Overview

URL xfantazy.com/video/61a9022f44a9b903f78ac06c
IP104.26.0.188
ASNCLOUDFLARENET
Location United States
Report completed2022-06-30 21:45:10 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-30 2 cdn.barscreative1.com/sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/16511 (...) Phishing
2022-06-30 2 a.bestcontentfood.top/warp/4788750?r=91961 Phishing
2022-06-30 2 a.bestcontentfood.top/warp/4787914?r=42058 Phishing
2022-06-30 2 a.bestcontentfood.top/warp/4787912?r=81584 Phishing
2022-06-30 2 a.bestcontentfood.top/warp/4787908?r=61555 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 migrantspiteconnecting.com Sinkholed
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 captivatepestilentstormy.com Sinkholed
2022-06-30 2 unseenreport.com Sinkholed


Files

URL captivatepestilentstormy.com/pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F (...)
IP  192.243.61.225
Magic gzip compressed data, max compression\012- data
Size 1086
MD5 d4a599a2049f8de894c8051003e07e23
SHA1 a17dbc606227b3351f311e86b07296470b4c9206
SHA256 aa8c657fc49e3d374a84bd21b06bf9d3adc8d804563e2ee366d4e7cc3ec802cc
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (49)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] roomimg.stream.highwebmedia.com (1) 23037 No data No data 104.19.241.83
[Mnemonic Passive DNS] awecre.com (1) 417208 No data No data 93.93.51.191
[Mnemonic Passive DNS] bam.nr-data.net (1) 630 2022-05-18 16:30:58 UTC 2022-06-30 18:00:31 UTC 162.247.241.14
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-30 04:44:50 UTC 54.230.111.99
[Mnemonic Passive DNS] fonts.gstatic.com (3) 0 2017-01-30 04:59:51 UTC 2022-06-30 18:07:44 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] ocsp.globalsign.com (2) 2075 2012-05-25 06:20:55 UTC 2022-06-30 18:06:33 UTC 104.18.21.226
[Mnemonic Passive DNS] cdn.tsyndicate.com (1) 16265 2020-06-24 08:05:11 UTC 2022-06-30 12:39:55 UTC 8.254.252.211
[Mnemonic Passive DNS] 8b56ac0859.f4b4a4af96.com (1) 0 2022-06-27 03:30:46 UTC 2022-06-30 11:09:10 UTC 45.133.44.25 Unknown ranking
[Mnemonic Passive DNS] static-assets.highwebmedia.com (4) 16059 No data No data 104.16.94.42
[Mnemonic Passive DNS] code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-06-30 18:01:28 UTC 69.16.175.42
[Mnemonic Passive DNS] ocsp.sectigo.com (9) 487 2018-12-17 11:31:55 UTC 2022-06-30 18:06:27 UTC 172.64.155.188
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-06-30 04:44:04 UTC 142.250.74.3
[Mnemonic Passive DNS] cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-06-30 18:06:33 UTC 151.101.85.229
[Mnemonic Passive DNS] migrantspiteconnecting.com (1) 0 No data No data 192.243.61.227 Unknown ranking
[Mnemonic Passive DNS] cbjpeg.stream.highwebmedia.com (2) 23619 2017-04-28 19:22:25 UTC 2019-04-04 16:04:10 UTC 131.153.88.94
[Mnemonic Passive DNS] pt-static1.ptlwmstc.com (1) 154690 No data No data 93.93.51.200
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-30 18:05:14 UTC 93.184.220.29
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] mc.yandex.ru (9) 2672 2017-01-29 05:34:36 UTC 2022-06-30 09:56:40 UTC 87.250.251.119
[Mnemonic Passive DNS] pt-static3.ptlwmstc.com (1) 234386 No data No data 93.93.51.200
[Mnemonic Passive DNS] fp.metricswpsh.com (2) 0 No data No data 23.88.85.6 Unknown ranking
[Mnemonic Passive DNS] xfantazy.com (13) 167260 No data No data 104.26.0.188
[Mnemonic Passive DNS] static-cache.k2s.cc (14) 182663 No data No data 188.72.235.186
[Mnemonic Passive DNS] 1823b75ab1.e55cdcbcd2.com (2) 0 2022-06-27 03:14:37 UTC 2022-06-30 14:14:31 UTC 45.133.44.25 Unknown ranking
[Mnemonic Passive DNS] unseenreport.com (1) 0 No data No data 192.243.59.20 Unknown ranking
[Mnemonic Passive DNS] e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-06-30 18:06:05 UTC 23.36.77.32
[Mnemonic Passive DNS] cdn.cloudimagesb.com (2) 23099 2021-02-12 16:15:41 UTC 2022-06-30 14:39:40 UTC 45.133.44.9
[Mnemonic Passive DNS] pxl.tsyndicate.com (3) 14763 No data No data 136.243.69.157
[Mnemonic Passive DNS] r3.o.lencr.org (16) 344 2020-12-02 08:52:13 UTC 2022-06-30 18:07:32 UTC 23.36.76.226
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-30 18:07:15 UTC 54.244.16.100
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (4) 1631 2017-09-01 03:40:57 UTC 2022-06-30 11:01:19 UTC 34.120.237.76
[Mnemonic Passive DNS] simplewebanalysis.com (1) 0 No data No data 18.194.245.245 Unknown ranking
[Mnemonic Passive DNS] chaturbate.com (1) 6807 2012-10-03 13:53:21 UTC 2022-06-21 21:06:18 UTC 104.18.100.40
[Mnemonic Passive DNS] lcdn.tsyndicate.com (5) 12634 2020-03-31 14:26:34 UTC 2022-06-30 12:39:56 UTC 8.254.252.214
[Mnemonic Passive DNS] as.sexad.net (4) 86240 No data No data 216.127.52.242
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-06-30 17:52:54 UTC 142.250.74.174
[Mnemonic Passive DNS] cdn.barscreative1.com (1) 25648 No data No data 172.67.205.72
[Mnemonic Passive DNS] a.focusde.info (4) 499386 2022-01-15 21:28:39 UTC 2022-06-30 10:48:40 UTC 135.181.208.216
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (1) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] addresseetransportationsyndrome.com (1) 499417 No data No data 192.243.61.225
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-06-30 18:06:11 UTC 173.194.73.157
[Mnemonic Passive DNS] a.bestcontentfood.top (4) 54526 No data No data 104.21.52.148
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-06-30 18:01:29 UTC 151.101.86.137
[Mnemonic Passive DNS] m.sancdn.net (4) 89507 2012-09-29 23:09:57 UTC 2022-06-30 11:22:25 UTC 69.16.175.10
[Mnemonic Passive DNS] xfantazy.com (13) 167260 No data No data 104.26.1.188
[Mnemonic Passive DNS] captivatepestilentstormy.com (6) 0 No data No data 192.243.61.225 Unknown ranking
[Mnemonic Passive DNS] creepingbrings.com (1) 0 No data No data 104.21.234.233 Unknown ranking
[Mnemonic Passive DNS] 122794cdfd.f4b4a4af96.com (1) 0 2022-06-30 06:38:05 UTC 2022-06-30 10:48:43 UTC 168.119.25.22 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 104.26.0.188

Date UQ / IDS / BL URL IP
2022-08-07 05:26:28 +0000
0 - 0 - 7 xfantazy.com/video/60ceeb19fc8074710cd8d346 104.26.0.188
2022-07-21 02:48:29 +0000
0 - 0 - 15 xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...) 104.26.0.188
2022-07-18 07:56:58 +0000
0 - 0 - 11 xfantazy.com/video/6077ed9571522c56cc49527e 104.26.0.188
2022-07-02 19:57:15 +0000
0 - 0 - 11 xfantazy.com/video/5cf1ab8c6c89ed59483db333 104.26.0.188
2022-06-30 10:48:51 +0000
0 - 0 - 12 xfantazy.com/video/5faf3f85933a6a4a0dd17289 104.26.0.188
2022-06-09 18:40:53 +0000
0 - 0 - 11 https://xfantazy.com/search/dom%20karin 104.26.0.188

Last 10 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-08-09 11:44:06 +0000
0 - 0 - 1 muerdeculos.es/ 104.21.75.227
2022-08-09 11:43:35 +0000
0 - 0 - 2 register.pickaflick.co/qkkfp/en/ 172.67.158.20
2022-08-09 11:40:31 +0000
0 - 0 - 1 b97bca39.srvr-cloudmail-srvr6754e5rte.pages.d (...) 172.66.47.35
2022-08-09 11:40:25 +0000
0 - 0 - 5 caioaraujo.vip/P1K/ 172.67.197.69
2022-08-09 11:36:05 +0000
0 - 0 - 2 new1.gdtot.sbs/file/8694275640 104.21.15.74
2022-08-09 11:35:31 +0000
0 - 0 - 2 document-cloud-secure.piltrimuging.workers.dev/ 172.67.160.144
2022-08-09 11:34:04 +0000
0 - 0 - 27 www.karllagfr.com/ 104.21.1.140
2022-08-09 11:33:25 +0000
0 - 0 - 3 piktina.com/blog/wp-content/uploads/NEFT_Paym (...) 104.26.12.219
2022-08-09 11:33:02 +0000
0 - 0 - 6 shop.fixyourdirtbike.com/087654UYHJ9786545/13 (...) 172.67.201.142
2022-08-09 11:32:56 +0000
0 - 0 - 3 aplintec.com.mx/snc.binb/5/login.php 104.21.87.83

Last 10 reports on domain: xfantazy.com

Date UQ / IDS / BL URL IP
2022-08-07 05:26:28 +0000
0 - 0 - 7 xfantazy.com/video/60ceeb19fc8074710cd8d346 104.26.0.188
2022-08-04 22:26:39 +0000
0 - 0 - 12 xfantazy.com/video/5d2d437e096092717ce5de4d 104.26.1.188
2022-08-02 14:47:40 +0000
0 - 0 - 12 xfantazy.com/video/6241e9cd5dffd01d05ad683f 104.26.1.188
2022-07-21 02:48:29 +0000
0 - 0 - 15 xfantazy.com/video/62c1006a13dbbc05e42f0fe4?a (...) 104.26.0.188
2022-07-18 07:56:58 +0000
0 - 0 - 11 xfantazy.com/video/6077ed9571522c56cc49527e 104.26.0.188
2022-07-11 03:39:28 +0000
0 - 0 - 2 xfantazy.com/video/604d8d64c9215d189dd38dc9 104.26.1.188
2022-07-03 19:42:38 +0000
0 - 0 - 1 xfantazy.com/video/5f8a67a0b10ac0696f76bef4 172.67.69.220
2022-07-03 14:58:28 +0000
0 - 0 - 2 xfantazy.com/video/5fd7f7e0bd2f3b4a261325ef 104.26.1.188
2022-07-02 19:57:15 +0000
0 - 0 - 11 xfantazy.com/video/5cf1ab8c6c89ed59483db333 104.26.0.188
2022-06-30 10:48:51 +0000
0 - 0 - 12 xfantazy.com/video/5faf3f85933a6a4a0dd17289 104.26.0.188


JavaScript

Executed Scripts (142)


Executed Evals (2)

#1 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 44379bf89e3d499c6e5084c2762e92070d823eb0c3b4f20d8fa9adbafe954ba9

                                        (function() {
    var b = 23;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
                                    

#2 JavaScript::Eval (size: 125, repeated: 1) - SHA256: 920d80e57685294073e6844ab22908618709844b22774b5e6c29e260c3a62799

                                        (function() {
    try {
        return document.getElementsByTagName("video")["fluid-videoplayer"] ? "ready" : "null"
    } catch (a) {
        return "null"
    }
})();
                                    

Executed Writes (9)

#1 JavaScript::Write (size: 449, repeated: 1) - SHA256: 6b753a82c2b4c4c9bd8b83e6d79c44c37b36478ed443a43a338af303929d6bbf

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787914"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787914?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#2 JavaScript::Write (size: 449, repeated: 1) - SHA256: a81bb422d0bc483c5b0854665f30031275c2c069c18c6242e498865a65a55f52

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787908"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787908?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#3 JavaScript::Write (size: 7840, repeated: 1) - SHA256: 8d464e6c01cf26963fc0c618f3168cbd4a2411b3f4a4d5ae3ad790217cc51379

                                        < !DOCTYPE html > < html > < head > < meta charset = "UTF-8" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" > < style type = "text/css" > * , body, html {
    margin: 0;padding: 0;border: none;
}
body, html {
    width: 100 % ;height: 100 % ;
}
iframe[seamless] {
    background - color: transparent;
    border: 0 px none transparent;
    padding: 0 px;
    overflow: hidden;
    margin: 0;
} < /style></head > < body > < script src = "//lcdn.tsyndicate.com/sdk/v1/b.b.js" > < /script><script type="text/javascript
">function openLink(e) {this.elmHref = e.href, this.elm = e, this.init()}openLink.prototype = {init: function() {var e = this;this.addEvent("
click ", this.elm, function(t) {var n = t || window.event;n.preventDefault ? n.preventDefault() : n.returnValue = !1, window.open(e.elmHref + e.getPositionCursor(n), "
_blank ")})},getPositionCursor: function(e) {var t = document.documentElement,n = e.pageX || e.clientX + (t.scrollLeft ? t.scrollLeft : document.body.scrollLeft),o = e.pageY || e.clientY + (t.scrollTop ? t.scrollTop : document.body.scrollTop);return " & x = " + n + " & y = " + o},addEvent: function(e, t, n) {if (t.addEventListener) t.addEventListener(e, n, !1);else if (t.attachEvent) return t.attachEvent("
on " + e, n)}};var t = new Date();var d = new PrivacyModeDetector();var count = 0;var processed = 0;var delta;function l(turl, r, cid, s, p, w, cl) {if (!r && window['BackUpCampaignBanner']) {BackUpCampaignBanner();return;}delta = new Date() - t;setTimeout(insertPixel, 1000);d.report(insertPixel);function insertPixel(priv) {if (processed >= count) return false;var qPixel = document.createElement("
script ");var pm = priv === undefined ? '' : '&priv=' + priv;qPixel.src = turl + (turl.match(/&$/) ? '' : '&') + 'r=' + r + '&d=' + delta + pm + (turl.match(/&w=/) ? '' : '&w=' + (w ? 't' : 'f'));document.body.appendChild(qPixel);processed++;}if (cl) { new trackIFrameClick({id:'ts_t_'+cid, params:['s='+s,'p='+p,'t=' + (w ? 't' : 'f')]}); }};</script>




