www.googletagmanager.com/gtag/js?id=UA-117943749-2
200 OK 58 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-117943749-2
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File type JavaScript source, ASCII text, with very long lines (1906)
Hash 49d96ef12406626a4e2ee728cd03b07b
b83da638668f102361d86a7c7511e729ad3e24a1
eb8173d07a164bb00d3bfe2eac46d9446315276a63d194e1d38c2f92a4727d41
GET /gtag/js?id=UA-117943749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 04:57:13 GMT
expires: Fri, 29 Mar 2024 04:57:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sdg453.av6k1.blog/video-ads/ads/map.jpg
2.5 kB URL sdg453.av6k1.blog/video-ads/ads/map.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x100, components 3
Hash badc510cf0009b227eb8d1db72a9ed18
310c4a40aad9484fd8487ebec68285a57c11177f
0047cb63d3361c5b05eeae46e6be71c1c13ad9a997d4724fef1486111c14a72e
GET /video-ads/ads/map.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 2541
last-modified: Wed, 18 Oct 2023 08:30:47 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PzzLbFjcsknMnsYmzHMYJ6k58AXlN4iAs0XSYgxY82RXNNoSnaj3v7xIOm6OBOIAEs4ntlZxwUfKEkbwqfdiHmM%2B7C%2FaKpEeF10oXikosMt8%2FMBx6GccSN1hZQdtFmc%2Bs9sYtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720182fb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/templets/default/new2/images/logoT.png
7.0 kB URL sdg453.av6k1.blog/templets/default/new2/images/logoT.png
IP
File type PNG image data, 237 x 51, 8-bit/color RGBA, non-interlaced
Hash 0fe14f124c6686baa6efe364b72b5f4a
854ea506e523752bd603f595b9bf3644cffddf38
32d52d96c05397b4645eda8055c292ca6ca3aae9459f9a6d7f7d386c4275fcda
GET /templets/default/new2/images/logoT.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 7035
last-modified: Tue, 31 Oct 2023 13:25:19 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnXmj8NWk8CnBddkJU50dSdv7PFtmkc1k3CP1bIdqXkcLJ%2BtjJtc1VpPboktouI8rXmEJx9tEhmNQ6CFlFA1iubmuBqwSLbFLyAeMkAjR%2FvQEqaGq%2FOF9NPwpgs0JeVS7KukQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47201825b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/20231219_DOVE_150150.gif
200 OK 52 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/app/20231219_DOVE_150150.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 150 x 150
Hash 7f6ec49da3f277f96402f3ae8e07e76f
eee7f6f60deda1df826078a550d5ad98c402fd8a
122c8d6c18996fbfd48480745d7e962556c74cc22c7501dfdb8be94671761c04
GET /video-ads/app/20231219_DOVE_150150.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 51698
last-modified: Wed, 20 Dec 2023 02:05:12 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vA1rVrlEx13UdPwuuAZ0GA6QHrAq9X9M4PfM%2FsXOU%2F74E0dcBVocmp55EDUgquiJJ%2Bxra07x4ZRJWGv%2BNkR9%2BjpXv%2FNFXAZ0o9rjfNAIZLAJwELeIvznYXUohQBjD5SsFKrnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47201831b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/map1211/photo_2023-12-11_09-54-12.jpg
200 OK 3.0 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/map1211/photo_2023-12-11_09-54-12.jpg
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 100x100, components 3
Hash 20433c7c66512dd4bce50cd14c3b0436
d9dbb05052a34c047cbe01c3cec4ec571f5feaca
8f7447b0939f07e504e8cb99ccca60b15a4b0e8bbad76045e7d70049742ffd7c
GET /video-ads/map1211/photo_2023-12-11_09-54-12.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 2983
last-modified: Mon, 11 Dec 2023 06:28:05 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDizyjtSoZd%2FgDu1FL4VfQNPt2DENnSl48r4U2JguSEJa8zLp59%2B%2FYoVRqTSMO1%2FHxJCjhUqkMkqvmadD6tgVY6KrJuqLSYQ4q1bc8f7dpoI4cLjx3DpmBzm41unONmmxIrbhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202832b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/app2.gif
200 OK 177 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/app/app2.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 200 x 200
Size 177 kB (176657 bytes)
Hash 06af35e251875530e2da5ff880b14deb
5a7cee83e3d89cd90b26966eae30cfcc1564b871
ff7be9749bda558e12858c547b59a2b6c646e9cde1f65ece68797e603b8c9436
GET /video-ads/app/app2.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 176657
last-modified: Tue, 23 Aug 2022 00:25:53 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SR4k9s0BaTUCyaBD%2FNhUtXiQ2x0L3x0QbpsiqCFh%2B%2F26esnUCzh3lAHF3roonSCPpWpws%2FfwVz%2BG76wjD5drxWoGGB3eR6R6YFZwdPc6k7K1qKkDIkzgGPISDY6SiKscmUHcSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202836b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/includes/images/av6kpreview.png
