylb92dAeLIrcdygKNcQTMruHbiRQQ5ggvK_a1MA2WN6hjkI7fdjlyFsG78AtlwJVW1tmi3ShUso91CRx8FivYSPXJS0hEFajjkd0GXwxY2-je2M4Slg2zCCmfmcxtLgtWNOW0J2UIziJEFVMe4bl7GEnvej5_trZABt3EzCP2PvExqhmrObwZyLSrg2_3uJGNmK9G0S-3naW9Sio00lnrcRKDgdCc2lLB_9NJLqxPWRFvAjRhZ0nCqS3kw56cb9vdmlejBIkAMNDT87tOOyeQH00WJi9asi9eDSKXym3szXrkynTv28Zu8QPf05-a8t4Pp1JI3yhcozGVvKQIXW-aOb2Fe6mH1Jy0DoZULuY37Q8iXO-3FFXIV8EMM8DMsCf9U97Kr6aRI74RYvKObAd025g-A7kL9cce74IjlKp41MCwpRfDBtQKbB2eIlPv9TbBWXelkdNSnImqNmOgudDMarl3t5hy9bb3CyhvxOIv06swZaWRd3jrzsMU5yCXyJW9xYHP6sQ0EStVkqmabPzv_SK6ggh3f4ZGZEDjDgqfhEbVWIBthk0HFxBcsn-w4gKNGrWkuf2P3YI6XJtyDcsUxGENAikYdu2E1GRFbEx_B0g2pB6OgMCUysQsVDJiQqWPMQAkXk4MnQoahURKkIfuoU1pdWT5YCIOZN7LHFSEQhnVJhSSB5zc7yDgocabtOrthBSrKSww0_fvslyNMDp2qzd1qDT9QppsvTN7FiDxRmehQ1vESGGtwmwoaIELy0opa0B1Hr-wD90MCJXdhvsNIWNot6WU_BHIQeNBxk_iXZldS5hOPYghuhypcv_05ka1adT8T46Y4TMMu6x34oQrj8VPLUiCMm1Puf7PYdXGXX23N8zSZm12EUuw-C-8xwikSwquRuJD8b3fIUxkjblt9MGJhZVjJu57hw1VMMEtrQyYVJG4r5007tlx7ey6ZULbq6vDB8a1zFWuxL3y5npCRY4naKn7UZd3-c2cCT5EtQYzjJXygEdmWTA_6xwgRg7YJshz_hTNpq6yEh_701woZgrtX8L5UJd68UPY9ogddPQND2iNUfQdGXRCFl4pVhoVI17MUbw5RtbGxmSsSJkxanS_JIptuMJXOSoeDzi5RRUaxzKKc-XbOLFdR7NTvGjwLQ2PlQcw1rfI_P5WbIMUS3O5UC27Z6fpaamtOx88hWargJG5Ms5LNckTG6WtWEhJJK6jLKo4FUcG-gXAT1W2Jyj2YPSfSqYLQmv6ITqdxm6NZfFWwZycAHSAB7IFAnNNyWqckm_Vd5Sbd8H4788xSZZcH_e7PeQJDjvcjwj3BZilX5mzucLnDl9__jyvXqzcMcRcJiQrLnZor-y_pW2GwG5qucE2LRPgEVensd4t1PIr0FI_MPOQEtfM7g3twDqOrTP90F2XxYwbwwwkCiC4vLQe-2BvzKhwVRlY6QQLWgkL4IiHg2Qc70R7qxgOF8Pe8sqfsLKYhz13iJoyCG-XmPlRGPU-t5HLG8k53av9-dBmyNG5j68iWkVvIj488cx88WEatBhenvFbjAptE180r8fcCy3tRPZN_Gli42t1wNhmm9_beuLuXJAFlnOUcHDz-lmQH2ekkPqNHnOfyzgLxVlcC41vncE115hffz8tyRiZJHoM0vHtm2DIe86LuqTvOrOQ7evLB02RgEnc8rOzuI653gtxw_c44Pke1hzcjKI0VBO5RclWtBDFOYkDGK0muViIo2UiOEfyU943m5OCZoP8OC21cPdQVPhNE7DdiX3gWpJhW8-mo482xMK-_yfLFXeA1cIOF1s8uT82OmdAgLdRdJ-Yi9OzYF3TJsMPZa4B9wTjrcUMRsUfQfEQi8dR_PMl4jaNNnzpi5BaM08q3yYvxeOfNq36_ZmAYsUguq7x3Sl20Tt3B4fluco3ySE5Prb_cWzie3unpHQvOc9JN2Qr52-ybZ9opHEYpRxJzLv5wtsgbCruGCtDbsSPK8ncMCrdFfJ6C8wFHc&cid=CAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM&rfl=1%2Chttps%253A%252F%252Ffemalefrag.com%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 15:08:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 11262
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Nov-2022 15:23:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 911aaee97cb711fd8c99c9d61640be4f
db0e0e9fee4f1c8eaf63b796dc069c0afd215d93
802d540d3777f91314f3a2ce0165eec299fb4d1020ec71c3dae0e7aee79a4156
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "802D540D3777F91314F3A2CE0165EEC299FB4D1020EC71C3DAE0E7AEE79A4156"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14716
Expires: Wed, 30 Nov 2022 19:13:31 GMT
Date: Wed, 30 Nov 2022 15:08:15 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/djaavvuv8jta?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D
200 OK 4.2 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/djaavvuv8jta?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1761), with CRLF line terminators
Hash 09d07e9511ed5c63a298e8c44a62df6b
35290494728e94582d2079a309e0b89f783f5520
adead10cee017e17640be0e6e898f6ad3db5c4eacddd3971a53cdd38be788e3b
GET /zone/djaavvuv8jta?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4158
Connection: close
Content-Type: text/html; charset=UTF-8