< script type = "text/javascript" > function u7de8cc39(r) {
    l('//pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIm4cxDFmzIwcLcrAsBGShhgcYlrkqCFDRgsyM3CQwVFmho0aNmTQEPEwTJ0xGcvcMCMmRw4ZYVqIsREGRgsaIGO0wBHmxtMYOnfC2CkjBxkzPSGSsbNQBo4YJB_CqSOGolcYFSHCgbMQx42oD-fAmaiDBskaMXLMeNhmb9-_OAXfeDimTV2_MmzAgEF4bFiGD8W4cWMWR1wcOXAUdoOR4QyXMNa2Kb0QJw25deSwWTgDBt4YNxyKqCMjIxo6dODM0fHiBZ44ctyocSGnIJk8Zt7IMVPHjQs3Zei8GMOdDBkYYcSIkWFmjIwYNHTX-DEnRg8b6mnU4FKHsuQ5Mnqk123jRoz67rNhjhl6SCywwQLkasAaDJSMshkUlGwMNtIYY40v0iCjhyHSiGIGLY6ogoYsZGhCjyemiIGNJojIogYmqJAijSeOSIKOJ6ioIo8m0ohhjRPRWKPGKvRwQo0qTFQjiijyoGMOIY54woo1kliiDShaCKKIO9agIYgwnngiDiHiuMOIIIKoIo08grDiDCGwFCIMIqL4oo4qxCCCCSSSkNAGNd4D0L4F1chhP7HgaIOih95QlFERyHhjUR0gckG6MeqY4yAX0nBDOrHGCKOvLWaIoYu15AhKBxhcoEwuR1VdqNVXNcOMVrnksAOyhh6qo440MrpthvHMuOGGFmoYgwxkaTCjDBpWKqOMl2QgwwZixxCjjM-aEisNyETIIQYXcmiVBhlcaIinh-TIMNxxyz033XXFqiOMjJp4Q4802GAjjBdqcBUEFLCIIYYdQGDC0zrwAAEPHGz4Ir6EddUhBxtcTQGEI8q48I0XZIjr1bhAMCIN56TD4wWMXQ11VRGceEKs6b7wKCOZxWID5iKcEOsgO75wjjaGajgWh5s-U00EOc7oTAcZarjrIaC_EEMOu0aLtIyg23iDDM9skIsMOd6orVGFoE71DTzyWIiGdsvAbKDghivuhTAufSPTTcvo9FOQxbojoxjOgkEsNAjnil0R5tA1o7LpGHW6FqxLg44WQHKBjDEK_xnmg77g3HOLKM0qJ51qqKGy0n1jCCcbUl_9pvR8IkPoMvb6YlSKYJeddRG43p0NhJ5cqFQaUIVIjL62NuMnNiZaa-dZGzMNhj4UCAg%3D&s=4ace337cf31fdc01bc6709ff613f1f701c8bcad32a9dfc93724a635ff0e7e0ab1656625503&w=t', r, '7de8cc39', '4ace337cf31fdc01bc6709ff613f1f701c8bcad32a9dfc93724a635ff0e7e0ab1656625503', 'e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIm4cxDFmzIwcLcrAsBGShhgcYlrkqCFDRgsyM3CQwVFmho0aNmTQEPEwTJ0xGcvcMCMmRw4ZYVqIsREGRgsaIGO0wBHmxtMYOnfC2CkjBxkzPSGSsbNQBo4YJB_CqSOGolcYFSHCgbMQx42oD-fAmaiDBskaMXLMeNhmb9-_OAXfeDimTV2_MmzAgEF4bFiGD8W4cWMWR1wcOXAUdoOR4QyXMNa2Kb0QJw25deSwWTgDBt4YNxyKqCMjIxo6dODM0fHiBZ44ctyocSGnIJk8Zt7IMVPHjQs3Zei8GMOdDBkYYcSIkWFmjIwYNHTX-DEnRg8b6mnU4FKHsuQ5Mnqk123jRoz67rNhjhl6SCywwQLkasAaDJSMshkUlGwMNtIYY40v0iCjhyHSiGIGLY6ogoYsZGhCjyemiIGNJojIogYmqJAijSeOSIKOJ6ioIo8m0ohhjRPRWKPGKvRwQo0qTFQjiijyoGMOIY54woo1kliiDShaCKKIO9agIYgwnngiDiHiuMOIIIKoIo08grDiDCGwFCIMIqL4oo4qxCCCCSSSkNAGNd4D0L4F1chhP7HgaIOih95QlFERyHhjUR0gckG6MeqY4yAX0nBDOrHGCKOvLWaIoYu15AhKBxhcoEwuR1VdqNVXNcOMVrnksAOyhh6qo440MrpthvHMuOGGFmoYgwxkaTCjDBpWKqOMl2QgwwZixxCjjM-aEisNyETIIQYXcmiVBhlcaIinh-TIMNxxyz033XXFqiOMjJp4Q4802GAjjBdqcBUEFLCIIYYdQGDC0zrwAAEPHGz4Ir6EddUhBxtcTQGEI8q48I0XZIjr1bhAMCIN56TD4wWMXQ11VRGceEKs6b7wKCOZxWID5iKcEOsgO75wjjaGajgWh5s-U00EOc7oTAcZarjrIaC_EEMOu0aLtIyg23iDDM9skIsMOd6orVGFoE71DTzyWIiGdsvAbKDghivuhTAufSPTTcvo9FOQxbojoxjOgkEsNAjnil0R5tA1o7LpGHW6FqxLg44WQHKBjDEK_xnmg77g3HOLKM0qJ51qqKGy0n1jCCcbUl_9pvR8IkPoMvb6YlSKYJeddRG43p0NhJ5cqFQaUIVIjL62NuMnNiZaa-dZGzMNhj4UCAg=', true, false)
};
count++; < /script><noscript><img src="/ / pxl.tsyndicate.com / api / v1 / p / p.js ? p = e0SgKROGTBk5c0ToiFGDhYgwY - gsjPGQzpmFIm4cxDFmzIwcLcrAsBGShhgcYlrkqCFDRgsyM3CQwVFmho0aNmTQEPEwTJ0xGcvcMCMmRw4ZYVqIsREGRgsaIGO0wBHmxtMYOnfC2CkjBxkzPSGSsbNQBo4YJB_CqSOGolcYFSHCgbMQx42oD - fAmaiDBskaMXLMeNhmb9 - _OAXfeDimTV2_MmzAgEF4bFiGD8W4cWMWR1wcOXAUdoOR4QyXMNa2Kb0QJw25deSwWTgDBt4YNxyKqCMjIxo6dODM0fHiBZ44ctyocSGnIJk8Zt7IMVPHjQs3Zei8GMOdDBkYYcSIkWFmjIwYNHTX - DEnRg8b6mnU4FKHsuQ5Mnqk123jRoz67rNhjhl6SCywwQLkasAaDJSMshkUlGwMNtIYY40v0iCjhyHSiGIGLY6ogoYsZGhCjyemiIGNJojIogYmqJAijSeOSIKOJ6ioIo8m0ohhjRPRWKPGKvRwQo0qTFQjiijyoGMOIY54woo1kliiDShaCKKIO9agIYgwnngiDiHiuMOIIIKoIo08grDiDCGwFCIMIqL4oo4qxCCCCSSSkNAGNd4D0L4F1chhP7HgaIOih95QlFERyHhjUR0gckG6MeqY4yAX0nBDOrHGCKOvLWaIoYu15AhKBxhcoEwuR1VdqNVXNcOMVrnksAOyhh6qo440MrpthvHMuOGGFmoYgwxkaTCjDBpWKqOMl2QgwwZixxCjjM - aEisNyETIIQYXcmiVBhlcaIinh - TIMNxxyz033XXFqiOMjJp4Q4802GAjjBdqcBUEFLCIIYYdQGDC0zrwAAEPHGz4Ir6EddUhBxtcTQGEI8q48I0XZIjr1bhAMCIN56TD4wWMXQ11VRGceEKs6b7wKCOZxWID5iKcEOsgO75wjjaGajgWh5s - U00EOc7oTAcZarjrIaC_EEMOu0aLtIyg23iDDM9skIsMOd6orVGFoE71DTzyWIiGdsvAbKDghivuhTAufSPTTcvo9FOQxbojoxjOgkEsNAjnil0R5tA1o7LpGHW6FqxLg44WQHKBjDEK_xnmg77g3HOLKM0qJ51qqKGy0n1jCCcbUl_9pvR8IkPoMvb6YlSKYJeddRG43p0NhJ5cqFQaUIVIjL62NuMnNiZaa - dZGzMNhj4UCAg % 3 D & r = 1 & s = 4 ace337cf31fdc01bc6709ff613f1f701c8bcad32a9dfc93724a635ff0e7e0ab1656625503 & w = t "></noscript> < div style = "width:300px;height:250px;float:left" > < a href = "//tsyndicate.com/do2/click?c=e0SgKROGTBk5c0ToiFGDhYgwY-gslPGQzpmFIm4cxDFmzIwcLcrAsBGShhgcYlrkqCFDRgsyM3CQwVFmho0aNmTQEPEwTJ0xGcvcMCMmRw4ZYVqIsREGRgsaIGO0wBHmxtMYOnfC2CkjBxkzPSGSsUMRRwySD-HUEbMwhlcYMXzCgbMQx42oD-fAmaiDBskaMXLMeNhmb9-_OAXfeDimTV2_MmzAgEF4bFiGD8W4cWM2Lo4cOAq7wchwhksYatuQXoiThlwRdeSwWTgDBt4YNxzGlpERDR06cOboePECTxw5btS4kFOQTB4zb-SYqePGhZsydF6M2U6GDIwwYsTIMDNGRgwaumv8mBOjh430NGpwqUNZ8hwZPdDrtnEjBn37bJhjhh4SC2wwALkSsIYCJaNshgQlG4ONNMZY44s0yOhhiDSimEGLI6qgIQsZmtDjiSliYKMJIrKogQkqpEjjiSOSoOMJKqrIo4k0YljDRDTWoLEKPZxQo4oS1YgiijzomEOII56wYo0klmgDihaCKOKONWgIIownnohDiDjuMCKIIKpII48grDhDiCuFCIOIKL6oowoxiGACiSQitEEN9_6rT0E1ctBPLDjacOuhNxJdVAQy3lBUB4hciG6MOuY4yIU03IhOrDHC6GuLGWLoQi05gtIBBhcog63RVBdi1VXNMJsVNjnsgKyhh-qoI42MbptBPDNuuKGFGsYg41gazCiDhpXKKOMlGciwYdgxxCgDB5LCECsNyETIIQYXcmCVBhlcaIinh-TAMNxxyz033XXFqsNbSpt4Q4802GAjjBdqaBUEFLCIIYYdQGCi0zrwAAEPHGz4Ar6Ec9UhBxtaTQGEI8qw8I0XZIjL1bhAMCKN5qLD4wWMWwVVVRGceEIs6b7wKCOZxWID5iKcEOsgO75ojjaGajAWh5u4TU0EOc7oTAcZarjrIaC_EEMOu0SDtIyg23iDDLNsgI0MOd6ojVGFoEb1DTzyWIiGdsvAbCDghCPuhTAsfQNTTcvg1FOQxbojo7e4FQsNwrliV4Q5cs2obDpEla6F6tKgowWQXCBjjLd-hvmgLzbv3KJJs8pJpxpqqIz03hjCyQbUVb8JPZ_IELqMvb4Q1a3XY19dBK51ZwMhJxcilYZTIRKjr63N-ImNidTaWdbGSoOhDwUCAg%3D%3D&s=2e8a1738f70493f2ee75e59bf0b87248d2bea61f8fd97e0bf26ee3be6757f37d1656625503"
id = "v7de8cc39"
target = "_blank" > < video playsinline preload autoplay loop muted poster = "https://lcdn.tsyndicate.com/images/4/2/5c50472b05b1d7df5eddb6c67aa21f29155a1b/main.jpg"
width = "300"
height = "250"
onloadstart = "u7de8cc39(1)"
onerror = "u7de8cc39(0)" > < source src = "https://lcdn.tsyndicate.com/images/4/2/5c50472b05b1d7df5eddb6c67aa21f29155a1b/main.mp4"
type = "video/mp4" > < /video></a > < script > new openLink(document.getElementById('v7de8cc39')); < /script></div >

< /body></html >
                                    

#4 JavaScript::Write (size: 7752, repeated: 1) - SHA256: 6d93d866ea63c1b2c450ac3d11e28e1e4d28bdf247bc4d9fd0cad5f32ffe7188

                                        < !DOCTYPE html > < html > < head > < meta charset = "UTF-8" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" > < style type = "text/css" > * , body, html {
    margin: 0;padding: 0;border: none;
}
body, html {
    width: 100 % ;height: 100 % ;
}
iframe[seamless] {
    background - color: transparent;
    border: 0 px none transparent;
    padding: 0 px;
    overflow: hidden;
    margin: 0;
} < /style></head > < body > < script src = "//lcdn.tsyndicate.com/sdk/v1/b.b.js" > < /script><script type="text/javascript
">function openLink(e) {this.elmHref = e.href, this.elm = e, this.init()}openLink.prototype = {init: function() {var e = this;this.addEvent("
click ", this.elm, function(t) {var n = t || window.event;n.preventDefault ? n.preventDefault() : n.returnValue = !1, window.open(e.elmHref + e.getPositionCursor(n), "
_blank ")})},getPositionCursor: function(e) {var t = document.documentElement,n = e.pageX || e.clientX + (t.scrollLeft ? t.scrollLeft : document.body.scrollLeft),o = e.pageY || e.clientY + (t.scrollTop ? t.scrollTop : document.body.scrollTop);return " & x = " + n + " & y = " + o},addEvent: function(e, t, n) {if (t.addEventListener) t.addEventListener(e, n, !1);else if (t.attachEvent) return t.attachEvent("
on " + e, n)}};var t = new Date();var d = new PrivacyModeDetector();var count = 0;var processed = 0;var delta;function l(turl, r, cid, s, p, w, cl) {if (!r && window['BackUpCampaignBanner']) {BackUpCampaignBanner();return;}delta = new Date() - t;setTimeout(insertPixel, 1000);d.report(insertPixel);function insertPixel(priv) {if (processed >= count) return false;var qPixel = document.createElement("
script ");var pm = priv === undefined ? '' : '&priv=' + priv;qPixel.src = turl + (turl.match(/&$/) ? '' : '&') + 'r=' + r + '&d=' + delta + pm + (turl.match(/&w=/) ? '' : '&w=' + (w ? 't' : 'f'));document.body.appendChild(qPixel);processed++;}if (cl) { new trackIFrameClick({id:'ts_t_'+cid, params:['s='+s,'p='+p,'t=' + (w ? 't' : 'f')]}); }};</script>