200 OK 51 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/images/av6kpreview.png
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type PNG image data, 847 x 294, 8-bit/color RGBA, non-interlaced
Hash fff6dd3df76aae156114b3cfb58c803f
19f8ce31a63dd7afc84f526b91fbe4046e9fec2a
8d7f801aae3611a6454450f157386b84c6fc426b46637c149bbb40f0148c45d6
GET /includes/images/av6kpreview.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 50938
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iwi71bn5XudUKvizcVoatd%2BbzTHGAvTTKj%2B5eErchphoTBiT4zgTdsYlLgGIC4FPWy2il3tpM3Pa%2BrtxYnUqF6AdtkF%2FrjFC9Bd6aiHvWtkpZ8MiK7NnCVtEZlDU%2FHUchSOskg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47201823b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/map1211/AIR-AV6K.gif
200 OK 82 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/map1211/AIR-AV6K.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 300 x 250
Hash 79232fcca1cd4372835ab504231d879c
0328ddf3819ed34676d29da2cfb5dbf36fe47c3f
a50f7d5578c383aa2aa10e818b07e17fe73dcd13d1d4e8b906bc953d577c9bb6
GET /video-ads/map1211/AIR-AV6K.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 82364
last-modified: Fri, 08 Dec 2023 09:08:29 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YA24A27cnlikBmHqqAJ61oNMLzFXVVE9Cc%2BIl4eKYYyuH%2B37lmB74z3XFh%2BcjhQqrlFvNAIElFBhxTsQOoZUUXQFhVfPl1dws4YcxuJqM0qDbRpDErMFSvcgXyV3SyPBeYnS%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720283eb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/jubl2.png
6.6 kB URL sdg453.av6k1.blog/video-ads/app/jubl2.png
IP
File type PNG image data, 127 x 128, 8-bit/color RGBA, non-interlaced
Hash 2617a26f6b0851af4e5fcf0fb77ece43
f07504d54cf0dd295dbdd8a4a716c69e775c2dbd
eaba92591b58017f9e40d4fc009bbcf90d4a93bfcfefc0f0864bf19a1f9659ff
GET /video-ads/app/jubl2.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 6560
last-modified: Thu, 23 Nov 2023 07:51:26 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MzFZS%2Bs8sVxelNsDhAvm4CcUgmedXqtHD19fmrHVs1HzW3TLTr69Ws5A2%2F8PmeGQblElsMunG8BBhZhmfhdERohtr0LGrOQW5yxXG0BFOXYeM0Dk0SGT4eSfVvgdW3788MWB1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720182cb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/100x100.gif
45 kB URL sdg453.av6k1.blog/video-ads/app/100x100.gif
IP
File type GIF image data, version 89a, 100 x 100
Hash cdf752254fed28450ff7a4829ab141f4
2ef116eb4db8c30fc1b66663e721c52194710882
705c4f8687925a143cdd9e34071198a34d46de423725fc1910cb5530d20050d3
GET /video-ads/app/100x100.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 45317
last-modified: Wed, 03 Jan 2024 12:35:11 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KhmYMckRMXGF%2BL3CW4Z6JEhNzBptBRvfhIrMArkCUzhIusiIzz41%2Blx7VxZR9NiuciGWIjr2TnpqTDXTDtK7RN4WDkNm48Sy8Q2G2sMWuPZtj%2BXRMTGCfXOBbeR0fijqZt4PTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720182db524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/img/somiao.png
200 OK 4.5 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/img/somiao.png
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Hash 5f2201cdaaaa8fcfefa97cebad8fb8d2
df22de299de5ccce5ce6e1de9b8607fe4e36c052
16f64ce4f836ce4245e77eff60e4c7b84738bfcdbc9cd9b5ac840517d50bf0a2
GET /video-ads/img/somiao.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 4470
last-modified: Thu, 10 Aug 2023 20:21:31 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoRNrC%2BQ3qpsLfgLLBNSQc07WVSZG1w3lsC8lMIL8bhh9IZHoj6i%2Bn55IVinkYX4l4Wd6PikuqA788jN9J7Xoj1Tfz6JDsQO%2BZeudZgwv68ta5c5Gv1WGKjvFcaa%2FSW3s6Jx%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720182bb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/100x1002.gif
200 OK 22 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/app/100x1002.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 100 x 100
Hash f494f6879efb700ce3121590c8b473b7
9d3d8108ab6dcc589641001c887a7cbcca6e837b
6f877fae72209e85d4276f60b5f56c1fab69e5f7bc6bb499a74e4e55b7a76932
GET /video-ads/app/100x1002.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 21473
last-modified: Thu, 28 Sep 2023 16:00:37 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3865U4isHjiKGX%2BEaYJKlQst3mfPmWcWDxv9zFuFDeFTXypll5j%2FQD3BXJzZ9wlI%2BRdclTimbYeleZEbkIPoPuxU7Oum5leoy2pjfp4IQjk8pncfDXaC2fuDpA3%2BjB2JVY4dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720182eb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/map1211/5F-AV6K.gif