hal900021.redintelligence.net/request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
302 Found 0 B URL HTTP/1.1 hal900021.redintelligence.net/request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900021.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 15:08:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 30 Nov 2022 15:08:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=1b998e2f2039b888; expires=Tue, 28-Feb-2023 15:08:15 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
hal900021.redintelligence.net/request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
200 OK 511 B URL HTTP/1.1 hal900021.redintelligence.net/request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 453523cf851d8e01eaa36d5c5d13d680
e584c68296187ffc0b1d8f3ceda5e2e24af5b4af
6fff23abc9faa1151c307e570fb2b097cfb12f5a5337950263391f6ba89a314b
GET /request.php?zone=djaavvuv8jta&nw=20&renderingType=javascript&namespace=e516660ec1&subid=&uid=5cc0a52da3c6e513&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXBY33nGHY_e5MozFywXDyLjgAcm5opxp5LTNztUP8C4QASCqgMMiYMOEgICYGMgBCakC6WENi-VjsT6oAwGqBOEBT9BQibJtnYc1UefJ3WLsi6i_DSyvnxZw3WkYjLACxiQ0JBtWTzBLaaXIvANT70zA7wHkgREMhSWcUz_6vMMGR50UFpGt7uMLZXR9nZp8rqAYUAfOLv64CkSbQs37Cu3P1AT1wbT07nXpE2G11OarwecauS7Nsvzbgih3JPWP3Z5O0ithTegM-d7P1zG7gw2DF-dTqTvo1hqS5xc9Fabtf5whaj66ZVcahxxDlp3oPe_R_sP853xq5FMTdPgl5dJAhZqldKuBavYSm1xtZL4P8loVaLfwxfHcJ_0oaxBEnHy4wATBvZT88wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEgiA4YAQEAEYHTICqgI6A4DAA_IIG2FkeC1zdWJzeW4tMzY0MTIwMzE4ODU2ODI4OIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9aBhNMORUoIZcPic81RmDMjfqtsS4Dbj-DuMD1fgyNagg1T13o1Q1Dyrw_ilx55HfE4JM4BRYowdi9Q8YI5tqlFxOqzc6UxgBIBM%26sig%3DAOD64_2-OoB4gyMaVxXw-Dd5s79zgneHQQ%26client%3Dca-pub-5512390705137507%26dbm_c%3DAKAmf-CECHKBL73vhxrd0RFCw-ji1pgoqFVLMAxcTVvFMnMcfT7-EnrwMmL6i9fiMrCMx2-VAYonDHFVUbYYONIhJdok1iZZflEbt8zFwyUlUIeaf3ap_mUDk8t7OYKpgQeWyMkenp1pZHT-ugvGpV6k2eXiq8any-0Taj5ojICGBO0-CqnqML8%26cry%3D1%26dbm_d%3DAKAmf-Dyaj2R52-Qxg2qUoMjesnTDqNAOViuHe82W64Yrg_OMssL6u2saVe8HSuZTvnhm1V_AADUvyC9_nOrNPmhIlmVdic_kGsKsksvFaiZulOyPPJIfu0VjaBYFz5p3y-WMOBxQFMHOcmFawwTO8C7AI8AhFFLfqolzkJLHV51aAzE4UwKVkikqGS4VRg1lG6UE7e395K4wmweKMtvsDWtjN6D-gMJ6I0sy__6IG0lothbscjdFrVQ8yp3eYlr9lxcdoURScBBv6mjxBEe9G5uMwNiEQae7a0TPbPF155w5lX3a6XXeLXtfD0BoNrge8nAb7cm1SPADoG58PEJ2U3jkl-UQRwemdsBI2NRXj_pA9H4vIif_-FuMGyjZo7aeu6EhEJmrtl6dmcmtgSfRPAJPQyNVgtH1uQfynyABE09z-I0X_AvRBS0_qmBJ_7orMVQO0gi-lsppaVFewcnt2ZhKTJkX2_ho9eXSrSg814QQPduPzU8MBS09k0zXF6p9-fl2Z-bPidBpIQWW4_N5wQ5Iqsr9gMXyJ1jg2BOxhbobXpEAsjOGsp5t3rfgTiY8-gljWyP2NsRaGttriX5kpDaZPNxc5tmmvjdwt14An76epriwkigdI8%26adurl%3D&documentReferer=https%3A%2F%2Ffemalefrag.com%2F&ancestorOrigins=null&random=8821090450384&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900021.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=1b998e2f2039b888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:15 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 30 Nov 2022 15:08:15 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=1b998e2f2039b888; expires=Tue, 28-Feb-2023 15:08:15 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 86773700078446004438342012159021
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 511
Connection: close
Content-Type: application/x-javascript; charset=utf-8
hal900021.redintelligence.net/request_content.php?s=86773700078446004438342012159021&a=009e6d2e