< script type = "text/javascript" > function ude08921f(r) {
    l('//pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIg7CwJFDRgwzLcp8LNOChowcMVrkoHFjRosxOG7IvAFDzIwyM0U8DFNnTMacZsTk8BimhRgbYWCYnJGyBY4wNVvEsCFDBg0YV1GSMbMTIhk7C2XgiAHDxkM4dcRQRAmjIkQ4cBbKpDHj4Rw4E3VgtVEjRg67Itrg1cvXb44bD8e0kbtXhg0YMAIb7MrwoRg3bsTicJsj68M2bjAynGEVBtrQo_vSeFtHDpuFM2DcYH0jx8M6MjKioUMHzhwdL17giSPHjRoXcgqSyWPmjRwzddy4cFOGzosx2MmQgRFGjBgZZsZ8bFmjxo85MXrYaEmjBpc6kR_PkdEjRnkbN2LAl29jzoweDPtrBv6y8q-GAB-LjMD4DByDjTTGWOOLNMjoYYg0pFhDCyqCoOEJKpLAQ4s0YmCjCTWMYIMJKqLIA8Qi6AAxihmayCMGNZ4gYgwanNBjjDuyUMMJNnw8w0U65hDiiCesWCOJJdqAooUgirhjDRqCCOOJJ2wQIo47jAgiiCrSyCMIK84QYo4lkmBDiTO-qKMKMYhgAokkCnxMDfX2a3DPHOzzCo42KHroDUIN1eiNQnWAyAXnxqhjjoNcSMMN57waIwy9tpghhi7QkuMnHWBwIbK3EB11IVNRvayyVt-Sw47GGsKtjjQymm2G78y44YYWahiDDGBpMKMMGlYqY6QWZCDDBl7HEKMMzpLyKo3GREjJBc9cOMmFhmjwSg4Ks92222_D9aqOMDJq4g090mCDjTBeqOFUEFDAIoYYdgCBiUvrwAMEPHCw4Qv2_J1VhxxsODUFEI4oQ8I3XpDBLVTdAsGINJRzDo8XGj5VU1JFcOIJr577YoyST_aKjZKLcMKrg-z4QjnYGKrhVxxmsIGz00SQ4wzNdJChBpkeqvkLMeSYCwely7C5jTfI2MyGt8iQ443YDlXIaFHfwCOPhWh4yOPdevstuBfCgPQNSSktw1JMK_bqjoxiGAsGr9DIOytx75o1o63p4PS5FqRLg44WmnKBjDH0prnkg76AXHKLGqWqBhuqMk-yzHVjqK_Oj65BMqzN_urmMvD6glOKSPf89MCkfp0NhJJcyFMaQoVIDL00KsOMntiYCC2YWVVsNBj6UCAg&s=23585ffcdb52a2d1409cca231523c181564c1b4fdb50a20a8a63cb5ae43802201656625503&w=t', r, 'de08921f', '23585ffcdb52a2d1409cca231523c181564c1b4fdb50a20a8a63cb5ae43802201656625503', 'e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIg7CwJFDRgwzLcp8LNOChowcMVrkoHFjRosxOG7IvAFDzIwyM0U8DFNnTMacZsTk8BimhRgbYWCYnJGyBY4wNVvEsCFDBg0YV1GSMbMTIhk7C2XgiAHDxkM4dcRQRAmjIkQ4cBbKpDHj4Rw4E3VgtVEjRg67Itrg1cvXb44bD8e0kbtXhg0YMAIb7MrwoRg3bsTicJsj68M2bjAynGEVBtrQo_vSeFtHDpuFM2DcYH0jx8M6MjKioUMHzhwdL17giSPHjRoXcgqSyWPmjRwzddy4cFOGzosx2MmQgRFGjBgZZsZ8bFmjxo85MXrYaEmjBpc6kR_PkdEjRnkbN2LAl29jzoweDPtrBv6y8q-GAB-LjMD4DByDjTTGWOOLNMjoYYg0pFhDCyqCoOEJKpLAQ4s0YmCjCTWMYIMJKqLIA8Qi6AAxihmayCMGNZ4gYgwanNBjjDuyUMMJNnw8w0U65hDiiCesWCOJJdqAooUgirhjDRqCCOOJJ2wQIo47jAgiiCrSyCMIK84QYo4lkmBDiTO-qKMKMYhgAokkCnxMDfX2a3DPHOzzCo42KHroDUIN1eiNQnWAyAXnxqhjjoNcSMMN57waIwy9tpghhi7QkuMnHWBwIbK3EB11IVNRvayyVt-Sw47GGsKtjjQymm2G78y44YYWahiDDGBpMKMMGlYqY6QWZCDDBl7HEKMMzpLyKo3GREjJBc9cOMmFhmjwSg4Ks92222_D9aqOMDJq4g090mCDjTBeqOFUEFDAIoYYdgCBiUvrwAMEPHCw4Qv2_J1VhxxsODUFEI4oQ8I3XpDBLVTdAsGINJRzDo8XGj5VU1JFcOIJr577YoyST_aKjZKLcMKrg-z4QjnYGKrhVxxmsIGz00SQ4wzNdJChBpkeqvkLMeSYCwely7C5jTfI2MyGt8iQ443YDlXIaFHfwCOPhWh4yOPdevstuBfCgPQNSSktw1JMK_bqjoxiGAsGr9DIOytx75o1o63p4PS5FqRLg44WmnKBjDH0prnkg76AXHKLGqWqBhuqMk-yzHVjqK_Oj65BMqzN_urmMvD6glOKSPf89MCkfp0NhJJcyFMaQoVIDL00KsOMntiYCC2YWVVsNBj6UCAg', true, false)
};
count++; < /script><noscript><img src="/ / pxl.tsyndicate.com / api / v1 / p / p.js ? p = e0SgKROGTBk5c0ToiFGDhYgwY - gsjPGQzpmFIg7CwJFDRgwzLcp8LNOChowcMVrkoHFjRosxOG7IvAFDzIwyM0U8DFNnTMacZsTk8BimhRgbYWCYnJGyBY4wNVvEsCFDBg0YV1GSMbMTIhk7C2XgiAHDxkM4dcRQRAmjIkQ4cBbKpDHj4Rw4E3VgtVEjRg67Itrg1cvXb44bD8e0kbtXhg0YMAIb7MrwoRg3bsTicJsj68M2bjAynGEVBtrQo_vSeFtHDpuFM2DcYH0jx8M6MjKioUMHzhwdL17giSPHjRoXcgqSyWPmjRwzddy4cFOGzosx2MmQgRFGjBgZZsZ8bFmjxo85MXrYaEmjBpc6kR_PkdEjRnkbN2LAl29jzoweDPtrBv6y8q - GAB - LjMD4DByDjTTGWOOLNMjoYYg0pFhDCyqCoOEJKpLAQ4s0YmCjCTWMYIMJKqLIA8Qi6AAxihmayCMGNZ4gYgwanNBjjDuyUMMJNnw8w0U65hDiiCesWCOJJdqAooUgirhjDRqCCOOJJ2wQIo47jAgiiCrSyCMIK84QYo4lkmBDiTO - qKMKMYhgAokkCnxMDfX2a3DPHOzzCo42KHroDUIN1eiNQnWAyAXnxqhjjoNcSMMN57waIwy9tpghhi7QkuMnHWBwIbK3EB11IVNRvayyVt - Sw47GGsKtjjQymm2G78y44YYWahiDDGBpMKMMGlYqY6QWZCDDBl7HEKMMzpLyKo3GREjJBc9cOMmFhmjwSg4Ks92222_D9aqOMDJq4g090mCDjTBeqOFUEFDAIoYYdgCBiUvrwAMEPHCw4Qv2_J1VhxxsODUFEI4oQ8I3XpDBLVTdAsGINJRzDo8XGj5VU1JFcOIJr577YoyST_aKjZKLcMKrg - z4QjnYGKrhVxxmsIGz00SQ4wzNdJChBpkeqvkLMeSYCwely7C5jTfI2MyGt8iQ443YDlXIaFHfwCOPhWh4yOPdevstuBfCgPQNSSktw1JMK_bqjoxiGAsGr9DIOytx75o1o63p4PS5FqRLg44WmnKBjDH0prnkg76AXHKLGqWqBhuqMk - yzHVjqK_Oj65BMqzN_urmMvD6glOKSPf89MCkfp0NhJJcyFMaQoVIDL00KsOMntiYCC2YWVVsNBj6UCAg & r = 1 & s = 23585 ffcdb52a2d1409cca231523c181564c1b4fdb50a20a8a63cb5ae43802201656625503 & w = t "></noscript> < div style = "width:300px;height:250px;float:left" > < a href = "//tsyndicate.com/do2/click?c=e0SgKROGTBk5c0ToiFGDhYgwY-gslPGQzpmFIg7CwJFDRgwzLcp8LNOChowcMVrkoHFjRosxOG7IvAFDzIwyM0U8DFNnTMacZsTk8BimhRgbYWCYnJGyBY4wNVvEsCFDBg0YV1GSMbMTIhk7FHHEgGHjIZw6YhbGQAkjBk84cBbKpDHj4Rw4E3VgtVEjRg67Itrg1cvXb44bD8e0kbtXhg0YMAIb7MrwoRg3bsS6zZH1YRs3GBnOsArjLGjRfWm8FVFHDpuFM2DcWH0jx8M6MjKioUMHzhwdL17giSPHjRoXcgqSyWPmjRwzddy4cFOGzosx2MmQgRFGjBgZZsZ8bFmjxo85MXrYaEmjBpc6kR_PkdEjRnkbN2LAl29jzoweDPtrBv6y8q-GAB-LjMD4DByDjTTGWOOLNMjoYYg0pFhDCyqCoOEJKpLAQ4s0YmCjCTWMYIMJKqLIA8Qi6AAxihmayCMGNZ4gYgwanNBjjDuyUMMJNnw8w0U65hDiiCesWCOJJdqAooUgirhjDRqCCOOJJ2wQIo47jAgiiCrSyCMIK84QYo4lkmBDiTO-qKMKMYhgAokkCnxMDfX2a3DPHOzzCo421nroDUIN1eiNQnWAyAXnxqhjjoNcSMMN57waIwy9tpghhi7OkuMnHWBwITLWEB11IVNRvayyVlmTw47GGsKtjjQymm2G78y44YYWahiDDGBpMKMMGlYqY6QWZCDDBl7HEKMMHMoKw6s0GhMhJRc6c-EkFxqiwSs5KNSWW2_BFderOq51tIk39EiDDTbCeKGGU0FAAYsYYtgBBCYurQMPEPDAwYYv2Pt3Vh1ysOHUFEA4ogwJ33hBBrdQdQsEI9JQzjk8XnD4VE1JFcGJJ7x67osxTEbZKzZMLsIJrw6y4wvlYGOohl9xmMGGak0TQY4zNNNBhhpkesjmL8SQYy4cli7j5jbeIEMsG1gjQ443YjtUoaNFfQOPPBai4aGPd-vtt-BeCAPSNySltAxLMbXYqzsyYqtar9DQO6tx75o1I67p4PS5FqRLg44WmnKBjDHYqtnkg76AXHKLGqWqBhuqMk-yzHVjqK_Oka5Bsqwd-grnMvD6gtO1SPf89MCmfp0NhJJcyFMaQoVIDL00KsOMntiY6KyYWVVMNBj6UCAg&s=9457acff837ea6294ea70cc6826f1d16db6254862ef2814d2b8b1395f68344a81656625503"
id = "vde08921f"
target = "_blank" > < video playsinline preload autoplay loop muted poster = "https://lcdn.tsyndicate.com/images/2/f/f7d20b48b7af2dc8adfb5d1e29697b380e0ca4/main.jpg"
width = "300"
height = "250"
onloadstart = "ude08921f(1)"
onerror = "ude08921f(0)" > < source src = "https://lcdn.tsyndicate.com/images/2/f/f7d20b48b7af2dc8adfb5d1e29697b380e0ca4/main.mp4"
type = "video/mp4" > < /video></a > < script > new openLink(document.getElementById('vde08921f')); < /script></div >

< /body></html >
                                    

#5 JavaScript::Write (size: 449, repeated: 1) - SHA256: 9524621c7f4d8fac4161095ac512d69df866d67f58ad26324b41dbc39d245af9

                                        < div style = "width:300px;height:250px;" >
    < script id = "adn-4787912"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4787912?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div>
                                    

#6 JavaScript::Write (size: 466, repeated: 1) - SHA256: 7e39e1ccad5d1f4baf21a097c72621648e45cb2a83029705e97c51036a870350

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788749"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788749?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#7 JavaScript::Write (size: 466, repeated: 1) - SHA256: b5272c53eb4935fda2b3d6dc53f72c170823461564078417c6da556b68d47dfc

                                        < center > < div style = "width:900px;height:250px;" >
    < script id = "adn-4788750"
data - sub = ""
type = "text/javascript" >
    (function(node) {
        var adn = document.createElement("script");
        adn.type = "text/javascript", adn.async = true, adn.src = "//a.bestcontentfood.top/warp/4788750?r=" + Math.floor(Math.random() * 99999);
        node.appendChild(adn);
    })(document.getElementsByTagName("script")[document.getElementsByTagName("script").length - 1].parentNode); < /script> < /div></center >
                                    

#8 JavaScript::Write (size: 1039, repeated: 1) - SHA256: d3899377f69babd32698438b5ce683db6153d0b4e8ffcabcf542890ef5563a00

                                        < div id = "ts_ad_native_atxjr" > < /div> < script src = "//cdn.tsyndicate.com/sdk/v1/master.spot.js" > < /script> < script >
    TsMasterSpot({
        "containerId": "ts_ad_native_atxjr",
        "spot": "WF8qxoGQpTQRg0uYg8RBqicfsIjfiOk4",
        "nativeSettings": {
            "cols": 5,
            "rows": 1,
            "titlePosition": "none",
            "adsByPosition": "none",
            "type": "label-under",
            "styles": {
                "container": {
                    "width": "100%"
                },
                "thumb": {
                    "border-radius": "4px"
                },
                "label": {
                    "height": "80px",
                    "background": "rgba(255,255,255,0.65)"
                },
                "headlineLink": {
                    "padding-top": "5px",
                    "font-size": "12px",
                    "font-weight": "bold",
                    "min-height": "45px"
                },
                "brandnameLink": {
                    "color": "#444"
                }
            }
        }
    }); < /script>
                                    

#9 JavaScript::Write (size: 7788, repeated: 1) - SHA256: ef7edbad63dc95f764999e9df49734f4e21c46c9fcfa2c36aa80dadd2a02c29a

                                        < !DOCTYPE html > < html > < head > < meta charset = "UTF-8" > < meta http - equiv = "X-UA-Compatible"
content = "ie=edge" > < meta name = "viewport"
content = "width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0" > < style type = "text/css" > * , body, html {
    margin: 0;padding: 0;border: none;
}
body, html {
    width: 100 % ;height: 100 % ;
}
iframe[seamless] {
    background - color: transparent;
    border: 0 px none transparent;
    padding: 0 px;
    overflow: hidden;
    margin: 0;
} < /style></head > < body > < script src = "//lcdn.tsyndicate.com/sdk/v1/b.b.js" > < /script><script type="text/javascript
">function openLink(e) {this.elmHref = e.href, this.elm = e, this.init()}openLink.prototype = {init: function() {var e = this;this.addEvent("
click ", this.elm, function(t) {var n = t || window.event;n.preventDefault ? n.preventDefault() : n.returnValue = !1, window.open(e.elmHref + e.getPositionCursor(n), "
_blank ")})},getPositionCursor: function(e) {var t = document.documentElement,n = e.pageX || e.clientX + (t.scrollLeft ? t.scrollLeft : document.body.scrollLeft),o = e.pageY || e.clientY + (t.scrollTop ? t.scrollTop : document.body.scrollTop);return " & x = " + n + " & y = " + o},addEvent: function(e, t, n) {if (t.addEventListener) t.addEventListener(e, n, !1);else if (t.attachEvent) return t.attachEvent("
on " + e, n)}};var t = new Date();var d = new PrivacyModeDetector();var count = 0;var processed = 0;var delta;function l(turl, r, cid, s, p, w, cl) {if (!r && window['BackUpCampaignBanner']) {BackUpCampaignBanner();return;}delta = new Date() - t;setTimeout(insertPixel, 1000);d.report(insertPixel);function insertPixel(priv) {if (processed >= count) return false;var qPixel = document.createElement("
script ");var pm = priv === undefined ? '' : '&priv=' + priv;qPixel.src = turl + (turl.match(/&$/) ? '' : '&') + 'r=' + r + '&d=' + delta + pm + (turl.match(/&w=/) ? '' : '&w=' + (w ? 't' : 'f'));document.body.appendChild(qPixel);processed++;}if (cl) { new trackIFrameClick({id:'ts_t_'+cid, params:['s='+s,'p='+p,'t=' + (w ? 't' : 'f')]}); }};</script>