225 kB URL sdg453.av6k1.blog/video-ads/map1211/5F-AV6K.gif
IP
File type GIF image data, version 89a, 200 x 200
Size 225 kB (224863 bytes)
Hash 4bad4b0ec91330a725d5bc38402e4518
718d31626d75afb08e4a9c3d37a6cac75369f593
3f0005613064d68d4e8cb245464e6d871250ea563b48811454368d0555c7e101
GET /video-ads/map1211/5F-AV6K.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 224863
last-modified: Fri, 08 Dec 2023 09:01:24 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7zPJD68%2Feus6IDi4CS0%2B9As38d2VV3rWK%2BGucP8wULJzaiOOy0jdjngfJKE3qkn22Q0FLi%2BVscknqGUB9LRriUm4%2FnDTQy4a%2BEVBnZtGKdYrtN9ya2Q2qLWwpltVPXGip2DCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202833b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/map1211/150X150.gif
68 kB URL sdg453.av6k1.blog/video-ads/map1211/150X150.gif
IP
File type GIF image data, version 89a, 150 x 150
Hash aaf99b051846d7c5b15f1571eee9058c
22964473cf49600c4b66434143ae3bab459845b2
33b7e4f5cc6cd95cbf1d83c0046bb2dd599219de91ffc685413d500de668a87e
GET /video-ads/map1211/150X150.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 68080
last-modified: Tue, 05 Mar 2024 06:07:39 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gh6DqNAj1u%2F0vBhP797ggszGoLrY1%2FynXSXecAf%2BWNNBajo8qvMJsAuT1Sypeiy7hFq75Nend4CZRsuLw%2Fiq2a%2Fv8G6qgpsuzOYlmDLlQQZIUuvzjtovXrwlxMNFfWf2N%2F78iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202835b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/240321/2960x120.gif
200 OK 81 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/240321/2960x120.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 960 x 120
Hash 7c858d33682f1a0db0ff05df0946ce18
5c966023eefa7e8e14bb2d2e08186c260ec9860c
d5fd230de0359317a9904ec81aa1dd59cc3c19464475a503c497a89d67809ee3
GET /video-ads/240321/2960x120.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 81344
last-modified: Wed, 20 Mar 2024 11:34:47 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3luy3cMSZMOqUzHUm%2BURJSX3RE3IMtCW1peiRPG2meT7WEOs4Hqdo5RPYpQuwCWQEwHy%2BnlEVJkzLlhRnlM%2BZ%2B2EAj7gX7IcCfi8SYK0%2BxnWJTiogojvUzoBc%2BbSGjMz8KUfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202837b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/240321/1960x120.gif
200 OK 484 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/240321/1960x120.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 960 x 120
Size 484 kB (484398 bytes)
Hash 8b800d3f47cc8d8836522dc9a7313227
4c2d41df55fff9b29ffe4de4199a2395c1e40a65
9b0453d427d0f652dbb4d486ddbac28b09e437070b26dc71194c00f0264c9328
GET /video-ads/240321/1960x120.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 484398
last-modified: Wed, 20 Mar 2024 11:07:36 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gr8AsXVBeHXGKLKqN9P3B4%2B7bPW%2F6VFjxjf%2BlX95AzzztIxD8%2FD0QCQt2T63RiWs3snzcJCDkgCyyMtL3qOWo9FfLbLjWHx1q1HrgmA1WdwZFhNVWn7DiZT%2F9lq%2BdcsjBNhkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202838b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/app/20231221_DOVE_72890.gif
218 kB URL sdg453.av6k1.blog/video-ads/app/20231221_DOVE_72890.gif
IP
File type GIF image data, version 89a, 728 x 90
Size 218 kB (217838 bytes)
Hash 41390860a9d895c2fb2043f589926e3c
e8220dada6e2e07967a020b1ac4e2348489a272e
edbac30c597e81e596bc5877ce31dea572ce8d51295b4ba9a879b862cb5c78b1
GET /video-ads/app/20231221_DOVE_72890.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 217838
last-modified: Fri, 22 Dec 2023 04:15:41 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XdJJ%2BNudCsfO%2FnInO904A%2FKIbRPD3fXhuDS9AKvzsRXqLG8cDNA4Yemxmf1Zf1aDrooxaIZI6ws7ul0uY%2FW%2Bg4ZUtx%2FYzyxYC7BVk%2BBlwIHospvJHcxdAZ6R%2BTLuXdrLNbPktA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47202839b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/map1211/20231106_h2h_960120.gif
164 kB URL sdg453.av6k1.blog/video-ads/map1211/20231106_h2h_960120.gif
IP
File type GIF image data, version 89a, 960 x 120
Size 164 kB (164102 bytes)
Hash 742fb7d9cfed1c3f4ede3a64db5db471
b663a005ddc3f43f21f865811ccaa722caf143db
5a43125f2e23df1da5a7ca3f7382b7e55531349d72dc41e142c1dbc8a4df6190
GET /video-ads/map1211/20231106_h2h_960120.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 164102