200 OK 1.5 kB URL HTTP/1.1 hal900021.redintelligence.net/request_content.php?s=86773700078446004438342012159021&a=009e6d2e
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5e17852012f9643028b0d2bfe955728d
4f8532c3b853b4054d0ce2e830e3c63015f87407
98f7f206ba9f26cfce6751ea87a44d7acd81fd52523958dab4e5b6e61fb8cdae
GET /request_content.php?s=86773700078446004438342012159021&a=009e6d2e HTTP/1.1
Host: hal900021.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d591c797ffd50006edb1bc9696b2d0fb.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=1b998e2f2039b888
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:16 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 30 Nov 2022 15:08:16 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1503
Connection: close
Content-Type: text/html; charset=utf-8
hal900021.redintelligence.net/viewability?s=86773700078446004438342012159021&a=aa6ad955&vb=m
200 OK 0 B URL HTTP/1.1 hal900021.redintelligence.net/viewability?s=86773700078446004438342012159021&a=aa6ad955&vb=m
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=86773700078446004438342012159021&a=aa6ad955&vb=m HTTP/1.1
Host: hal900021.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900021.redintelligence.net/request_content.php?s=86773700078446004438342012159021&a=009e6d2e
Cookie: 8lcfmzhxc8d6_uid=1b998e2f2039b888
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:08:16 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-970x90.gif
200 OK 24 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-970x90.gif
IP
File type GIF image data, version 89a, 970 x 90\012- data
Hash 08e3fed830f839fc1c6afec171bd4b67
0669fa29f69e0465ec7875b07b99e4764fef1a21
38453bff795a12c184a0475a9442ce348cea9fcb8b70a8dbb4cce0f7f1c5820f
GET /24i/content/soberfb/EN/S-970x90.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900021.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 15:08:16 GMT
Content-Type: image/gif
Content-Length: 24426
Last-Modified: Mon, 23 Jul 2018 15:20:15 GMT
Connection: close
ETag: "5b55f22f-5f6a"
Accept-Ranges: bytes
ocsp.digicert.com/
200 OK 313 B IP
Hash 8084f7c0c28956fcf9a6ff20649067c6
2152ee24020739139bf1f185ca34d215b5500032
85e7af2423ee2d4b3f6ae13762dd5fe182b8cbfb9800a0a84ddebbf60ba45835
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5832
Cache-Control: max-age=164140
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:17 GMT
Etag: "63873945-139"
Expires: Fri, 02 Dec 2022 12:43:57 GMT
Last-Modified: Wed, 30 Nov 2022 11:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 8084f7c0c28956fcf9a6ff20649067c6
2152ee24020739139bf1f185ca34d215b5500032
85e7af2423ee2d4b3f6ae13762dd5fe182b8cbfb9800a0a84ddebbf60ba45835
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5826
Cache-Control: max-age=164134
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:17 GMT
Etag: "63873945-139"
Expires: Fri, 02 Dec 2022 12:43:51 GMT
Last-Modified: Wed, 30 Nov 2022 11:06:45 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 280 B IP
Hash 9d28c9c9a06e2f1fccdab4d092494170
8a514328e825c1d2e5cbe3123a13f9c7d55551a6
57d6d5272702a3b64e3b31f07dd23dea65009efae180fc9a6876f98ef5f24cac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5802
Cache-Control: max-age=158375
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:17 GMT
Etag: "638722de-118"