< script type = "text/javascript" > function u8cf1fb27(r) {
    l('//pxl.tsyndicate.com/api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFInCMMRPDjBgZN1rQCGNDJI0YMsK0wGFmYwsyZMTEIFPDRpgwMGKIEfEwTJ0xGcvc-Jgjh8oWYm7CGDkjRwyWYW4wjWFDhgwaMLDKyEHGTE-IZOwslIEjBgwbD-HU4cmQq06fcOAsxHGDxoyHc-BM1JHVRo0YOfCKaKOXr1_AOW48HNNmbl8ZNmDAGGzwK8OHYty4IYtDJw7QD9u4wchwxlUYakeX_ovyYR05bBbOgGG3qkMRdWRkREOHDpw5Ol68wBNHjhs1LuQUJJPHzBs5Zuq4ceGmDJ0XY7LHhBFGDEgzY2TEoHGjRo0fc2L0sFGeRg0udSZHniOjB3nzJmPEn29jzoweEAtsBv608q-GACObjED5DByDjTTGWOOLNMjoYYg0oqAhCxmywEOLNpLIw4k8JsuCiixmYIKKKPBooo0i6HjiiCw2zCOGNbQ4IokPiaiiwyuKuKOJK5KIIg865hDiiCesWCOJJdqAooUghFyDhiDCeOKJIYSI4w4jggiiijTyCMKKM4RIgokoarjhjC_qqEIMIphAIokCI1Njvf0a1DOH-8CCow2KHnpj0EJFIOMNQnWAyIXnxqhjjoNcSMON58AaIwy-tpghhi7UkiMoHWBwYbKKRDh01IVMRTWzy1xNVQ47HmvotTrSyKi2Gb4z4waRahiDjJPMKIOGFnIoowwZWpCBDBt6HUOMMjy7Caw0HhPhKRdyMJUGGVxoiAaw5KBQW269dQFccWsg97UwMmriDT3SYIONMF6o4VQQUMAihhh2AIGJS-vAAwQ8cLDhi_YEplWHHGw4NQUQjihDwjdekEEnVHUCwYg0lnsOjxciPlVTUkVw4gmwoPtijJRXBouNlItwAqyD7PhiOdkYcvMGHGawwbPURJDjDM50kKGGuh7K-Qsx5KALB6fL0LmNN8jozIZUyZDjjdkMVUhpUd_AI4-FaHhIZN58A064F8KA9A1JKS3DUkwzBuuOjFLyDCw0-tbqXRHmoDWjr-ngFLoWpkuDjhaccoGMMVLCOeWDvqDccosavc0Gq86jrPPdGPoL9KVroIxrtcPauQy9vuCUotNDV30wq2VnA6EkF_KUhlAhEoMvRcsw4yc2JlKL5lYZKw2GPhQICA%3D%3D&s=4d869670120635c22dae13341beb05bc605f4079dd63e0898571aa6702a8cf2d1656625503&w=t', r, '8cf1fb27', '4d869670120635c22dae13341beb05bc605f4079dd63e0898571aa6702a8cf2d1656625503', 'e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFInCMMRPDjBgZN1rQCGNDJI0YMsK0wGFmYwsyZMTEIFPDRpgwMGKIEfEwTJ0xGcvc-Jgjh8oWYm7CGDkjRwyWYW4wjWFDhgwaMLDKyEHGTE-IZOwslIEjBgwbD-HU4cmQq06fcOAsxHGDxoyHc-BM1JHVRo0YOfCKaKOXr1_AOW48HNNmbl8ZNmDAGGzwK8OHYty4IYtDJw7QD9u4wchwxlUYakeX_ovyYR05bBbOgGG3qkMRdWRkREOHDpw5Ol68wBNHjhs1LuQUJJPHzBs5Zuq4ceGmDJ0XY7LHhBFGDEgzY2TEoHGjRo0fc2L0sFGeRg0udSZHniOjB3nzJmPEn29jzoweEAtsBv608q-GACObjED5DByDjTTGWOOLNMjoYYg0oqAhCxmywEOLNpLIw4k8JsuCiixmYIKKKPBooo0i6HjiiCw2zCOGNbQ4IokPiaiiwyuKuKOJK5KIIg865hDiiCesWCOJJdqAooUghFyDhiDCeOKJIYSI4w4jggiiijTyCMKKM4RIgokoarjhjC_qqEIMIphAIokCI1Njvf0a1DOH-8CCow2KHnpj0EJFIOMNQnWAyIXnxqhjjoNcSMON58AaIwy-tpghhi7UkiMoHWBwYbKKRDh01IVMRTWzy1xNVQ47HmvotTrSyKi2Gb4z4waRahiDjJPMKIOGFnIoowwZWpCBDBt6HUOMMjy7Caw0HhPhKRdyMJUGGVxoiAaw5KBQW269dQFccWsg97UwMmriDT3SYIONMF6o4VQQUMAihhh2AIGJS-vAAwQ8cLDhi_YEplWHHGw4NQUQjihDwjdekEEnVHUCwYg0lnsOjxciPlVTUkVw4gmwoPtijJRXBouNlItwAqyD7PhiOdkYcvMGHGawwbPURJDjDM50kKGGuh7K-Qsx5KALB6fL0LmNN8jozIZUyZDjjdkMVUhpUd_AI4-FaHhIZN58A064F8KA9A1JKS3DUkwzBuuOjFLyDCw0-tbqXRHmoDWjr-ngFLoWpkuDjhaccoGMMVLCOeWDvqDccosavc0Gq86jrPPdGPoL9KVroIxrtcPauQy9vuCUotNDV30wq2VnA6EkF_KUhlAhEoMvRcsw4yc2JlKL5lYZKw2GPhQICA==', true, false)
};
count++; < /script><noscript><img src="/ / pxl.tsyndicate.com / api / v1 / p / p.js ? p = e0SgKROGTBk5c0ToiFGDhYgwY - gsjPGQzpmFInCMMRPDjBgZN1rQCGNDJI0YMsK0wGFmYwsyZMTEIFPDRpgwMGKIEfEwTJ0xGcvc - Jgjh8oWYm7CGDkjRwyWYW4wjWFDhgwaMLDKyEHGTE - IZOwslIEjBgwbD - HU4cmQq06fcOAsxHGDxoyHc - BM1JHVRo0YOfCKaKOXr1_AOW48HNNmbl8ZNmDAGGzwK8OHYty4IYtDJw7QD9u4wchwxlUYakeX_ovyYR05bBbOgGG3qkMRdWRkREOHDpw5Ol68wBNHjhs1LuQUJJPHzBs5Zuq4ceGmDJ0XY7LHhBFGDEgzY2TEoHGjRo0fc2L0sFGeRg0udSZHniOjB3nzJmPEn29jzoweEAtsBv608q - GACObjED5DByDjTTGWOOLNMjoYYg0oqAhCxmywEOLNpLIw4k8JsuCiixmYIKKKPBooo0i6HjiiCw2zCOGNbQ4IokPiaiiwyuKuKOJK5KIIg865hDiiCesWCOJJdqAooUghFyDhiDCeOKJIYSI4w4jggiiijTyCMKKM4RIgokoarjhjC_qqEIMIphAIokCI1Njvf0a1DOH - 8 CCow2KHnpj0EJFIOMNQnWAyIXnxqhjjoNcSMON58AaIwy - tpghhi7UkiMoHWBwYbKKRDh01IVMRTWzy1xNVQ47HmvotTrSyKi2Gb4z4waRahiDjJPMKIOGFnIoowwZWpCBDBt6HUOMMjy7Caw0HhPhKRdyMJUGGVxoiAaw5KBQW269dQFccWsg97UwMmriDT3SYIONMF6o4VQQUMAihhh2AIGJS - vAAwQ8cLDhi_YEplWHHGw4NQUQjihDwjdekEEnVHUCwYg0lnsOjxciPlVTUkVw4gmwoPtijJRXBouNlItwAqyD7PhiOdkYcvMGHGawwbPURJDjDM50kKGGuh7K - Qsx5KALB6fL0LmNN8jozIZUyZDjjdkMVUhpUd_AI4 - FaHhIZN58A064F8KA9A1JKS3DUkwzBuuOjFLyDCw0 - tbqXRHmoDWjr - ngFLoWpkuDjhaccoGMMVLCOeWDvqDccosavc0Gq86jrPPdGPoL9KVroIxrtcPauQy9vuCUotNDV30wq2VnA6EkF_KUhlAhEoMvRcsw4yc2JlKL5lYZKw2GPhQICA % 3 D % 3 D & r = 1 & s = 4 d869670120635c22dae13341beb05bc605f4079dd63e0898571aa6702a8cf2d1656625503 & w = t "></noscript> < div style = "width:300px;height:250px;float:left" > < a href = "//tsyndicate.com/do2/click?c=e0SgKROGTBk5c0ToiFGDhYgwY-gslPGQzpmFInCMMRPDjBgZN1rQCGNDJI0YMsK0wGFmYwsyZMTEIFPDRpgwMGKIEfEwTJ0xGcvc-Jgjh8oWYm7CGDkjRwyWYW4wjWFDhgwaMLDKyEHGTE-IZOxQxBEDho2HcOrwZMhVp084cBbiuEFjxsM5cCbqyGqjRowcd0W0ybu3798cNx6OaSOXrwwbMGAINviV4UMxbtyQ1YnD88M2bjAynHEVRtrQo_2ifFhHDpuFM2DUrepQRB0ZGdHQoQNnjo4XL_DEkeNGjQs5BcnkMfNGjpk6bly4KUPnxZjrMWGEEQPSzBgZMWjcqFHjx5wYPWyMp1GDSx3JkOfI6CGevMkY7-PbmDOjx2HAZtBPK_5q-A8yyQSEj8Ax2EhjjDW-SIOMHoZIIwoaspAhCzy0aCOJPJzIQ7IsqMhiBiaoiAKPJtoogo4njsgiwzxiWEOLI5LokIgqNryiiDuauCKJKPKgYw4hjnjCijWSWKINKFoIAsg1aAgijCeeGEKIOO4wIoggqkgjjyCsOEOIJJiIooYbzviijirEIIIJJJIYEDI10stvQTxzqA8sONpYKIaH3gh00IfIeENQHSByobkx6pjjIBfScKM5sMYIY68tZoihi7TkCEoHGFyQjFARDBV1oVJPxcyyVlGVww7HGmqtjjQymm2G7sy4QaQaxiDjJDPKoKGFHMooQ4YWZCDDBl7HEKMMHM4KA6w0HBPhKRdyKJUGGVxoiAaw5JBQW269dQFccWsgt7VrG23iDT3SYIONMF6owVQQUMAihhh2AIEJS-vAAwQ8cLDhi_UEnlWHHGwwNQUQjigDwjdekEGnU3UCwYg0kmsOjxciNjXTUUVw4gmwnPtijJRXBouNlItwAqyD7PgiOdgYYvMGHGawodrTRJDjjM10kKEGuhItQ2cx5JgLB6d1buMNMsiyAVUy5HgjtkIVUjrUN_DIYyEaHhJZN958A-6FMB59I9JJy6j00ozBuiOjlKoFCw2-tXpXhDlmzchrOjZ1roXo0qCjBadcIGOMlHBO-aAvJq_cIkZrs8Gq8ibjPDeG_Pp86Rom2zrtsHYuI68vNh3UdNBTF-zp2NlA6MiFOqUBVIjE2EuEg8z4iY2J0qKZ1cVGg6EPBQIC&s=e6aaec9d60f4b9738ef5d8f9dca0ccef89a90a66d3828a53636d1e0016fabc571656625503"
id = "v8cf1fb27"
target = "_blank" > < video playsinline preload autoplay loop muted poster = "https://lcdn.tsyndicate.com/images/a/0/cf0182692f583c2e15ea2431742ff27d21d567/main.jpg"
width = "300"
height = "250"
onloadstart = "u8cf1fb27(1)"
onerror = "u8cf1fb27(0)" > < source src = "https://lcdn.tsyndicate.com/images/a/0/cf0182692f583c2e15ea2431742ff27d21d567/main.mp4"
type = "video/mp4" > < /video></a > < script > new openLink(document.getElementById('v8cf1fb27')); < /script></div >

< /body></html >
                                    


HTTP Transactions (149)


Request Response
                                        
                                            GET /video/61a9022f44a9b903f78ac06c HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.26.0.188
HTTP/1.1 302 Found
                                        
Date: Thu, 30 Jun 2022 21:44:56 GMT
Content-Length: 0
Connection: keep-alive
location: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
cache-control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqsI1OZFjixO4p7ge95cObzFaq5R1g%2BVtu4DaqqOJpYfd3nyA1c1RlOtCeEHQg%2Bpq3XPos6L4ouAd3p4wIMhsau2TD3WfwwFI2FUcPek9krEYrzUB4FkGIgUiNQ2Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 723a160a6f8d1c0e-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F"
Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 30 Jun 2022 23:51:31 GMT
Date: Thu, 30 Jun 2022 21:44:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 30 Jun 2022 20:48:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: e37qE46tMJn17lgzm29lYffwSpbw86P3qadfNQRdwXuMMpD_wlrp-w==
Age: 3375


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 30 Jun 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c2LUt3v7PF6pB5o0Lbo1XzS6AMwF__x-wuhayLUD_kvtWvRx9eGj-g==
age: 65895
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:44:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /_next/static/chunks/59.edff5ae0d8d83054b552.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:20:14 GMT
etag: W/"c8b-179fb71df0d"
cf-cache-status: HIT
age: 23082565
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8y%2FJ1enyIDD9BtTsQ%2FQDKJ41VLAqJKdNZVSgvspGXsyp4QdcFhTXuHBMhsmngw4DGq%2FTAKsuWx2kq3MVx0WJUDQ%2B0e%2B1BjvDXfW6JxdAXOvz7ruC%2BXUx1RIUlXhiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a160f2ae2b518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3211), with no line terminators
Size:   1977
Md5:    cfe2a20031f7d88da532034769a7a92e
Sha1:   b73214c44c15344874aa0ab1c8a651df3728af54
Sha256: a28124e4098a9ed06c8e016c2dba5d47e4f4a02cb59c61332993a74cec9c978c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 18:36:56 GMT
Expires: Mon, 04 Jul 2022 18:36:56 GMT
ETag: ED6565E8F836BACF81B556DFBF5C8B50FF38A920
Cache-Control: max-age=333718,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a160fac020b4d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 18:36:56 GMT
Expires: Mon, 04 Jul 2022 18:36:56 GMT
ETag: ED6565E8F836BACF81B556DFBF5C8B50FF38A920
Cache-Control: max-age=333718,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a160fdffcb500-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 18:36:56 GMT
Expires: Mon, 04 Jul 2022 18:36:56 GMT
ETag: ED6565E8F836BACF81B556DFBF5C8B50FF38A920
Cache-Control: max-age=333718,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a160fdd6dfab4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 18:36:56 GMT
Expires: Mon, 04 Jul 2022 18:36:56 GMT
ETag: ED6565E8F836BACF81B556DFBF5C8B50FF38A920
Cache-Control: max-age=333718,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a160fda69b4f4-OSL

                                        
                                            GET /thumbnail/cu2b6HOgw6--rGjD_Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: image/jpeg
content-length: 13199
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13199
Md5:    664767add3e0eccb4b2466972261fc10
Sha1:   e03635075790493b8de14d327207d66402b02fb8
Sha256: fcb16c06556b8f7b53299b711ef05d39635076fa930e402c7eff0620e2809ab6
                                        
                                            GET /thumbnail/J-ibvnD1m6zqq2iQ_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: image/jpeg
content-length: 12291
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   12291
Md5:    44dda25ede482ff89be22ef60e59d5f8
Sha1:   0d18faffada7eeef728ce387282d29b432b41fd0
Sha256: fbd04c2536abfd09b0a4cabbd309207cf919a3ffeafd3fb9a4e4a6cea43907b3
                                        
                                            GET /thumbnail/I-TGuiKunKvl_G2e-A/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: image/jpeg
content-length: 10703
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10703
Md5:    bc4631bb7823e182b071b525b11ed3f2
Sha1:   9e1bfc76cb45272b9a7eeb5239712dae7cf461a0
Sha256: a1bd6d391a0f148dcc82a2443bc6442fc09dd4c1b5aaf44391f1a43e2eb5bb81
                                        
                                            GET /thumbnail/IL6R737znKzk8G6S_Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: image/jpeg
content-length: 13818
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13818
Md5:    4d97de356c502aa7590ea193f2d329d7
Sha1:   3bc4f409f292ed5ad0b183bd8c78537246d035ad
Sha256: f7b17faf89409d042ac13d6f41858d99fe1085cd77ef065b31f4ca99b4f07917
                                        
                                            GET /cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656619200 HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ws1IMnMpKheD7oD%2FLGbMJCbLH00P01mP6zx9fzZxGvO9QPxYprvAXbhtD1mVA0YgLhPihzd%2BR4Oq718F3Kl5acRu478gW6mGciNiw1KjpSYANSYB4noF%2F8J92dSs6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 723a160f3afbb518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48262), with no line terminators
Size:   16899
Md5:    0cff741f755ba0919446b19871ad5677
Sha1:   066a82298c8e5e31a99d77119359dd67bfbde783
Sha256: ed2d71ccd87b751532881e4ffbb35992238e4521c8ba905a000b74896591589e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Date: Thu, 30 Jun 2022 21:44:58 GMT
Last-Modified: Thu, 30 Jun 2022 21:20:03 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/logo-tv-light.svg HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Tue, 28 Jun 2022 11:04:24 GMT
etag: W/"101b-181a9fbdb32"
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbxmRSlMIoZzErhJxiXQpGzLXw%2B0dfFavGM3WKNPtSNEZGeZJ1tJdIW0IDKrFRX7NLUB7hk6zou62J%2Fr70k1LZTwkcVE%2B5fzKsQ6aoHen5h9syKGMGcBiqBYbdJXrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a160f3afcb518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1395)
Size:   50996
Md5:    72a7bb88305aa687db1d5f9e080f9ac2
Sha1:   e6af37cc1ab87f1bd78a26303a9564cde40df39f
Sha256: c44f0cbf7e609c2cf1c433253edd358a9c877974d0ef8c201986d85b0e605772
                                        
                                            GET /thumbnail/ded556b5b5c25/main/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:44:59 GMT
content-type: image/jpeg
content-length: 45549
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1440x1080, components 3\012- data
Size:   45549
Md5:    066ac795b6621b723ed2c27ec18b126d
Sha1:   2c95be8e63e1452470139f5e9622e723fb2be112
Sha256: 47511a3dc04767a658d97bbae35f2f17fd4b307ec1ee5686b623d15754e9b396
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /video/61a9022f44a9b903f78ac06c HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: text/html; charset=utf-8
vary: Origin
set-cookie: visitorId=5zxq3zaaragj1v7faq00z; Domain=xfantazy.com; Path=/; Expires=Wed, 30 Jun 2032 21:44:56 GMT; HttpOnly experiment-popup-payment-7=0; Path=/; Expires=Thu, 07 Jul 2022 21:44:56 GMT experiment-save-to-button-2=0; Path=/; Expires=Thu, 07 Jul 2022 21:44:56 GMT
x-powered-by: Next.js
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQmE0mH1%2BFUtkA7yjDaHDxw87bYbRl7id5%2FEm3c5wfYiVD9u3PpOMnWfP4CkbAB9vLGI1NQt%2BG2PXgfhaUqogjQCR4uMXGFwRYKTaqxyo0Zyl%2FpqX1Mw0%2BmBrjhTOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a160b6deab518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18582)
Size:   26575
Md5:    5e4dc93d27823415f9820b19778eda1e
Sha1:   80487740ec0a95b1f87f50f065cf6d714d39a95b
Sha256: 52dae1ac0c884c7d00f5074601253ec6fe3c7860844030d26bb7273903045965
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:08 GMT
expires: Thu, 29 Jun 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 94251
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Jun 2022 19:34:08 GMT
expires: Thu, 29 Jun 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 94251
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Jun 2022 14:08:12 GMT
expires: Fri, 30 Jun 2023 14:08:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 27407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /static/xf-small.png HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:59 GMT
content-type: image/png
content-length: 1153
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Tue, 28 Jun 2022 11:04:24 GMT
etag: W/"481-181a9fbdb54"
cf-cache-status: HIT
age: 1900
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FafnJdolDaZZwFIjVy1tUxdkG4C%2Feg5V%2B3shoStBCWRG3u73Q0e2RAZU5b9cy76vg3XMCt7TLSgGmK4E7z3v7fusfpZi0qwY1LnnWsuTW0wkCQyrXIRcGdaQ90WuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a161968fab518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1153
Md5:    73788af337ff4a5e7c8d8ea19dba155f
Sha1:   e0bd72878475603f40ebd05077c626816ed3285c
Sha256: be4a320fd44fdaaced2a2056ff7a4c0765a6ed0996c9b4c94a0cb2458967e8df
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3ruusAs6bxeULfcuB+myRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.244.16.100
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IXDQy2xbV2WFaALef3JtxRTvShk=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15377
Expires: Fri, 01 Jul 2022 02:01:16 GMT
Date: Thu, 30 Jun 2022 21:44:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15377
Expires: Fri, 01 Jul 2022 02:01:16 GMT
Date: Thu, 30 Jun 2022 21:44:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15377
Expires: Fri, 01 Jul 2022 02:01:16 GMT
Date: Thu, 30 Jun 2022 21:44:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fcc5842-a443-4bb1-a689-f28c01b745d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9710
x-amzn-requestid: 6aec1475-75ca-46b7-aed0-ff0a0ebc11d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UNxbeG-CoAMF3iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b562af-55a10f216adb43b52f8a926d;Sampled=0
x-amzn-remapped-date: Fri, 24 Jun 2022 07:07:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HAWujXP-aza5Dp2gr_ySa0-UjFl1QTFbjPt7BZ2HAieBSjNIwf5b9Q==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 06:13:29 GMT
age: 55890
etag: "6d4224b6145195d964e816cb631f0603e868633c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9710
Md5:    c52a3f896f5495cefda3553d6eeda635
Sha1:   6d4224b6145195d964e816cb631f0603e868633c
Sha256: 5c18fcf31c02d9e722855dac322475509a01b2da03e2ba4023ddad43b5bb3ce6
                                        