last-modified: Mon, 11 Dec 2023 01:21:29 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ldM9fzFzLctNnYdWDkkmwc5nyFmSAvgiqqDLklXdZPL%2B8q72IlLgIWUiIn9uu4UEkoEZuR2cVfMU9NMu5HTqdLZf8SDPmFwG4dOLJQbYwhzJE3bUv00FStwXWA518%2FntbnNNIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720283ab524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/video-ads/zeyu/zeyu.gif
200 OK 296 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/zeyu/zeyu.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type GIF image data, version 89a, 960 x 80
Size 296 kB (295834 bytes)
Hash eca4712c150e503f9021cda84c2a10b2
bdbacae5bc571c35549ac5dbc96e3b8a3df443c7
8d35d44bae0a2887ae203eae6311a6e85cba702a6d8e85bae33e6d6259fd9366
GET /video-ads/zeyu/zeyu.gif HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/gif
content-length: 295834
last-modified: Sat, 24 Apr 2021 03:46:50 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiXeRpfNtsmFL9HOoH65gQJiFuK6870Sexbmdp3osLzvTV4pb5C1axiFaqFH5wEVwrEPSaV0ZnoADxB7QDKRxe7HUyHm4eeLahHB8cTRLCcpjE63LqihBNe1Kgs5tbfzdcEYuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720283bb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/210830/2_0S00F95BW8.jpg
200 OK 80 kB URL GET HTTP/3 sdg453.av6k1.blog/uploads/allimg/210830/2_0S00F95BW8.jpg
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 7a7927330049b6763eb734959c01bfcc
9bd231ddb2838fceca9378d1252c81bf975e868f
ce88e31205c40d88d01a3f568cdf6cf6733c591f153029c709d78ec2eaacc8fc
GET /uploads/allimg/210830/2_0S00F95BW8.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 80038
last-modified: Sun, 29 Aug 2021 23:09:56 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6s1%2BBPZVozkmMOZAQEakhwhTsvLdCS2fDZLLeWYyAM6Sw4%2Fbwk7xwDjLp5WOXbXGt5cLLJi5uXvXtmHfeHZ6j3eUmPzrj2zImwkURcmxicltzZxGNX9Ao4%2FrLm1Wg37JtZsuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47203840b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/210905/2_0Z50Z45aC5.jpg
70 kB URL sdg453.av6k1.blog/uploads/allimg/210905/2_0Z50Z45aC5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 9dda412d170b3eaee38dfe9b63551cbe
b80edaf2335e85362a2aa9ae5652c9d70f96e60c
32f5df9dea8772fd7a90b932aca517187d31e2777d30d611bf9449f922b18d05
GET /uploads/allimg/210905/2_0Z50Z45aC5.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 70089
last-modified: Sun, 05 Sep 2021 01:04:59 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiv%2Fe8TADMhI8Zj5CGVIva6OaZIoFk2L4chF6JeVmHqKJfafsoYTlfFaRy45iT%2FenbI4w2ynqfS3Zx85Luj4h9sB7MHzRz7tdGAFVUILAcin1JifmyFMtwBXYkolFhcsOeo%2B2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47203841b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020H1255064.jpg
200 OK 86 kB URL GET HTTP/3 sdg453.av6k1.blog/uploads/allimg/211002/2_10020H1255064.jpg
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash c24a73b7a22f3c8bc2f32aca9f590011
6cb0df6dda7794ba97beb6ce4d273b57cd5fb5ef
81ac78372c8e291751996b3425c6be10311f3212d13efd8f2cdca800d28dd92c
GET /uploads/allimg/211002/2_10020H1255064.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 85650
last-modified: Fri, 01 Oct 2021 23:21:25 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzIOltRH%2F6x6WMpaZvaNecaqlPL1F1CI7qf95oDDVqAlxhDJhq0DI3bQMz6B%2FDtoacFjPlriOoeFWguQppAEgZYEGMr4AUqVmuuaMRb7rRreDAPrhEr9o5fFVVc3Jrq1dzJJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47203842b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020H10353B.jpg
99 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020H10353B.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash e19b43eb5f38ff49bed2c0bda1825457
6eaee480eeda9f713922ab58e2f4120956ef179e
f8cbdd608d72f85ba75076131ec8270c8780f778793fb312e4dc595e0301062c
GET /uploads/allimg/211002/2_10020H10353B.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 98731
last-modified: Fri, 01 Oct 2021 23:21:03 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYnlY5AB0xwjgyNNKAJaN2S0YkbixHKTR8Z4rhyv0iSYQgZewQTT3jQFLRrXcXwH1oUVbHnJl7lyuGHZlDWR0kYdiMPtwx6aFg%2BxZcGBKPWMcXuRE%2FgEfyan7yhUuLO4NNEKgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47203844b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020H0416221.jpg
74 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020H0416221.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 27139b96b83249fa062f57b438bc0c2a
177e87c68f2d9135ce4d8ac3377e38e3f351d7d4
ffa94bacd82b5db42e1e8d9b9dec8d7519e0c8e52591b1987f4fd7ffdbfed3d4
GET /uploads/allimg/211002/2_10020H0416221.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 73933