Expires: Fri, 02 Dec 2022 11:07:52 GMT
Last-Modified: Wed, 30 Nov 2022 09:31:10 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
js.wpushsdk.com/npc/sdk/wpu/csub.m.js
200 OK 38 kB URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/csub.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 85eeceb51728384f32e8ab7ae71ebf16
a3a8d38ebd330e1dbe6b4c5609a43cdc468a7388
05911e091d39e5fb802fae32116e1fb66f9c3dd42fe210643e2bd3bf23910728
GET /npc/sdk/wpu/csub.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:14 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 13 Oct 2022 09:19:10 GMT
etag: W/"6347d80e-16007"
content-encoding: gzip
expires: Wed, 30 Nov 2022 15:13:14 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 01 Dec 2022 15:08:19 GMT
Date: Wed, 30 Nov 2022 15:08:17 GMT
Connection: keep-alive
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 01 Dec 2022 15:08:19 GMT
Date: Wed, 30 Nov 2022 15:08:17 GMT
Connection: keep-alive
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1
200 OK 403 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1
IP
File type JSON data\012- , ASCII text, with very long lines (487), with no line terminators
Hash 1643a3c5688a93ad7b6218db04c2f238
6d0fcf93ab0d8e84e89ff20cc499330f8352c46b
4f0900194e3abdc865df14599c1f3ff17c8297431dda3e29400b60f63f23a0b2
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://femalefrag.com
server-processing-duration-in-ticks: 910887
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 57d72449-40ab-4cc0-a6d2-0927871d2a27
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: dfca9fa8-4ef8-423c-b3e8-e876ca1b5a5c
Set-Cookie: uuid2=6091275768235873052; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 15:08:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 279 B IP
Hash 4ddfcf5d90fccda4743e05a0534833d2
e150be0b521fd1e021c6cea1aab8c5d680200c12
b13fb4d6a9ace2203b2bbaf0413b78a84213635f1959a66224fd76728f535e3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5785
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:17 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: aedb6a02-c9af-46e8-99c1-2d983ce94fb3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 30 Nov 2022 15:08:17 GMT
content-length: 0
location: /usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
cf-ray: 77247f62788db527-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4dx4fWk.PpZ0VrvoDTmrwAA; Path=/; Domain=casalemedia.com; Expires=Thu, 30 Nov 2023 15:08:17 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=683; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Feb 2023 15:08:17 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=683; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Feb 2023 15:08:17 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9IHJg81rdAXpQqgerVHkx740mGee2bOSREyesUYCqzQbj8lIcjdwwUpf6B4AcWkYlrfGfxCXph7yTyTdE0CQcV237VXsGjmmDJO3wyEQfV%2FNuugKjP1lF%2BO2n6UWlkiSJMgCTGVg5bDpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 4ddfcf5d90fccda4743e05a0534833d2
e150be0b521fd1e021c6cea1aab8c5d680200c12
b13fb4d6a9ace2203b2bbaf0413b78a84213635f1959a66224fd76728f535e3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5736
Cache-Control: max-age=138115
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:08:17 GMT
Etag: "6386d3fc-117"
Expires: Fri, 02 Dec 2022 05:30:12 GMT