                                            GET /_next/static/chunks/commons.c6be2f5ddce0c474c306.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 11 Jun 2021 14:18:38 GMT
etag: W/"152f30-179fb706939"
cf-cache-status: HIT
age: 23082565
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciXoWq12vjG2tuhwAwn4EQjwpXLWxaU1IIcrxJ%2BlJEKwj2bQ4d3ZGvP5UjcUnjg%2FnbqTMsK3CrAVYeS0VFPDJnQ7rVGK8nDv64Nwc6aLTPBDJw3fzzN%2BcM3h3r1xWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a160f1ad2b518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   410696
Md5:    0bffc8a8a0e8bec9eb4230363d5efa5a
Sha1:   f8471fb355a4a0995d5fcfe2ef77b77d525d29a5
Sha256: 428795fd4894641b28de258bf78c83767b93b43fee961c1f5575ad946f7089cc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11303
x-amzn-requestid: bb4e28bd-b8fe-46aa-b7e1-9df6f52c9d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeQW-EnzIAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbfa92-4788a606125c42431ba5c73a;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:09:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FECr8vnUNXIJXah4ilgSdBbkbjEIYjsLUdys3R4NE65S9iuOzjcSwQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 07:43:44 GMT
age: 50475
etag: "91d2dc48008a198adb2b740bec1843a146f826c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11303
Md5:    b38a21dc4af2a753ec1149a58eca2ee2
Sha1:   91d2dc48008a198adb2b740bec1843a146f826c1
Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
                                        
                                            GET /_next/static/chunks/7.38d845e9473548212694.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"97ba-181397f9e55"
cf-cache-status: HIT
age: 2065890
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6B5rQ0kLJYqphEpiQpO7s6sz65lV4E81i61vooqVFN5MnsNb1QVuIrzeNlxhUIV5%2BArWi17WGR2E3EMicfeSFy7qtXhueTLPPJ%2B5%2FGeZtMJZ2e9QNxNWx0T%2Fz9lQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a160f1adab518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (38842), with no line terminators
Size:   23288
Md5:    64f5de51982bb8cfd5fd5441374847ca
Sha1:   efc8ddf56e7c6500f934c54013fdba4536aadc95
Sha256: 65f382166e424564053fec30879edfa38dc1b7913994ca874bf61adaa7534d2d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e9cb7-c6e5-4f16-ae5c-037bd1fe8a59.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8545
x-amzn-requestid: ee6240b9-f3be-46c9-85b1-40e6294e8a61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UgO_JHajoAMFiXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bcc52d-0495e108756a513f3dccd92b;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 21:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YDpeuwblxg9-7cF8G1PRL6y0rXCGUwZD34ab14nZ-43vJnUTywK_0A==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 21:44:25 GMT
age: 34
etag: "eb724985d98b3e333da18a908cae91ac050b1545"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8545
Md5:    69fba688fc5ca2f102854c5caa513ddf
Sha1:   eb724985d98b3e333da18a908cae91ac050b1545
Sha256: 80681be640e493ad65fa935df74132ea2d91303d8b2f63ab352f0f56d9d75a8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F155ff049-31ad-45db-b606-da7aae957a83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7158
x-amzn-requestid: 39fb9806-1635-485f-a758-1a0777601251
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UePTkGHFIAMF2Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf8e3-10aeadd66b2e052248e917db;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:01:55 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: V6YnQ-9qGksZPWLrXO1eG5THO4Xx36-GfhpKTB6SLKtjQ9aOMvmySA==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Jun 2022 03:55:35 GMT
age: 64164
etag: "0ce665e95946e6d6af4731a3b8077395656643b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7158
Md5:    fe1ed276b7cf8b0bb3cb9c3d89b638df
Sha1:   0ce665e95946e6d6af4731a3b8077395656643b6
Sha256: 19ca3b0e9ec5edb5eda793c407e8a71ba7e154d011955b43ca007b75ef045140
                                        
                                            GET /_next/static/chunks/70.aeba4e9e28ccf1bae13a.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0; __cf_bm=4h3lxMEfMjNuDp6VgkgRn0vISh7I5rzt5z391ZH8qik-1656625499-0-AQFxz3W8170DzT3i/1gPHoRruAmVz47Wj7ziZSP6BNZNAOhvUVB7g4a9MCyfCYEk092mtXXcOYg0LQGiPjFGE0c3836pmmQSOzlFXK4OsU4nRv3nUusMUfHHPaJg/jpAgA==; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScriptGroups=test-push
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Mon, 06 Jun 2022 14:51:13 GMT
etag: W/"56d-181397f9e5d"
cf-cache-status: HIT
age: 2071762
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwKbRickzP839CpXlT%2B%2FlCvmPcqE%2FyDcOO4nJ7MJ5k%2F2QRPMGoG%2Bz37cD%2BqSL1YstSBVVZgRTvjAJV44%2F6Vvgzn0jGiwwR3rEwYu41Yupg3wdMfe0jt%2Bk6u5EdcWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a161dce56b518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1389), with no line terminators
Size:   805
Md5:    be30d94d7cf869f40fcbc95643655ca5
Sha1:   a8a77fd5b1ed8ce33781a4e44d760064ab030ded
Sha256: 34e7865137d7296801630cf66bac4b4483f30b654e20440723b8106aa4a3d963
                                        
                                            GET /_next/static/css/styles.f80584c6.chunk.css HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0; __cf_bm=4h3lxMEfMjNuDp6VgkgRn0vISh7I5rzt5z391ZH8qik-1656625499-0-AQFxz3W8170DzT3i/1gPHoRruAmVz47Wj7ziZSP6BNZNAOhvUVB7g4a9MCyfCYEk092mtXXcOYg0LQGiPjFGE0c3836pmmQSOzlFXK4OsU4nRv3nUusMUfHHPaJg/jpAgA==; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScriptGroups=test-push
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:59 GMT
content-type: text/css; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=14400
last-modified: Tue, 28 Jun 2022 11:07:41 GMT
etag: W/"2fd40-181a9fedcc4"
cf-cache-status: HIT
age: 1533
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHelv1iyMl%2FwR8ImsL%2Bd7MciSxSwf9JzYotuRFXuG1vDrhQdOxX34HQbPp4DMfztGoicR5sFEnu%2F4TmnXmKZdj%2FDnUcQ%2BV8NRg2nt%2BN0lOiacjf3TqnW%2BE0sa4dkMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a161cfd2cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (24334)
Size:   17106
Md5:    9f0144599f1b7787b0ea948fd5e24420
Sha1:   e503a33a30ef6a6cf9ab4f92655a882594c57c2a
Sha256: f670b6334e1df1d93506e2992c5c7a10bc3c2ba5e06292da9983c626b739c7fc
                                        
                                            GET /_next/static/chunks/242.e6062ff562716b6e41db.js HTTP/1.1 
Host: xfantazy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/video/61a9022f44a9b903f78ac06c
Cookie: visitorId=5zxq3zaaragj1v7faq00z; experiment-popup-payment-7=0; experiment-save-to-button-2=0; __cf_bm=4h3lxMEfMjNuDp6VgkgRn0vISh7I5rzt5z391ZH8qik-1656625499-0-AQFxz3W8170DzT3i/1gPHoRruAmVz47Wj7ziZSP6BNZNAOhvUVB7g4a9MCyfCYEk092mtXXcOYg0LQGiPjFGE0c3836pmmQSOzlFXK4OsU4nRv3nUusMUfHHPaJg/jpAgA==; safeMode=0; advancedOptions=0; viewedVideoCounter=0; adScriptGroups=test-push
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         104.26.1.188
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:44:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 28 Jun 2022 10:55:52 GMT
etag: W/"26cdb-181a9f40d06"
cf-cache-status: HIT
age: 211629
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5BTzDPkOAfyRyNVPAl4w2vdEVC00snzv58cngQWpVNN9u45JdQP9PZNC9rofZ29w1tVFfmdXWG%2FPdCBHac28F6sJtAIRgAIEs0M0uYXAbavQpeHDu3VW3Xbiilupg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a161cfd2eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   72434
Md5:    624af622e6f6316632b2a99aee0a2c8a
Sha1:   728f50e6721ee98da9c901f6fa138196dfa1dc86
Sha256: 05fab36a9626cfdebe70ad3a7155e5c7534973893525a9c56dd24e94ca9ab8d8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA4F996B035B519E3959972EE66F88EB6DD2B26E18D4BC170CCC3A2E80097EA3"
Last-Modified: Tue, 28 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=999
Expires: Thu, 30 Jun 2022 22:01:39 GMT
Date: Thu, 30 Jun 2022 21:45:00 GMT
Connection: keep-alive

                                        
                                            GET /npm/yandex-metrica-watch/tag.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.236.0
x-jsd-version-type: version
etag: W/"33399-sRq4vuUrHDiwktfyAT2Spsy5N90"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 30 Jun 2022 21:45:00 GMT
age: 2137
x-served-by: cache-fra19135-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 82808
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (724)
Size:   82808
Md5:    62b15f388db12424df7edbe4e644ff8b
Sha1:   c0b3c0c7de15648e3f257341b61fe0a8599b1218
Sha256: e5649a8f48bb65b57442543270fed0606825529b196758428cf0c812cafed01f
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "833D270B1BEE457E5436011338E5A3B350A27B72"
Expires: Fri, 01 Jul 2022 09:00:00 GMT
Last-Modified: Thu, 30 Jun 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 580
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 723a16211f94b50b-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    da72eb04d93ea8a3e29f904bcd1ccffe
Sha1:   a350b6479f6eeb0c42dfe5a6fab991a4678eb07b
Sha256: 428c70c383d0c0d229dfd4abf0d488f42e0cc881a95d2defaf18051752bbef9b
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 30 Jun 2022 20:41:12 GMT
expires: Thu, 30 Jun 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 3828
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js HTTP/1.1 
Host: addresseetransportationsyndrome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7dd69fe15b92bd92cd3d7de9a2285f5a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (33880), with no line terminators
Size:   11441
Md5:    c83eebf2c7ed82d334edc080e4956fbf
Sha1:   bf2ff355f49b16eb190cb44e53491c61c216b416
Sha256: 13c1e89105bde013684074a555627dc02c0e7ad1a102853df858d183d6165b40
                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:00 GMT
Content-Length: 941
Connection: keep-alive
Expires: Mon, 04 Jul 2022 18:24:40 GMT
ETag: "bb8f8669d8e074735c592e9626cedb8089d20a17"
Last-Modified: Thu, 30 Jun 2022 18:24:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 627
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 723a1623cbb0b50b-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 30 Jun 2022 21:45:00 GMT
Last-Modified: Thu, 30 Jun 2022 20:19:21 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7sGgdFV4OLOj8oZe34bzz3kcepbW59fiqVbWofLUtrxY7Bw5n62yeA==
Age: 5139

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.194.245.245
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
set-cookie: uid_id2=1fc56e65-402a-4619-a027-c9dfdb2ce4e3:2:1; expires=Sun, 27 Jun 2032 21:45:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    82478e48e75763437d9a0c8315d28505
Sha1:   9c2f2a560653c779cce70e42a8c1584b640f22df
Sha256: 72e7db9f71f57890e0aff690e8239e5c49089b3701ecd96b6a998b1ac85e1c92
                                        
                                            GET /watch/49415098/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afp%3A2380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214500%3Aet%3A1656625501%3Ac%3A1%3Arn%3A279100032%3Arqn%3A1%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1656625496636%3Ads%3A1%2C24%2C283%2C76%2C198%2C0%2C%2C400%2C2%2C%2C%2C%2C2378%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501%3At%3ARachel%20Starr%20in%20Beach%20Patrol%201080p%20-%20XFantazy.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Referer: https://xfantazy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 330
date: Thu, 30 Jun 2022 21:45:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:00 GMT
last-modified: Thu, 30-Jun-2022 21:45:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (330), with no line terminators
Size:   330
Md5:    789908eb217c4100f989b6eaa3282abc
Sha1:   55f11fbc06300dbefad1122a68ce2d4ed8c023bb
Sha256: 21ba013a0e1b98c197c59205762ea21a42c3cb7c7a3951f0c6258299c82eef11
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2F97858D6C7EB557FEF4D84B15D7954B33CB52301A3F35EFB7F5CACE242373B0"
Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2933
Expires: Thu, 30 Jun 2022 22:33:54 GMT
Date: Thu, 30 Jun 2022 21:45:01 GMT
Connection: keep-alive

                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A587056682%3Arqn%3A3%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(3)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 52
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A811923490%3Arqn%3A4%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(4)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A313688497%3Arqn%3A6%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(6)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A843755420%3Arqn%3A2%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(2)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 45
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A249951603%3Arqn%3A5%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(5)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 122
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214501%3Aet%3A1656625501%3Ac%3A1%3Arn%3A664627686%3Arqn%3A7%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625501&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(7)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:01 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:01 GMT
last-modified: Thu, 30-Jun-2022 21:45:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /4d/0a/fc/4d0afc2425eea6b0cd5a468c9f8a69ed.js HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d60b6fe2655361f5e152a090bd5603e3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   28654
Md5:    e51dc0b8f3b5ba6133584100aabb1be3
Sha1:   d0bad3c08cc684a3149b7aa361e38cc4c480dfa1
Sha256: 3ff39d0d054b55c114cedfded9c00b460d3c42ec31f13fd63d01ab0526ab7e6a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "0662D0CA0BD862871B16761ACB3D7AB5A884417FAADC818EE1F85F6A392FD5BE"
Last-Modified: Tue, 28 Jun 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6721
Expires: Thu, 30 Jun 2022 23:37:02 GMT
Date: Thu, 30 Jun 2022 21:45:01 GMT
Connection: keep-alive

                                        
                                            GET /sbar.json?key=a2f990f10476061c719d1c1aa3a2ecd2 HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://xfantazy.com
Access-Control-Allow-Origin: https://xfantazy.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15600826; expires=Fri, 01 Jul 2022 21:45:01 GMT; secure; SameSite=None pdhtkv=true; expires=Fri, 01 Jul 2022 21:45:01 GMT; secure; SameSite=None uncs=1; expires=Fri, 01 Jul 2022 21:45:01 GMT; secure; SameSite=None pdhtkv29=true; expires=Fri, 01 Jul 2022 21:45:01 GMT; secure; SameSite=None uncs29=1; expires=Fri, 01 Jul 2022 21:45:01 GMT; secure; SameSite=None sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]; expires=Thu, 30 Jun 2022 21:45:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 672cfe11500dc13ba805909fa38f4479
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6106), with no line terminators
Size:   4319
Md5:    d96069e6f5b202911afa329d988ba68b
Sha1:   ab72d16208d7e66dd508963b72d2db0b80a257d9
Sha256: be6a13484d7016cb618aa063047ff194519df3018b345d064c922ee71ff20fba

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "0662D0CA0BD862871B16761ACB3D7AB5A884417FAADC818EE1F85F6A392FD5BE"
Last-Modified: Tue, 28 Jun 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6721
Expires: Thu, 30 Jun 2022 23:37:02 GMT
Date: Thu, 30 Jun 2022 21:45:01 GMT
Connection: keep-alive