last-modified: Fri, 01 Oct 2021 23:20:41 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0go3UctZwTDwiFhkjBNdB0hxTM5XI36iZ5fEzv67r13t4n6wLX8s%2BjbtAeMglUd%2FsG%2Bw9OzYbZsYod5LUKqOa6vuC3s3xgAZb%2FWGs5nZSGL0Aj5A3rmF%2Bk1IeUBb30NHhYbtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720b85bb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020G93T122.jpg
107 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020G93T122.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Size 107 kB (106797 bytes)
Hash 9c542610d8e3ea2f31fe2abe785eab79
448e7db3ad1d227fd7b4b73c1e3c03a9f022060b
0b6319f442dcb679b5fd5a65ce72ea653afd326885c91271758700dda995a8e1
GET /uploads/allimg/211002/2_10020G93T122.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 106797
last-modified: Fri, 01 Oct 2021 23:19:39 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vIRM06lX8dcU8TmGQ51idqk5idZD7QzHd0lSEn%2BvzkiMZG5BTFZtIh9c0WtiZU4EvNtqr4Jpfi1KTBrStc6I00BT%2FPDZMRjz1zwE9ntw%2BXYX01g6xm5xhTBnQHH%2Fasf9PS3FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720b85db524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020G9114L0.jpg
109 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020G9114L0.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Size 109 kB (108925 bytes)
Hash 5ce5970aa9792bb045072a4e2effcae2
7a77aa224569c407b2b903d63df0878f12405696
c607a73b58b424cea345d801196dda76fba278b14e7bacaa29d8156f70e4960b
GET /uploads/allimg/211002/2_10020G9114L0.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 108925
last-modified: Fri, 01 Oct 2021 23:19:11 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2BRijyTJ9S2dTGZ8iFm7qf775OoQUeJ8WwtrXx45fdevgvGlts%2BEGHKKEsY%2FrAw6NvJMmJaff%2BLJPyF1LI%2BJBr%2Bs5I03E8Lo0uwXzbsIzbyidrZqYSjngs7gBNeDS3lEiBmjug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720b85fb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020GT91331.jpg
200 OK 79 kB URL GET HTTP/3 sdg453.av6k1.blog/uploads/allimg/211002/2_10020GT91331.jpg
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 4c28cca6f0bfa43ced4193d2d7a328b0
01aa298ec0f7ed91d17fc0bffd4ac4c718ed0e76
c7df1671d869f9141f21f9cf0f9555e401e210554c0b3808fc0937d449bd53a9
GET /uploads/allimg/211002/2_10020GT91331.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 79039
last-modified: Fri, 01 Oct 2021 23:18:49 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCgR7vuHUdtZDDHgxlvGYw5XOJrIl9pyWCa98kogs03Bm5gq60%2FaAId6wTr7bguiH1A5f9SO0DzWkOQ1y8idwK0ihF8Ky1h6%2BhOlFfaR4XwfQru%2Ba1y4Vz1SVnyg9qv%2F76n6rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720c861b524-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-25DH6ETVTY&l=dataLayer&cx=c
200 OK 104 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-25DH6ETVTY&l=dataLayer&cx=c
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (7711)
Size 104 kB (104298 bytes)
Hash 2d6402d7735ce74e8274d88ec5960418
b1cbf1f885e86630c99e81538f27d2a4b74066a2
87d444cdf83112697d9d9605d88f15445fb45e98afe3c504127a213e9dcd0f57
GET /gtag/js?id=G-25DH6ETVTY&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 04:57:13 GMT
expires: Fri, 29 Mar 2024 04:57:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sdg453.av6k1.blog/uploads/allimg/211002/2_10020GG51608.jpg
54 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020GG51608.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash dd91332e057ceca656d79b96aad1390b
41ea329d41e44114eee7713ef8e0444fb64658fd
b81b2e0119d735863459bad4f98a8e1443c9187ad9d897d7b0505b77d32e2586
GET /uploads/allimg/211002/2_10020GG51608.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 53652
last-modified: Fri, 01 Oct 2021 23:17:15 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDe%2BBw2Fsxv4r00j4nO46cLLjZvnhykbvZsTJYkm%2BUHh%2BlJD5S7xEOqGa59YGnZ2NYtNSlyBwYkVHlSLcIoVtM7Mb%2BAWUpW46N7jGxkJcZgofBweU6EqJrDhJWfDMg1gVIR4yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720d86ab524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020H2105c1.jpg
68 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020H2105c1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 6536f3e4d81bb2543d17d86f193db489
37443c84f52e36c68b4e30e4fb083fe5717406e4
3d66cbaaaf29b1f36b7086ca04b18f9dc4ed8cd32defd2fdd8a7cdac89b71c5a
GET /uploads/allimg/211002/2_10020H2105c1.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 67687