Last-Modified: Wed, 30 Nov 2022 03:54:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
200 OK 380 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash e8451f4d0426d622337d5f268959555a
33481e88f6432becb11ffba2271dce4ce05b08a4
199b85275a2ad7f233a0ff32e990a20d932bea281d4598b52c1d9b85026ad12b
GET /usermatch?d=https%3A%2F%2Ffemalefrag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://js-sec.indexww.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:17 GMT
content-type: text/html
cf-ray: 77247f62b8dbb527-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Qs0KdQ6IVCa55xZ5swUAzW6jf47fr7H%2FqbuLqIrBBv0IDPiXMgQSwgPaUqxyJdvh7I9F8udtwFM%2BwR4asbqNn9uq840V42Fv1L8UM3VsTNLFTFyDGTetyoqwg3Mcc3tgQjxI%2FTuXOacPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.indexww.com/ht/htw-pixel.gif?0
200 OK 43 B URL HTTP/2 cdn.indexww.com/ht/htw-pixel.gif?0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /ht/htw-pixel.gif?0 HTTP/1.1
Host: cdn.indexww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:17 GMT
content-type: image/gif
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
etag: "da1f1d-2b-546dc3a097100"
cache-control: public, max-age=86400
expires: Thu, 01 Dec 2022 15:08:17 GMT
edge-control: cache-maxage=1h
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cf-cache-status: HIT
age: 59816
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77247f638c78b4e8-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 4c1aa14f-0fb9-4a08-98d3-f4a90fc72f97
Set-Cookie: uuid2=4200727637770369327; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 15:08:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 5d3e4a21-8eea-417c-8842-5cfb2805f62b
Set-Cookie: uuid2=8448073258390299673; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 28-Feb-2023 15:08:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 2c70e1c8-35fa-4698-a049-fbbcd2017100
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 30 Nov 2022 15:08:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: b7afeb07-8bcc-4ce5-99a9-d1d86b5b1c4c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558
200 OK 0 B URL HTTP/2 femalefrag.com/emma-stone-andrew-garfield-reunited-governors-awards-22558
IP
GET /emma-stone-andrew-garfield-reunited-governors-awards-22558 HTTP/1.1
Host: femalefrag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
expires: Thu, 01 Dec 2022 15:08:12 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKMhjbAqH1rOCPBwnDrfiKq6kkfx6St4JI3pZEWaki2BBX5MHvoopIipwaZ0pQGNnQkI%2FlixX5u3I7LVI4uacPRPPdexXNqhdbBZWdZO8LjdoZtrusueDtVEDeI1pnLumA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77247f40abb00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 19131699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77247f434c100b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.zx-adnet.com/consent/cookies_gdpr.js?0.22185377223790492
200 OK 0 B URL HTTP/2 cdn.zx-adnet.com/consent/cookies_gdpr.js?0.22185377223790492
IP
GET /consent/cookies_gdpr.js?0.22185377223790492 HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "6d9479856d34b784a695cf827606b5512cda2503d6ed62ebe429f4ef02dd9fef-br"
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Wed, 30 Nov 2022 15:08:12 GMT
x-served-by: cache-bma1653-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669820893.638256,VS0,VE194
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