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.233
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:00 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f04504f89fa4029ffe59e720caaa30af
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 30 Jun 2022 21:45:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUf82FKPMqt%2FOd189jJcJ3lqFd3l%2FU4itEDGNPDh3lPbBMrZsa66mX4RlTod4shwaeLfHgufpCCyU9MjjG8%2FtSkb8LJKpdlQFXnZTJYHeeww8VV00%2FoC2%2BXLCDHruGO%2F4SE%2B50M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 723a16234ee77737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49470), with no line terminators
Size:   14799
Md5:    9e7d016ddd0030cee9ada4944b4381ff
Sha1:   c8a05ac9ee14a12c9700a97bcd85759b91b78ac4
Sha256: 5d35ec9f1d9db53372b487b1b57cb0510d1df95ae3476acd7b621c57cfef1e18
                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitXqMievBHLktQ5uBBQSfdPZOejHsIxhgNxt11V9GLSHVV9aRMdVdT1TU9GRCiC7LH8S%2Bw8ybZoAbRk6AYlsmKh5x2POWwOXjw6EXw4kGZ2bDBguL78b7De%2B%2F7Pt9xp8SHoycrb%2Bu%2BVIrOL9T92gsfBMGl2rrMXK%2FWW4w%2BipqXaqb7Sjuq%2By%2FW3hBsU8%2BHfuD7gR%2FUVqURie7NT0DI%2FKAd1Nt%2BvRnWg4Umeub%2FtXUeLPXAu6fkaUg%2BnrnjzUKyEbL0uxVhNwudv%2FR66hQttEGX77%2BXbWa6zJCep4nxkGT7Z9PQ9u7qIXS2N6UL3X0wGMsx8X49RJztn5FE3N2d8owVRIaYP46yO4JQI0g6AtM3IPldAjCOy1eQpbcua1PSrfsonaBjMvP3X5DlmMzcm0WWfrusZK92XStXSJ1Z9JIKsjeC7IyQuyMU%2FQuQ5RFY8RkkJ8jSCpJXU81SjiCTEZQYgFoPbvKlB5d4cLmHlJ%2FUWBAELZ8z6i%2B2GWvwlogj7ge0lQQ08KNFODahNUCRD8DUAMxsIzfb2JQDGHcbdqOC5R5sMSbeO9vo8gqlICgtQUkJSklQFgRlt9rjyoa2usWVdXFwFsOz2KiGuujs0D1ddERGdvJT8tTUjz%2Bf%2BBGb4qRGw6Td9pPAb7YiPwpYK2jzgAWUNmgoGA9hZQVpL0yl9uWYzM79jnyyo0%2F%2BRUyPYNURmHwS1D0LWg5boQ%2B6MWwu%2BuhnB72EZgXtb9WZTsF1hbyYQbHl7ahTcnHKY%2BFlDcGOl3748vY%2Fj5qfwEyF3FT4WN4h6Kibw2u6JLvXdGnJ91fyQqayTyc7u17QQjz89Vtiq9SGr63YwVevsgkwSQ%2FeFbZYpxmXWceSb5Yl58KsasME%2BXnNvi%2Fiq85uLDuTuXz96mura2luhLVSZyPQibRn3gSTY%2FLYspie49zhH5BmBOMqpO6YnD1IfQSWb8Pm5z2rCYw6r%2BPcQ%2BmqoQnj86aSBEqc1zSuYMXx0i%2BfPvL8vfk5xOKBITv2JjrmOdDixvQKu6ZCV1WgagDrHhoWuTle%2Bq0xfYiVN4yV8XZjZdQX98218qTWajR8GrUXglaLilbcDBeTKOCUhs0ojCLaQGHH8eHFD%2F8DAAD%2F%2FwEAAP%2F%2Fg8H35FkEAAA%3D HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:01 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6f181f7d68d8b7950d1cc280784cd3c0
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6966
Expires: Thu, 30 Jun 2022 23:41:08 GMT
Date: Thu, 30 Jun 2022 21:45:02 GMT
Connection: keep-alive

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=4795&rd=4795&fd=821&bv=22.4.v.2&tmpl=136 HTTP/1.1 
Host: migrantspiteconnecting.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "3B67A75DBFACE14E1940383AC5186AE05DEB1EEE1A5A8D4987F6B7C27F8C771A"
Last-Modified: Thu, 30 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6966
Expires: Thu, 30 Jun 2022 23:41:08 GMT
Date: Thu, 30 Jun 2022 21:45:02 GMT
Connection: keep-alive

                                        
                                            GET /sb/au/18/52/6a/18526a6becad408914fcf53d946360f0/1651134763.html HTTP/1.1 
Host: cdn.barscreative1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.205.72
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:01 GMT
content-type: text/html
last-modified: Sat, 07 May 2022 03:21:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5xTPzp7cmMG%2FZjENnYIjF6RwDa7OT4GNrYS7WMNuEFGpj75mDTDGyfavdHU9GqgpSA9WvCm3yV3sFeFbsJRi9XfrpzTBH0tZLWfsOH9lSi4vty5JaUEpqm7NIzMqSieBHlbvs3rSk4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a162a9ff7b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   441
Md5:    55e4847a6515e08cf366cf70dfeb52a6
Sha1:   bcb56670fb119570fe004ad342a6c1dcb0e32108
Sha256: 393e38c758fc90ffb3caa79e32d7bc294e59eaf8f3a4aa9b810e04a4f2893588

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /api/spots/380873?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=pKPFZGMdJN5r8ce8b4ju; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5356
Md5:    645dc6a99438d7956aedb749bc7dc98e
Sha1:   39b47b8a0a97f17f86d2818612774b3e536b9fe9
Sha256: 03d9175de43c2fc9b516b1daedbfec1b896e0aa70ee06264a7bb9b9c096b60f3
                                        
                                            GET /api/spots/289411?host=xfantazy.com&ev=192&wh=1024&ww=1280 HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=6EsfVFoO2xNwBS4DNWTZ; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2610
Md5:    6dd8f417b4c49982f4606ae05ab2feb8
Sha1:   a74cb095f8a9cf396104cf297a5ff93d0d5bc330
Sha256: 753454dec9e76dabe3ea34a6de667340c5c01bbe4734900ac763974ea51297bb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CE04862459D3BEAD50C8EAAB52DB7254153F7B40C4AE811836564BCE339B6DD2"
Last-Modified: Thu, 30 Jun 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Thu, 30 Jun 2022 23:07:40 GMT
Date: Thu, 30 Jun 2022 21:45:02 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fcss%2Fanimate.css&l=79249&fd=62 HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /si/d0/a0/d8/d0a0d821060389d259eacced98d832d6/1655369780.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11220
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:28 GMT
etag: "62aaf03c-2bd4"
expires: Sat, 02 Jul 2022 21:45:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   11220
Md5:    3f40e4f0a14d71c9e6f54240628972a6
Sha1:   40f2097b5d23a3a724f67d7b1a00347638777e69
Sha256: 6917138d08085819df6ded4e805183cbe3987695f8861aea7d84e5449406be1f
                                        
                                            GET /si/25/f8/67/25f8672a8dede505f1d482a0fae4ce30/1655369803.jpg HTTP/1.1 
Host: cdn.cloudimagesb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.9
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11257
server: nginx/1.17.6
last-modified: Thu, 16 Jun 2022 08:56:51 GMT
etag: "62aaf053-2bf9"
expires: Sat, 02 Jul 2022 21:45:02 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size:   11257
Md5:    fdd0d70787cbe32ddf0f337191cd073e
Sha1:   c69ec6c3647241c0fecb67eba56195414120253b
Sha256: e2014a64037f30864207347c73f351be90f4cf3b5abaed05f86252d9007cb40d
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:02 GMT
access-control-allow-origin: *
etag: "62b5603e-2b"
expires: Thu, 30 Jun 2022 22:45:02 GMT
accept-ranges: bytes
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121614197-2&cid=180669724.1656625501&jid=284628193&gjid=1365894008&_gid=969447937.1656625501&_u=YGBAiEABBAAAAE~&z=1905067643 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.73.157
HTTP/2 200 OK
                                        
access-control-allow-origin: https://xfantazy.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 30 Jun 2022 21:45:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /pixel/sbls?bv=22.2.6607&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Flive-message%2F3-2%2Fjs%2Fscript.js&l=1173&fd=12 HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:02 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1086
Md5:    d4a599a2049f8de894c8051003e07e23
Sha1:   a17dbc606227b3351f311e86b07296470b4c9206
Sha256: aa8c657fc49e3d374a84bd21b06bf9d3adc8d804563e2ee366d4e7cc3ec802cc

Alerts:
  Blocklists:
    - quad9: Sinkholed
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /thumbnail/IOvAvHSgnKrl_DrFqg/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 13074
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13074
Md5:    1c458dd399df0bf91865279d2d9b84dd
Sha1:   5f5c2bb8177011626887e8e0f9f10d875fff444f
Sha256: f8427912b45939012b8a04dc76b05730b9abc21f5a088b6f7fd9d6ec3b02aa13
                                        
                                            GET /thumbnail/JeTF6Xbynqbl_jyerA/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11196
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11196
Md5:    0002d158089cddaa95e797dc62cba5d9
Sha1:   d22f8473236f4bd1f7e334b20cf7865efac48907
Sha256: 7d7762c6ef2fa6e92c73c32e09cbe733305540606be926a38807bcd77b7418aa
                                        
                                            GET /thumbnail/J7uRtHejz_zl_jyR_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11892
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11892
Md5:    961343beb4e4435798e38f6de6009d6c
Sha1:   110671fccf01127ea608c63fe8db1ce77683dc28
Sha256: c8bfb3d3e787a61c91056c28930b8fb9010221c7e0d9bcaecabd87f2c0ae402d
                                        
                                            GET /thumbnail/Iu_HvCP1yvy4qjiV9g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11382
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11382
Md5:    667bb15f277f2e6c8622f8aaa1805ecc
Sha1:   a627c61f4a4d58a75b1dbc8756936ef53649ad9e
Sha256: 0a1821129709d31a099f8b4f5ee38a4a91d6eb7b1b2885e28b968a62bc7528bb
                                        
                                            GET /thumbnail/du3Fvn_0yPjkqz7Cqg/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 10424
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10424
Md5:    5f286622cce6a8dff6b02b0a4b05c09a
Sha1:   b174031823a228c4e421b1bf7922bd2353e5af77
Sha256: 5fba91659ea6269b79d17244c961edb1661be0f67c4fd19cfb2ef380ecce4bcd
                                        
                                            GET /thumbnail/LOmVu3Whz6nk8DqT-Q/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 11044
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   11044
Md5:    c39ea1f2e8a5a6e1e24453caf27b2800
Sha1:   e5a1c38a103b5bbe4fcc992993a17024c2f0a23e
Sha256: 11e674d8105a417702e717cc21277ecac40d94809dfe184d380afa84bea267e1
                                        
                                            GET /thumbnail/d7mS7COvzK7r8TrD-w/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 10547
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   10547
Md5:    174aacee5a964989a245e9614a7b953b
Sha1:   469c78e887e5a5b33dfbb448e3d357ecfe9ac94b
Sha256: 1ce25452c5d3e628afebd678ef0a32172470436bc49858442af57978f3da7257
                                        
                                            GET /thumbnail/LLmT6Hbwza3lqTuU_g/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 13508
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   13508
Md5:    8946bde6cebc08414aa079cf28c5f503
Sha1:   08c44367c4ddbd1f15386c278c3755e85d1a8980
Sha256: dfd8ad55bf3101fc0686cd5455f023859b4961fad0ea923b6b110526e3100ddc
                                        
                                            GET /thumbnail/LO3FvHaiwvvsqz7BqQ/w320h240/0.jpeg HTTP/1.1 
Host: static-cache.k2s.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         188.72.235.186
HTTP/2 200 OK
                                        
server: openresty
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: image/jpeg
content-length: 14860
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
x-cache-status: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 80", baseline, precision 8, 320x240, components 3\012- data
Size:   14860
Md5:    c76a1733ee270b568712b4188d7c096e
Sha1:   84703715aed6b34b034f5ed182aff79755eafab9
Sha256: d83ceab00d70dd8af2aa7904a05a88de7cb140b01192eeba09be26e6615bb52a
                                        
                                            POST /watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F61a9022f44a9b903f78ac06c&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21qxesc8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1299418503010%3Ahid%3A5839114%3Az%3A0%3Ai%3A20220630214502%3Aet%3A1656625503%3Ac%3A1%3Arn%3A260402578%3Arqn%3A8%3Au%3A1656625501193667069%3Aw%3A1268x1024%3As%3A1280x1024x24%3Ask%3A1%3Aeu%3A1%3Ans%3A1656625496636%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5878%2C5878%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1656625503&t=gdpr(14)mc(p-6)clc(0-0-0)aw(1)rqnt(8)ecs(1)fip(1)rqnl(1)ti(2) HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 43
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         87.250.251.119
HTTP/2 200 OK
                                        
content-length: 43
date: Thu, 30 Jun 2022 21:45:02 GMT
access-control-allow-origin: https://xfantazy.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 30-Jun-2022 21:45:02 GMT
last-modified: Thu, 30-Jun-2022 21:45:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B6905E1E67FA779FD7F071A3445A1D3F12E2C5FF43DB6F452E182E1E71C0B4F7"
Last-Modified: Wed, 29 Jun 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13286
Expires: Fri, 01 Jul 2022 01:26:28 GMT
Date: Thu, 30 Jun 2022 21:45:02 GMT
Connection: keep-alive

                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSvWtkVRy9b42KaOFHmiUoU1go6OS9%2BR63CMYYDcbddVfRRuR%2Bvck1d9593PvuvMmAEF2QLce%2FwJczyQY1iFaCYlgmKxapdqxSbAoLSxvBxkKZ2bDBC5ffx%2FkV55zf7%2FMdf0pCeHqy8rYZKK3pYr0cll74IIouldZV4vulfqvxUaN2qWR7r7Qb5fDF0huSb5rFShiFYRRGpVVlZWz6i1MQKj1oR%2BV2WK5VylG9hr79f%2B18AEcDiN4peRpKTObuBPNQfIyk%2B92KdJuZSV96ves1zYxFT%2By%2Fl2wmJk%2FQPU9jGyBO9s%2BmYdzd1UOYZG9GF6b3YJCpCQl%2BPQRL9s9IgvV2ZzyZhkzAxOPIe2NIPYaiY3BzA0rcJQAXuHwFSffWZWNzunUfpVN0Qub%2B%2Fgsqn5C5e%2FNIut8ua9UvXTfaZ8okDv24gOqPoTpjpP4I2eACVH4Enn0GJQiSbgEliplmpcZQ8RhaDkFdAD%2F9KoCPA%2Fg0QFeclHgURc1QcBq22pxXRVOyhggj2owjGoWNFjyf0hoiS4fgeghut5HabWyqIay%2FDbdRwIkALpuQ4J1t9ESBXBLkjiCnBLkiyDOCvFfsCe0qrrgltPMsOouVs1gtRibr7NA9k3VkQnbSU%2FLUzI8%2Fn%2FgRm%2FKkRCtxux3GUVhrNsJGxJtRW0Q8orRKK5KLCpwqoNyFmdSBmpD5hd%2BRTnf0yb9g9AhOH4GrJ0H9s6D5qFkJQTdGtVaIQXLQj2mS0cFWmZsuhCmQZnPItoIdfUouznjUXzaQ%2FHjphy9v%2F%2FOo%2FQncFkhtgY%2FVHYKOvjm6ZnKye83kjnx%2FJc1UVw3odGfXM5rJh79%2BS27lxoq1FTf86lU%2BBabpwbvSZes0ESrpOPLNshJC2lVjuSQ%2Fr7n3Jbvq3cayt4lP16%2B%2BtrrWTa10TplkDDqV9syb4GpCHluWs3NcOPwDyo5hfYGuPyZnD8ocgafbcOl5zxkCq89rlgbIfTGyFXbe1IpAy%2FOasgJOHi%2F98ukjz99bXACTDwzZcTfRsc%2BBZjdmV9izBXq6ANVDOP%2FQKEvt8dJv1dkD08GIaRvsMm31F%2FfNdeqkVA1Fk8lYNpms1Wux5ILV6yzkMWdV0WpxZG7CDi9%2B%2BB8AAAD%2F%2FwEAAP%2F%2FAxUiDFkEAAA%3D HTTP/1.1 
Host: captivatepestilentstormy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: u_pl=15600826; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca2f990f10476061c719d1c1aa3a2ecd2=[3485039]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.225
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.22.0
Date: Thu, 30 Jun 2022 21:45:02 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b61c1f9b3e86c6e2a76345035e078c9
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /api/spots/312873?p=1&s1=%subid1%&kw= HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=pKPFZGMdJN5r8ce8b4ju
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (712)
Size:   3508
Md5:    3b13e7a3b464212baa75e40bfe09ab90
Sha1:   2cd76f15e56edb1c241c8c9f43cb56a3095ee196
Sha256: fe82166ac3472b2e980de262cc694c574a991d9a981f743d8f71e46290a4ecb6
                                        