last-modified: Fri, 01 Oct 2021 23:22:10 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHebVEqwcD%2B3UPU1yxPGMXNOdNanhjDLc460vjE92AQ7suKY0Ptt3%2BLf%2BK8hyBekAtiUQJV%2FKJF9NLx44MnSp4bC8Vd7mn8Yn4eH0INnwKOyWslduu1ebkEfsLJVwIDUTjP0vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720d86db524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020GRM1P.jpg
60 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020GRM1P.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash 9750670a58ab0b5314ea9565158e17de
6dc726e2057e3dbc3d2fadfbaefb7d13f9112da7
0ab521f81700dba09d5d06a361edf9bc4752ef4655bf14f940c7925cf3e4c25f
GET /uploads/allimg/211002/2_10020GRM1P.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 59661
last-modified: Fri, 01 Oct 2021 23:18:27 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BpBhMfHj4n%2BR4JhVrckUC9YLmFuhL00oGeoHjX7%2FmFCydmMxIEEBUEbNKaCNYAHvL1t6%2F9Yu7Jko%2Ffh84Amtte7xoYe58L0uh67gX%2BGdUeaNL%2BQlQokmophdd%2Fa0xm0QMcQbMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720c863b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020GPBZ8.jpg
130 kB URL sdg453.av6k1.blog/uploads/allimg/211002/2_10020GPBZ8.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Size 130 kB (129891 bytes)
Hash 0d8fbbe8bcecd320f5f6a3dff85b7175
3599b9cbc771301e642b3672e627f95c1d83b12d
fb4df3e5c6742604bcd9bd350031ea7a51edee0310e7bbdc626227cb548d2288
GET /uploads/allimg/211002/2_10020GPBZ8.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 129891
last-modified: Fri, 01 Oct 2021 23:18:06 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KeEJytOK7RPhluxvJkbv90AgIof%2Flk%2FrEompLot%2B%2FqAqlcleBF%2BprY9SJZ3o5Qb3TUZHWYuKVvVAikEmlWOA%2F2d3DXXdR6mQ0p2xmQk434c45sc44NVU5kTujH2EeNMw6jGcgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720c867b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211002/2_10020GJ341P.jpg
200 OK 90 kB URL GET HTTP/3 sdg453.av6k1.blog/uploads/allimg/211002/2_10020GJ341P.jpg
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash f10dcbc94dace891e363562f79b62172
a307fcb050a2228f7fef6e3b809739981a2ed834
079ebc5f616565621c54ff8201520f3301931bc219678cfae1d46ec4194e179c
GET /uploads/allimg/211002/2_10020GJ341P.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 90139
last-modified: Fri, 01 Oct 2021 23:17:43 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fto8xV2yu%2FSW0j1GRnEAzZYp8uEI8p5C5CwXMY4Id9mgjjfNP%2Fl0wEUW6K4ZAay2XJDG9ccmfQCjOgY6ASMlBs9j2thlzCk5QknrRisKOqADJugrpAhEKp8HSsbXGmPlr3xbxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720c869b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/templets/default/new2/images/logoF.png
2.9 kB URL sdg453.av6k1.blog/templets/default/new2/images/logoF.png
IP
File type PNG image data, 170 x 36, 8-bit/color RGBA, non-interlaced
Hash 66e9c5e4c87b05f672d2043c74878978
f9016094853f9646a42497fc9eec6c0a25244d0f
9d1066b0ef4a868ef0409e28ce2deb72300ecf5ac24524abfbe3afab59031665
GET /templets/default/new2/images/logoF.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 2858
last-modified: Tue, 31 Oct 2023 13:25:19 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcgAyFpgLoxf%2Bby2BPHAsZT6W2FX71wCOU4gDB3tYkB1Xb%2Fp4vYzgXHPTkyEKZeRYtHKhyB%2Bw5xyCjGBYVqPfd%2F3wtKNcvyTm6LTp94lCTlFcyq6Dh8Z%2FUL1FhL99yaNgmqE%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd472218b4b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/templets/default/new2/images/icon_02.png
1.2 kB URL sdg453.av6k1.blog/templets/default/new2/images/icon_02.png
IP
File type PNG image data, 28 x 45, 8-bit/color RGBA, non-interlaced
Hash 75fc25e57fb96613f6ba06d8fa1583be
d2c92cc11c05d569d7cb4660800e66b354915be3
97345ef1c6bc3365067f6c34d2dea8b2b373cb1db292e387058d5342467a0fe7
GET /templets/default/new2/images/icon_02.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/png
content-length: 1229
last-modified: Tue, 31 Oct 2023 13:25:19 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UiJUa1LoZ7%2B0KujIwCV5m%2FFhKc%2Fq%2B%2BEIx7VV%2FqCAdwPTkXljnnCdAOor2BaHausVPHxszL1%2ByNlBMIWBuhITwm5wbeE8tkZBQtM53eyAG8cHTxCdtTMVtikCAzVwnhWewqr30Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd472218b5b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211004/2_1004041F14b2.jpg
94 kB URL sdg453.av6k1.blog/uploads/allimg/211004/2_1004041F14b2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Hash a6851c777bc5561fb9a83df628c9441b
2e4dc634b4acceb4fa0db9105095dd6612970685
790f3c999d2e577780a06b19da541d6f26c504be5c0441e641ee8e31814c9309