get.optad360.io/sf/prebid5.14.0.js
200 OK 0 B URL HTTP/2 get.optad360.io/sf/prebid5.14.0.js
IP
GET /sf/prebid5.14.0.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 20 Nov 2022 01:10:10 GMT
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
etag: W/"6dd0a13bde35d2daa452bba998871016"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oWF3xZDjOjDNZiuev0MJ3CvIqUV9NH13rtWPRHYW1mPENqhpKuPfsA==
age: 914284
X-Firefox-Spdy: h2
cst.cstwpush.com/static/adManager.js
200 OK 0 B URL HTTP/2 cst.cstwpush.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: cst.cstwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://femalefrag.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:13 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Wed, 30 Nov 2022 15:13:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
200 OK 0 B URL HTTP/2 get.optad360.io/sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js
IP
GET /sf/29c44d7c-8171-46d6-a484-9d3087559448/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 30 Nov 2022 15:06:10 GMT
last-modified: Thu, 10 Mar 2022 12:36:00 GMT
etag: W/"588fa2466d71b4d118fdf3af043b05a4"
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rIglGHgS2nnfEoAbDuIZ0djhVkZk0JSz5Vk12gQXu2gVcxNodDZlJg==
age: 123
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
IP
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:12 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"346a1-5pJjF6sMSAvD5NiPdWPuLzoQQcw"
x-served-by: cache-fra-eddf8230060-FRA, cache-yyz4530-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 10759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtRhikSVtRg%2BriBpBtAc2WTcVAOFKE3rWIhyRDrA6QhozOc4UmUqxZy45jrS7okejR1u7kcSrEP7BzLmEQ1MeSTSqCQ0FOJamILDUxBVtPXU9Lbt0LaVt80Zr0PUuOfl73s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77247f448cbcb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.wpadmngr.com/static/adManager.m.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://femalefrag.com
Connection: keep-alive
Referer: https://femalefrag.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:13 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 30 Nov 2022 13:10:49 GMT
etag: W/"63875659-17718"
content-encoding: gzip
expires: Wed, 30 Nov 2022 15:13:13 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
js-sec.indexww.com/um/ixmatch.html
200 OK 0 B URL HTTP/2 js-sec.indexww.com/um/ixmatch.html
IP
GET /um/ixmatch.html HTTP/1.1
Host: js-sec.indexww.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://femalefrag.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:17 GMT
content-type: text/html; charset=UTF-8
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cf-cache-status: HIT
age: 373
expires: Wed, 30 Nov 2022 19:08:17 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 77247f615f8bb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Ffemalefrag.com%2F&domain=femalefrag.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://femalefrag.com/
Origin: https://femalefrag.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 15:08:17 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://femalefrag.com
server-processing-duration-in-ticks: 204543
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
104.21.82.69
185.184.8.90
157.90.84.242
104.18.21.226
104.26.8.169
178.250.0.157
37.157.5.142
23.38.200.189
87.250.251.119
93.184.220.29