                                            GET /warp/4788750?r=91961 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.52.148
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5iRobpqCmCbthU3NVss%2B2uBTXqt99wgfhUZaJ83%2BiYNTQlxs0g5JPk3wuQtGfkTHyv2oQeNViBtbWxEy%2FAqVy%2B1jYPCaKsUK2xLpq%2FEUnXUZPVlRFQ%2FLg2L6sOC1cD3sj%2FPxfa34Aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a16310abd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4181), with no line terminators
Size:   2298
Md5:    0810c23c775217764a29465b76392c3f
Sha1:   94e9720430f9bd00669433fc789cd7aace422b5a
Sha256: c741c681a3dba31581c6c0e159661b319ae64335eff85900d5766eb29f63bdf1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /warp/4787914?r=42058 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BODhflKcBaRRmq2VZSHNlfwJpBwfjTwy9ZndFkr9F2GwE9Qgx1diLR%2F8W5fnMXjLZX37LHZgcnPOtbkJ7bIW%2BlR0tTqHydn6sKuAnn57E77m9DdcOhaxf4SE0vUtO9CmiKt0W0iCJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a1630ba670afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4180), with no line terminators
Size:   1798
Md5:    11b0e7934f4dc7f7e6555e9d0c6c4c3e
Sha1:   58c12e6d5822bd324789d0c654f056fee12b0d86
Sha256: a5cbaf5f7863000399448e60d155793c4b3f29b7e2364781dd3603b824dfeb2e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /eb91fbb177a62d61b875b1509217fc09/33509 HTTP/1.1 
Host: 1823b75ab1.e55cdcbcd2.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
content-encoding: gzip
expires: Thu, 30 Jun 2022 21:50:03 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1259
Md5:    6675003c66a22bf0a65f4eed0def014c
Sha1:   b1d8ba4c1d00357ac315113824189abc96e261d1
Sha256: c2a6ea9e8d53a151df80d7f07b98664daac42ec4aa98be752f5ee7f7ebeb9848
                                        
                                            GET /sdk/v1/master.spot.js HTTP/1.1 
Host: cdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.211
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: application/javascript
content-length: 12716
last-modified: Wed, 22 Jun 2022 09:27:35 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62b2e087-887d"
age: 734719
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28232)
Size:   12716
Md5:    0c8b6eeb7d60d4b1d9e08dd23db4d5f4
Sha1:   927910ab3a0164fcaa92c0562b4e6702e7373e43
Sha256: b2629798ea334f73e5d414232c45f3fe41cdd22907dfa1ffd7156a5f58f520e9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3C99EF6F1F052CD05CC3735F0F218E2C8DE78791E3BA8476CAB9F29FB1C5B139"
Last-Modified: Wed, 29 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4791
Expires: Thu, 30 Jun 2022 23:04:54 GMT
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3C99EF6F1F052CD05CC3735F0F218E2C8DE78791E3BA8476CAB9F29FB1C5B139"
Last-Modified: Wed, 29 Jun 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4791
Expires: Thu, 30 Jun 2022 23:04:54 GMT
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive

                                        
                                            GET /warp/4787912?r=81584 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXi9B4hJOjC7H%2BVz1VBxI0EBlWOavmMifqe4UKRwSVrSvUoKJSINCQ9nfbH5HQvRfgq4IWQndXSJiiovk9saPZdxfhjfM%2Fbwktl4owJo%2FxJv54VhmAM16YOo6KlNuu9CtCCCMODenRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a1630ba720afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4180), with no line terminators
Size:   2409
Md5:    c332309228a38ae1936c9a0a5a81dcae
Sha1:   a35aed36d04485e5ac66e265c8a8a846fa5a87e0
Sha256: 514dd1089200c81d9fc6d01ee53ff6e15fa64c957eac91887e1be7dd3c6b8b2c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B69AC18F7683C31E901586775BD39FD282F2DF90E9A56B604BD42FDD71AD6019"
Last-Modified: Wed, 29 Jun 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12226
Expires: Fri, 01 Jul 2022 01:08:49 GMT
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive

                                        
                                            GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjU2ODg4ODUyODA2MjQzMTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjM1LjAiLCJ0YWdfaWQiOjMzNTA5LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMzksImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IlJhY2hlbCUyQ1N0YXJyJTJDaW4lMkNCZWFjaCUyQ1BhdHJvbCUyQzEwODBwJTJDWEZhbnRhenkuY29tJTJDRnJlZSUyQ3Bvcm4lMkNmdWxsJTJDbGVuZ3RoJTJDZG93bmxvYWQlMkNvciUyQ3dhdGNoJTJDUmFjaGVsJTJDU3RhcnIlMkNpbiUyQ0JlYWNoJTJDUGF0cm9sJTJDMTA4MHAlMkNIYXJkY29yZSUyQ0hEJTJDVmlkZW9zJTJDdHViZSUyQ0hvdCUyQ1hYWCUyQ1NleCUyQ01vdmllcy4lMjAifQ== HTTP/1.1 
Host: 8b56ac0859.f4b4a4af96.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

                                        
                                            GET /3420f6196f1b98fb439bc684549f3c61.js HTTP/1.1 
Host: 1823b75ab1.e55cdcbcd2.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         45.133.44.25
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 29 Jun 2022 14:03:35 GMT
etag: W/"62bc5bb7-2d808"
content-encoding: gzip
expires: Thu, 30 Jun 2022 21:50:03 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   53203
Md5:    4793ce407fbcb73a88293f158e1ff33c
Sha1:   2e84f866586b9002ac206313acc2d752303f5445
Sha256: 1fa40b6429617aa7fc60fd5b35a37e3fa3d64062724319b23ef5a5632f3e1ee7
                                        
                                            GET /warp/4787908?r=61555 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.148
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: application/javascript; charset=UTF-8
referer: b.bestcontentfood.top
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtC9%2B0QIYCH%2BNPFhD%2BNvsrw63VbKukKtRf6R9va7OHCgNCcMGY4DYZSbB8%2BhHLWz0u3d68BESenKyKmPBjfZKZr2Ew%2B2exnBBXJXyqxuReSeGtgwimVw6w1Da%2BvDWhSgo1q27GbszFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 723a1630ba700afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4180), with no line terminators
Size:   1799
Md5:    4196c55d56e79c91c3c2bd5d76ab0a51
Sha1:   3cb304ebb3625b65bcd142ef6e8e8b7603dbc0a3
Sha256: d0aa6e23b724aed8ce5467b680aa1f6334d4e08215d02186f9e95bfbf6f20326

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /pxf.gif?uuid=1fc56e65-402a-4619-a027-c9dfdb2ce4e3&eb=f2971074fea048c017123c068028f7b0&te=b8a4e026d9f6325fba5277f9c4602d23&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.31&b_frame=0&pk=a2f990f10476061c719d1c1aa3a2ecd2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 95124df288fee12fa5b556ed00414160
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "02A6AA4C03E39D5A75B0E3FF1A78BBEAD30762FF7EDA4686565933EAA67460C2"
Last-Modified: Tue, 28 Jun 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9757
Expires: Fri, 01 Jul 2022 00:27:40 GMT
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive

                                        
                                            OPTIONS /fp?tag_id=33509 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xfantazy.com/
Origin: https://xfantazy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.85.6
HTTP/1.1 204 No Content
                                        
Server: nginx/1.20.1
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://xfantazy.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B969AEC9ED5F9C6AAC917F65227DF6A670657B5D829652D072B4CC31EC465035"
Last-Modified: Wed, 29 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4072
Expires: Thu, 30 Jun 2022 22:52:55 GMT
Date: Thu, 30 Jun 2022 21:45:03 GMT
Connection: keep-alive

                                        
                                            POST /fp?tag_id=33509 HTTP/1.1 
Host: fp.metricswpsh.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22268
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.85.6
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://xfantazy.com
Set-Cookie: id=17210830434024966748; Expires=Fri, 30 Jun 2023 21:45:03 GMT; Secure; SameSite=None
Vary: Origin

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:56:18 GMT
Expires: Wed, 06 Jul 2022 03:56:18 GMT
ETag: EEACFE786C60EAD221B4F0F020C9FBC01F33D353
Cache-Control: max-age=453674,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a16370b04b500-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:56:18 GMT
Expires: Wed, 06 Jul 2022 03:56:18 GMT
ETag: EEACFE786C60EAD221B4F0F020C9FBC01F33D353
Cache-Control: max-age=453674,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp2
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a163708a60b4d-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:56:18 GMT
Expires: Wed, 06 Jul 2022 03:56:18 GMT
ETag: EEACFE786C60EAD221B4F0F020C9FBC01F33D353
Cache-Control: max-age=453674,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a16370b3dfab4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:56:18 GMT
Expires: Wed, 06 Jul 2022 03:56:18 GMT
ETag: EEACFE786C60EAD221B4F0F020C9FBC01F33D353
Cache-Control: max-age=453674,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp12
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a16370f1eb4f4-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 30 Jun 2022 21:45:03 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:56:18 GMT
Expires: Wed, 06 Jul 2022 03:56:18 GMT
ETag: EEACFE786C60EAD221B4F0F020C9FBC01F33D353
Cache-Control: max-age=453674,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp10
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 723a16371d44b4e8-OSL

                                        
                                            GET /in/?track=adnium-xfantazy.com&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank HTTP/1.1 
Host: chaturbate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.bestcontentfood.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.100.40
HTTP/2 302 Found
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: text/html; charset=utf-8
location: /topembed/?join_overlay=1&tour=dTm0&campaign=taOsB&disable_sound=1&mobileRedirect=auto&embed_video_only=1&target=_blank
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie: u_dTm0=1; expires=Tue, 05-Jul-2022 21:45:03 GMT; Max-Age=432000; Path=/ us_dTm0=1; Path=/ affkey="eJwdjUsOwjAMBa9SeQ0JdNklF2DDBZyfqCrHUfKQKIi7I3c5b0Z6XwItE6WHXOg0UZRmCL6PmzH6Zsypri85vwtX8Gd3UcVsN/cE2li8Dy7kgagVuaKoJgdt3jIuxcK4h9xl3bJtx818pd8f0xknCg=="; Domain=.chaturbate.com; expires=Sat, 30-Jul-2022 21:45:03 GMT; Max-Age=2592000; Path=/ fromaffiliate=1; Domain=.chaturbate.com; Path=/ noads=1; expires=Fri, 01-Jul-2022 03:45:03 GMT; Max-Age=21600; Path=/ stcki="pOtSwZ=0\054FqPd9a=1\0546pduSG=0\054aDBbcK=0"; expires=Sat, 30-Jul-2022 21:45:03 GMT; Max-Age=2592000; Path=/ sbr=sec:sbr480172f5-0e73-49e5-82ac-00713536068d:1o71yB:YrGlAtuFaMvKNsVHdce12k0sah8; Domain=.chaturbate.com; expires=Tue, 25-Mar-2025 21:45:03 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure __cf_bm=Wa80oaFRUzfm4OFx2i_r3qO6_dGNbhwdLnWLE0rv5Mk-1656625503-0-AdvxqcdLH79SCxvS2zpUh/56QVLgKjnQ9b5YrBJFozf+B2MbB6k77amLxv5W0ZfYr5enIbCq42PthLjt7m2uGc8=; path=/; expires=Thu, 30-Jun-22 22:15:03 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 723a16343ae9b527-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data\012- data
Size:   13288
Md5:    2d6e79d66a567364953b9e36711d4188
Sha1:   e500665ccc2bb1e0ff19e943b646bbc526bcf343
Sha256: 63c73087a137bf92590ba55f6b0cc7aee0a9fcab5ebf30b69754b80826329287
                                        
                                            GET /sdk/v1/b.b.js HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.214
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 9891240
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2590)
Size:   2808
Md5:    01c3ce239d639853ba1e41661c115938
Sha1:   704741ca41e890a26eef6190c2d61131ff294f56
Sha256: 9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
                                        
                                            GET /images/a/0/cf0182692f583c2e15ea2431742ff27d21d567/main.jpg HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.214
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: image/jpeg
content-length: 10000
last-modified: Wed, 18 May 2022 06:56:34 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"628498a2-26f9"
age: 2218835
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Size:   10000
Md5:    66807d80ccf4ccc642bef4c38e1c0a6f
Sha1:   2cbfa36071f15890f690812774ffaac6831b1c97
Sha256: c8497b95e62d83ec6275d0ad61924cad4ce0e8d472253ea6cb06dd3c7f1d7602
                                        
                                            GET /images/4/2/5c50472b05b1d7df5eddb6c67aa21f29155a1b/main.jpg HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         8.254.252.214
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
content-type: image/jpeg
content-length: 19129
last-modified: Wed, 18 May 2022 06:56:43 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"628498ab-4b7d"
age: 3767773
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 300x250, components 3\012- data
Size:   19129
Md5:    5e32992d84406382beae5b7a476e1548
Sha1:   750de0e0b9afac48ce5bf64f068e18153afe8cb1
Sha256: 2625f07e6fcb724efcde40406b750b0004dca04888c3288a215bef0e6bee93ce
                                        
                                            GET /sdk/v1/b.b.js HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers

                                         
                                         8.254.252.214
HTTP/2 304 Not Modified
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 9891240
X-Firefox-Spdy: h2

                                        
                                            GET /sdk/v1/b.b.js HTTP/1.1 
Host: lcdn.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers

                                         
                                         8.254.252.214
HTTP/2 304 Not Modified
                                        
date: Thu, 30 Jun 2022 21:45:03 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 9891240
X-Firefox-Spdy: h2

                                        
                                            GET /api/spots/303894?p=1&s1=%subid1%&kw= HTTP/1.1 
Host: a.focusde.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xfantazy.com/
Cookie: nauid=pKPFZGMdJN5r8ce8b4ju
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         135.181.208.216
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1213)
Size:   3712
Md5:    73a3deee47ce0ed137e8b6d4f8472da4
Sha1:   2991f1abe38b3d50683fdf2ea00a3631fa557fa6
Sha256: 445805a7af8cc108c210a53ab739a011356d2bd7bdefe0c06cde1eb958451c5e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A0F03C87CCF253C2C16B5993AF1DBCB495A43F0CB18EE033512E2E5B1CE5FAF7"
Last-Modified: Tue, 28 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13184
Expires: Fri, 01 Jul 2022 01:24:48 GMT
Date: Thu, 30 Jun 2022 21:45:04 GMT
Connection: keep-alive