GET /uploads/allimg/211004/2_1004041F14b2.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 94296
last-modified: Sun, 03 Oct 2021 20:17:01 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILaJKGrXjR%2BRV1P0PKW%2F%2BN%2FinGvm63thPLmNwfGohn28C9YePZt9nbRJyKamSn%2BTt5hYmNSFzh8hIlUsq9SfOc%2Bp2kaQohp7YGzLwb5ippeTMRZw%2F4bLwGYx80H8jGGmJv%2BswA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720d86eb524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/uploads/allimg/211019/2_101Z935214039.jpg
108 kB URL sdg453.av6k1.blog/uploads/allimg/211019/2_101Z935214039.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 800x450, components 3
Size 108 kB (107960 bytes)
Hash 1ad42f5ede9cc15220c364f2cb9cfbf6
8a1416a3180ffa194cf662608be8119394b9265b
4d7a3859528f91bde2db8abfaea160657c8c909e1782af8041b937100c25bf97
GET /uploads/allimg/211019/2_101Z935214039.jpg HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/jpeg
content-length: 107960
last-modified: Tue, 19 Oct 2021 01:35:21 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2ofgRBgEnSIqWtHBe7t8vI7blQlgfjjGKyQyapqVkQfOMbSuTP0UKgTmJwOzZvkWrtqQGIThkr99duz0QgdKLfjjfLM2M4hrZhbH2LzoevsMoMEkziI5c009wtKt0PkqPIB0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720d871b524-OSL
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/includes/cdn/swiper-bundle.min.css
200 OK 4.5 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/cdn/swiper-bundle.min.css
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type ASCII text, with very long lines (13425)
Hash 6b67fc6956f9b56700e464f43aaacd5b
4ef11fb53cfc7bf9eb81ea575f6c32ee5c0ed6d8
e4cdf9c8d405bb31b031aed7790205989422180485c40ac43f5b69748af7d0b9
GET /includes/cdn/swiper-bundle.min.css HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idw5i4Nl%2FyfvH6knJxF4fKo4YcrEsNVgIg%2FYti%2Bru6eHQwyQgq0jUO4YCeFcUWYc9PDEIZCxrsF6eBVfy9iY2NTnZdLLLAYBOq7OjHF8xmR467zZ58A9BAKi0HETgL6pafPnSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720081bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 1.2 kB URL GET HTTP/3 sdg453.av6k1.blog/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type gzip compressed data, from Unix
Hash e195db55b6ddf4f53acf05f804a7fa5f
4b96d34958d2b9b2c002b88c45d3c3811b1ceb99
b799478017d6e84cdbba5198af9a2fa3a2ff7ff1c7512e545b66aaf85a41b14b
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: W/"65fd6d96-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=985ERE46oy91cAbZa%2F4kFnwfowojVuClpSjlXi64DUKCQtHnU66pUr3Avm85YRe7LrkaeKXgynqkBJ4KHBj9KdTN9oCBILNg4EPScCI2t%2FpOGo0HWBdcR1d6Whz4C9KTMDTNbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd472228b6b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 31 Mar 2024 04:57:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
sdg453.av6k1.blog/includes/cdn/1.4.1_jquery.cookie.js
1.9 kB URL sdg453.av6k1.blog/includes/cdn/1.4.1_jquery.cookie.js
IP
File type JavaScript source, ASCII text, with CRLF line terminators
Hash a79ce0f6eed17894a3d9b854fe700461
cf68d8abf7d192a3044cb82ec31c2106e4a2b5bb
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
GET /includes/cdn/1.4.1_jquery.cookie.js HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F4PbphTy94MMN1mIF5cCYaDmyAuxabXiaWiy9xC%2Bl23MtB5sAVCF2C%2B0IIsxoLLPPhGK4Ga7pRKoQUZaEEs0krkzHRKZEewcY05itLn84O3eplfK6A3Z5X8S9cuHCL8yaDFNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720081fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/home/?xyz=https://yandex.com/
200 OK 35 kB URL User Request GET HTTP/2 sdg453.av6k1.blog/home/?xyz=https://yandex.com/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (5500), with CRLF, LF line terminators
Hash 2464e53d52f3cc787db2ee74475f9e97
732b98641cde648adb35ad90ac619b572dc29634
0e8dd50b7a31d6a8a455c1199dfafb167395369aa80b226910ce0f4bb24cb46a
GET /home/?xyz=https://yandex.com/ HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:12 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNYeftzqaNDwWCpSrlre8%2BsPBnBoRXWomS%2FFqXU7N0R6vyqGA7bgKLQEDI05%2FsaRbo0LBlH5GM10KOqcIwbrfqeJbGDJZSkA4Td6MuBMXUlKaMQnybjI5T4CTexWHPL1ngv3zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd471b1d4e56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21803937.js
4.9 kB URL js.users.51.la/21803937.js
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, ASCII text, with very long lines (4898), with no line terminators