                                        
                                            GET /api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFInCMMRPDjBgZN1rQCGNDJI0YMsK0wGFmYwsyZMTEIFPDRpgwMGKIEfEwTJ0xGcvc-Jgjh8oWYm7CGDkjRwyWYW4wjWFDhgwaMLDKyEHGTE-IZOwslIEjBgwbD-HU4cmQq06fcOAsxHGDxoyHc-BM1JHVRo0YOfCKaKOXr1_AOW48HNNmbl8ZNmDAGGzwK8OHYty4IYtDJw7QD9u4wchwxlUYakeX_ovyYR05bBbOgGG3qkMRdWRkREOHDpw5Ol68wBNHjhs1LuQUJJPHzBs5Zuq4ceGmDJ0XY7LHhBFGDEgzY2TEoHGjRo0fc2L0sFGeRg0udSZHniOjB3nzJmPEn29jzoweEAtsBv608q-GACObjED5DByDjTTGWOOLNMjoYYg0oqAhCxmywEOLNpLIw4k8JsuCiixmYIKKKPBooo0i6HjiiCw2zCOGNbQ4IokPiaiiwyuKuKOJK5KIIg865hDiiCesWCOJJdqAooUghFyDhiDCeOKJIYSI4w4jggiiijTyCMKKM4RIgokoarjhjC_qqEIMIphAIokCI1Njvf0a1DOH-8CCow2KHnpj0EJFIOMNQnWAyIXnxqhjjoNcSMON58AaIwy-tpghhi7UkiMoHWBwYbKKRDh01IVMRTWzy1xNVQ47HmvotTrSyKi2Gb4z4waRahiDjJPMKIOGFnIoowwZWpCBDBt6HUOMMjy7Caw0HhPhKRdyMJUGGVxoiAaw5KBQW269dQFccWsg97UwMmriDT3SYIONMF6o4VQQUMAihhh2AIGJS-vAAwQ8cLDhi_YEplWHHGw4NQUQjihDwjdekEEnVHUCwYg0lnsOjxciPlVTUkVw4gmwoPtijJRXBouNlItwAqyD7PhiOdkYcvMGHGawwbPURJDjDM50kKGGuh7K-Qsx5KALB6fL0LmNN8jozIZUyZDjjdkMVUhpUd_AI4-FaHhIZN58A064F8KA9A1JKS3DUkwzBuuOjFLyDCw0-tbqXRHmoDWjr-ngFLoWpkuDjhaccoGMMVLCOeWDvqDccosavc0Gq86jrPPdGPoL9KVroIxrtcPauQy9vuCUotNDV30wq2VnA6EkF_KUhlAhEoMvRcsw4yc2JlKL5lYZKw2GPhQICA%3D%3D&s=4d869670120635c22dae13341beb05bc605f4079dd63e0898571aa6702a8cf2d1656625503&w=t&r=1&d=37&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.69.157
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            GET /api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIm4cxDFmzIwcLcrAsBGShhgcYlrkqCFDRgsyM3CQwVFmho0aNmTQEPEwTJ0xGcvcMCMmRw4ZYVqIsREGRgsaIGO0wBHmxtMYOnfC2CkjBxkzPSGSsbNQBo4YJB_CqSOGolcYFSHCgbMQx42oD-fAmaiDBskaMXLMeNhmb9-_OAXfeDimTV2_MmzAgEF4bFiGD8W4cWMWR1wcOXAUdoOR4QyXMNa2Kb0QJw25deSwWTgDBt4YNxyKqCMjIxo6dODM0fHiBZ44ctyocSGnIJk8Zt7IMVPHjQs3Zei8GMOdDBkYYcSIkWFmjIwYNHTX-DEnRg8b6mnU4FKHsuQ5Mnqk123jRoz67rNhjhl6SCywwQLkasAaDJSMshkUlGwMNtIYY40v0iCjhyHSiGIGLY6ogoYsZGhCjyemiIGNJojIogYmqJAijSeOSIKOJ6ioIo8m0ohhjRPRWKPGKvRwQo0qTFQjiijyoGMOIY54woo1kliiDShaCKKIO9agIYgwnngiDiHiuMOIIIKoIo08grDiDCGwFCIMIqL4oo4qxCCCCSSSkNAGNd4D0L4F1chhP7HgaIOih95QlFERyHhjUR0gckG6MeqY4yAX0nBDOrHGCKOvLWaIoYu15AhKBxhcoEwuR1VdqNVXNcOMVrnksAOyhh6qo440MrpthvHMuOGGFmoYgwxkaTCjDBpWKqOMl2QgwwZixxCjjM-aEisNyETIIQYXcmiVBhlcaIinh-TIMNxxyz033XXFqiOMjJp4Q4802GAjjBdqcBUEFLCIIYYdQGDC0zrwAAEPHGz4Ir6EddUhBxtcTQGEI8q48I0XZIjr1bhAMCIN56TD4wWMXQ11VRGceEKs6b7wKCOZxWID5iKcEOsgO75wjjaGajgWh5s-U00EOc7oTAcZarjrIaC_EEMOu0aLtIyg23iDDM9skIsMOd6orVGFoE71DTzyWIiGdsvAbKDghivuhTAufSPTTcvo9FOQxbojoxjOgkEsNAjnil0R5tA1o7LpGHW6FqxLg44WQHKBjDEK_xnmg77g3HOLKM0qJ51qqKGy0n1jCCcbUl_9pvR8IkPoMvb6YlSKYJeddRG43p0NhJ5cqFQaUIVIjL62NuMnNiZaa-dZGzMNhj4UCAg%3D&s=4ace337cf31fdc01bc6709ff613f1f701c8bcad32a9dfc93724a635ff0e7e0ab1656625503&w=t&r=1&d=65&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         136.243.69.157
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            GET /api/v1/p/p.js?p=e0SgKROGTBk5c0ToiFGDhYgwY-gsjPGQzpmFIg7CwJFDRgwzLcp8LNOChowcMVrkoHFjRosxOG7IvAFDzIwyM0U8DFNnTMacZsTk8BimhRgbYWCYnJGyBY4wNVvEsCFDBg0YV1GSMbMTIhk7C2XgiAHDxkM4dcRQRAmjIkQ4cBbKpDHj4Rw4E3VgtVEjRg67Itrg1cvXb44bD8e0kbtXhg0YMAIb7MrwoRg3bsTicJsj68M2bjAynGEVBtrQo_vSeFtHDpuFM2DcYH0jx8M6MjKioUMHzhwdL17giSPHjRoXcgqSyWPmjRwzddy4cFOGzosx2MmQgRFGjBgZZsZ8bFmjxo85MXrYaEmjBpc6kR_PkdEjRnkbN2LAl29jzoweDPtrBv6y8q-GAB-LjMD4DByDjTTGWOOLNMjoYYg0pFhDCyqCoOEJKpLAQ4s0YmCjCTWMYIMJKqLIA8Qi6AAxihmayCMGNZ4gYgwanNBjjDuyUMMJNnw8w0U65hDiiCesWCOJJdqAooUgirhjDRqCCOOJJ2wQIo47jAgiiCrSyCMIK84QYo4lkmBDiTO-qKMKMYhgAokkCnxMDfX2a3DPHOzzCo42KHroDUIN1eiNQnWAyAXnxqhjjoNcSMMN57waIwy9tpghhi7QkuMnHWBwIbK3EB11IVNRvayyVt-Sw47GGsKtjjQymm2G78y44YYWahiDDGBpMKMMGlYqY6QWZCDDBl7HEKMMzpLyKo3GREjJBc9cOMmFhmjwSg4Ks92222_D9aqOMDJq4g090mCDjTBeqOFUEFDAIoYYdgCBiUvrwAMEPHCw4Qv2_J1VhxxsODUFEI4oQ8I3XpDBLVTdAsGINJRzDo8XGj5VU1JFcOIJr577YoyST_aKjZKLcMKrg-z4QjnYGKrhVxxmsIGz00SQ4wzNdJChBpkeqvkLMeSYCwely7C5jTfI2MyGt8iQ443YDlXIaFHfwCOPhWh4yOPdevstuBfCgPQNSSktw1JMK_bqjoxiGAsGr9DIOytx75o1o63p4PS5FqRLg44WmnKBjDH0prnkg76AXHKLGqWqBhuqMk-yzHVjqK_Oj65BMqzN_urmMvD6glOKSPf89MCkfp0NhJJcyFMaQoVIDL00KsOMntiYCC2YWVVsNBj6UCAg&s=23585ffcdb52a2d1409cca231523c181564c1b4fdb50a20a8a63cb5ae43802201656625503&w=t&r=1&d=29&priv=false HTTP/1.1 
Host: pxl.tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.focusde.info/
Cookie: ts_uid=073bbf77-5cd7-4fe4-9ee2-2d63bcbe806a; bfq=e0SIEaFjiwwcMGLgyIGDBUKFOCQ-TBgjBwwZXViIGFNwSwwWIGNoFFHGYwwbNWzciGERxoyQKVe2vAgTpUqWLmd06aMg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         136.243.69.157
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: text/javascript; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   24
Md5:    0959ba36d476b6dc1994ba3c678b07c4
Sha1:   d30b94da72daa02766965206a85b7e0356375f5e
Sha256: 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
                                        
                                            GET /in/multy?wl=1&event_id=bcecfe39-16fc-4a4e-b722-fdc653d01727&subid=1326183546&sid=1266544622&spot_id=21450&created_at=2022-06-30&timezone=0&ver=6.16.0&is_native=1&user_keywords=Rachel%252CStarr%252Cin%252CBeach%252CPatrol%252C1080p%252CXFantazy.com%252CFree%252Cporn%252Cfull%252Clength%252Cdownload%252Cor%252Cwatch%252CRachel%252CStarr%252Cin%252CBeach%252CPatrol%252C1080p%252CHardcore%252CHD%252CVideos%252Ctube%252CHot%252CXXX%252CSex%252CMovies.%2520&tcid=0&site=native-push&screen_resolution=1280x1024&format=default-slide-b_r-body&adblock=0&testab=0&timezone_olson=UTC&after_video=0&tu=1&mm=0&iabcat=IAB25&device_theme=light&st=0.01&default=1 HTTP/1.1 
Host: 122794cdfd.f4b4a4af96.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xfantazy.com
Connection: keep-alive
Referer: https://xfantazy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         168.119.25.22
HTTP/2 200 OK
                                        
server: nginx/1.18.0
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: application/json
content-length: 3191
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3191), with no line terminators
Size:   3191
Md5:    b482eda5834ba59229b5479d4d3b5c33
Sha1:   9df8678997c79d582448c56253dfb9f6cab0a36a
Sha256: 4fad030c66fdd693a229d3a5b7929e3db5238ce3e6713d3e7aaf40c7c823065e
                                        
                                            GET /riw/ezra.jpg?1656625500 HTTP/1.1 
Host: roomimg.stream.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=LaLmmjI6xWfNzUfm79kCK_Z2HyTdUWIBLmzLodgBoiA-1656625504286-0-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.241.83
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: image/jpeg
content-length: 14107
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: public, max-age=30
cf-bgj: imgq:100,h2pri
cf-polished: origSize=14213
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 21
last-modified: Thu, 30 Jun 2022 21:44:43 GMT
expires: Thu, 30 Jun 2022 21:45:34 GMT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H6%2BZWwevzpJKhuX84h65qKtYIroz70oPpW6E09LFLl6cJnxcwW8PMcbSC%2BAhYJ6F2ERJkvU5ije3T%2FJkdTa8b52Iq%2FKyk5fteNrScJgTOGzIaMtP%2BQyTyGT5d6nn%2BW4NSxRnht477UGsjtaduijxTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 723a163bbb371c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 548x549, segment length 16, progressive, precision 8, 480x270, components 3\012- data
Size:   14107
Md5:    f4ca8eaae1a08c2cf78b74524bc24695
Sha1:   b20db515b6a351d3e4b3a9e435dca4918ca2fed1
Sha256: 9803e8a57e30d81be5f320c93bed7d5c75689ddb5a80b4efc7891355ac892925
                                        
                                            GET /embed/lf?c=object_container&site=wl3&cobrandId=240622&psid=cybermike&pstool=202_1&psprogram=cbrnd&campaign_id=118122&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1 
Host: awecre.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.93.51.191
HTTP/2 200 OK
                                        
content-type: application/javascript
cache-control: no-cache
date: Thu, 30 Jun 2022 21:45:04 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Sat, 30-Jul-22 21:45:04 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4633)
Size:   5366
Md5:    a4614a24956578589c61b6e650507849
Sha1:   a7b4d0f8cbfaafc4ea8c4058f5bb703b20855b60
Sha256: 3ef9b9489553d11d1d34663ff568a6c5d5bd5fcccb86d01f9d7c5138921b2914
                                        
                                            GET /CACHE/css/output.feb0232e1fe8.css HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=239686
etag: W/"3b1fd760b372a13f7ee9b4a8a43aed87"
last-modified: Fri, 24 Jun 2022 06:56:34 GMT
x-amz-id-2: YhOXpGgH/OZ/CfPRnN2j3wr9oKy96TEA10XdgA+5G8FBtnjMuOtas5hQBQSblTQwL9o/QtmMnKQ=
x-amz-meta-s3cmd-attrs: md5:3b1fd760b372a13f7ee9b4a8a43aed87
x-amz-request-id: 4TNE4PVVWZF0EM03
cf-cache-status: HIT
age: 571569
expires: Sat, 30 Jul 2022 21:45:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIZ%2F%2B7IYvqJf38l6Gq%2B3gNYX2JLl7qKsLoaZ3xwefvCfZM6OToosqPs8krsEWYiWVYj8ShE1xE0cp6M5nrNO0E6%2FXueSuTQri%2BcZdtycp8R796h3l1VGC4oFxPgoNfBd14XLiQ9tKfNZhHWFTkvhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ExX.y2i_trOlDb9g2feqRmNy7mG5XQgwOhO0Xa8o7Gk-1656625504274-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 723a1639ac7cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   40375
Md5:    04090e8d820f6f207a4d97daff26c8c2
Sha1:   6a81ba6cd331df9e783fe37827057cffc531e6d5
Sha256: e9107203ab66e8bc6c715a73d638edca5b3d769606ee108a9d55df85842a951a
                                        
                                            GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 2074298
expires: Sat, 30 Jul 2022 21:45:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjTA6mLbCGBDd8NeMjS1LtcM0u70by%2BufnK1Xtep7Bjl25Sk%2F4mqmGJZgeqrSChMCG%2Fg271e0GgFnaX7RKwiroZsR5mL1xFwRl%2Fm%2BAZIuFrPfyVDt2nbCxe73jgJbjlTljcGaoU%2FDfmVco1O84eigg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=Z9GYyMauVMJbMdL4SEv7nqZmPki3mmZcwafXNYpizyY-1656625504297-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 723a1639dcbeb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   78859
Md5:    5570868823a3f55bc58d677247750c3b
Sha1:   f0247461b5acd1ffa909696e8b0f859c902a633a
Sha256: 860037f67331a42535f68802e2a9304a015ca4ae4dfd050bfb62e61c7e18a9f6
                                        
                                            GET /as/if?p=reseller&w=1&h=1&v=5106&adType=cats&adWidth=900&adHeight=75&niche=female&fontSize=15&font_color=%23fff&background_color=%23000000&hn=fap247.com&AFNO=1-286 HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.242
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.10.3
Date: Thu, 30 Jun 2022 21:45:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11656625504937_0_5106_4398=0001000; expires=Sat, 30-Jul-2022 21:45:04 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=4980-1656625504; expires=Sun, 27-Jun-2032 21:45:04 GMT; Max-Age=315360000; path=/; samesite=None; secure
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   3480
Md5:    0c88bcd3999152868b8a68c9e1415118
Sha1:   8e33c9608a56cfd24f51dda4e62d5f3b769f3d9c
Sha256: cc1946c1bdafd7e087e7dee37d70cb275f5b33d3147fb0d873ea4ecf884f58c6
                                        
                                            GET /as/if?p=reseller&w=1&h=1&v=5104&noplaybtn=1&adHeight=175&adWidth=235&adType=live&autoplay=true&hn=fap247.com&AFNO=1-286 HTTP/1.1 
Host: as.sexad.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://camschat.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.127.52.242
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.10.3
Date: Thu, 30 Jun 2022 21:45:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store
Access-Control-Allow-Origin: *
Set-Cookie: at11656625504937_0_5104_5671=0001000; expires=Sat, 30-Jul-2022 21:45:04 GMT; Max-Age=2592000; path=/as; samesite=None; secure iid=277-1656625504; expires=Sun, 27-Jun-2032 21:45:04 GMT; Max-Age=315360000; path=/; samesite=None; secure
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (629)
Size:   5383
Md5:    554afe8b7d329a08356190573129a953
Sha1:   2631de0d8aed59d80cb750b741929694a264ccdd
Sha256: 8df5dfe516c74715a0735e9bd9740678ebe1051efcfcf4f917be4185279fc216
                                        
                                            GET /CACHE/js/output.bc85e791cb2f.js HTTP/1.1 
Host: static-assets.highwebmedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.94.42
HTTP/2 200 OK
                                        
date: Thu, 30 Jun 2022 21:45:04 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=202270
etag: W/"7d90e856406997eee24123ea8a61c92d"
last-modified: Fri, 10 Sep 2021 01:29:44 GMT
x-amz-id-2: HJqgrzmpP8NIgQA+YW8wx4YmDeOFkE860/zZrYgEfEOOhSRenFjn4mxx7ChaQYvyWjZAxImMIY8=
x-amz-meta-s3cmd-attrs: md5:7d90e856406997eee24123ea8a61c92d
x-amz-request-id: EVKN10SQAKNB8VZG
cf-cache-status: HIT
age: 2067083
expires: Sat, 30 Jul 2022 21:45:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIsK%2BqLoaZ9mN339m%2Fm4W0fVJrg8YbrQfXzgASnbNm1xu7YduV9gV7%2B6%2FTxCTVCcINRtKFkS1WINODWIcE%2F9ru4gBdaGJUgSMRRuG5LHXuNc7karQd3pAvQTAvOgdrdgdRFlk9b%2BdpVZIl%2Bz%2BfVsXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=WY7TOB9c4A4GyJb6Srsu8EABr37nFDFYAyv4vRrX4qI-1656625504288-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 723a1639bca4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65328)
Size:   57150
Md5:    131395d48511f5e4ee50974b485c951f
Sha1:   e9b9cf112a6f9dee497b36e0d63d520055313ce0
Sha256: d047f98a9bec41ed0fed7285f9478c6ad34caaa7a07a89e8197257216742a076
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "894B8A85DBFB70922857CDB5C6F1F08B606E4911B436A357F364B208E05FD2F1"
Last-Modified: Tue, 28 Jun 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15789
Expires: Fri, 01 Jul 2022 02:08:13 GMT
Date: Thu, 30 Jun 2022 21:45:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "894B8A85DBFB70922857CDB5C6F1F08B606E4911B436A357F364B208E05FD2F1"
Last-Modified: Tue, 28 Jun 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15789
Expires: Fri, 01 Jul 2022 02:08:13 GMT
Date: Thu, 30 Jun 2022 21:45:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   503
Md5:    e75a5f5a359d744421e82a42edba983a
Sha1:   2190310a52599847ca0802a9bba6827370354f08