Hash 9189d07c4655d8a1b44e4bfe4325a560
0326e0ee53ca2b12c5672e05ce556ae7f062b304
8d9b918be073575897cfcf330c6e09c083694b3f1c500f17247fceca370d9d70
GET /21803937.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 29 Mar 2024 04:57:14 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1711688234
Via: cache20.l2de2[144,143,200-0,M], cache20.l2de2[145,0], ens-cache4.de7[147,146,200-0,M], ens-cache1.de7[147,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 29 Mar 2024 04:57:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: a3b5839517116882340971563e
js.users.51.la/21452705.js
200 OK 4.9 kB URL GET HTTP/1.1 js.users.51.la/21452705.js
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type JavaScript source, ASCII text, with very long lines (4898), with no line terminators
Hash 1a4a17f2330190073eea6736f2932d89
2545d772aef012161b1121d2c6e8bf5723e7a83d
3e185747b0936dae10a0d98c439b36c4a5b7a75dbefb27ffa8d08f9126a6286d
GET /21452705.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 29 Mar 2024 04:57:14 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1711688234
Via: cache14.l2de2[167,166,200-0,M], cache16.l2de2[167,0], ens-cache3.de7[169,168,200-0,M], ens-cache2.de7[170,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 29 Mar 2024 04:57:14 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: a3b5839617116882341023821e
mossimg.xyz/LightPicture/2024/03/eb0c0a4042f9e6d1.gif
310 kB URL mossimg.xyz/LightPicture/2024/03/eb0c0a4042f9e6d1.gif
IP
File type GIF image data, version 89a, 100 x 100
Size 310 kB (309539 bytes)
Hash 25b33faab54421cf786881a3296a2f30
486d5ca8fd8fbc16961b776b3a2f41e3f34aac72
58d0e11e7ac3c8da1841f4f8687517977c1315c50869a0ac88dc2b8619c34e10
GET /LightPicture/2024/03/eb0c0a4042f9e6d1.gif HTTP/1.1
Host: mossimg.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: image/gif
content-length: 309539
last-modified: Sat, 16 Mar 2024 06:33:22 GMT
etag: "65f53d32-4b923"
expires: Tue, 16 Apr 2024 13:53:53 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 1004601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZ0mK%2FD%2FDxxktqL6%2BXwSa3b6pX4hzMlLkDBceZzoprWWlu3qxYLwGnpIAx29VgC5rUy%2Bf2coUU%2Fib3pnCStCU3DCD3tdKFJcA2G4vroCgByLm0xVhr1A1EHs5e4NDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd472859b4b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sdg453.av6k1.blog/includes/images/icon_01.png
1.7 kB URL sdg453.av6k1.blog/includes/images/icon_01.png
IP
File type PNG image data, 34 x 54, 8-bit/color RGBA, non-interlaced
Hash 384a8056b2efbd5158df490690275fe3
af960edc0db36d50fe7ffa48f7d4bb3702c1b948
819ed99aa717bd7d76436341f2f0a7fa75829e7eb33fa6287b8fb9b1d8c4f86b
GET /includes/images/icon_01.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/includes/cdn/style.css?1
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b; _ga_25DH6ETVTY=GS1.1.1711688233.1.0.1711688233.0.0.0; _ga=GA1.1.1101335089.1711688234; __tins__21452705=%7B%22sid%22%3A%201711688234370%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711690034370%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: image/png
content-length: 1655
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUtXIAZ6LKpb7Ece4ipkLFaPMZ8XCjJ7%2BJZA5wt9eQdrtLOpaChnIS0Yaw0ObBrG%2BX5POWmvqRlFQeOegLYlTfYJ8IMcN42VqM5IJYzuswfzC3TuAqTZJcbvgkIKoFGRvCk2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47294ab0b524-OSL
alt-svc: h3=":443"; ma=86400
333bbb555bbb.com/93a2483f7772482b9a5d1fe7d7483b29.gif
97 kB URL 333bbb555bbb.com/93a2483f7772482b9a5d1fe7d7483b29.gif
IP
File type GIF image data, version 89a, 150 x 150
Hash 4ae65fcfb1050f94113918582b9aeff8
4a144bfb79a4b7ba6e3a48b76ac0fe8973bfc325
92719e660322e41389dd7f3cb8eee98173d29125ad39f892c84127df70446c90
GET /93a2483f7772482b9a5d1fe7d7483b29.gif HTTP/1.1
Host: 333bbb555bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:14 GMT
Content-Type: image/gif
Content-Length: 96782
Connection: keep-alive
Last-Modified: Sun, 24 Mar 2024 09:31:43 GMT
ETag: "65fff2ff-17a0e"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
555bbb222bbb.com/bf73ffed0c3942819d1234262c58a18b.gif
200 OK 95 kB URL GET HTTP/1.1 555bbb222bbb.com/bf73ffed0c3942819d1234262c58a18b.gif
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerLet's Encrypt
Subject222bbb888bbb.com
Fingerprint70:86:22:F0:75:47:81:37:A1:13:E3:C8:67:01:FE:E3:FB:FA:2D:B5
ValidityTue, 05 Mar 2024 12:26:32 GMT - Mon, 03 Jun 2024 12:26:31 GMT
File type GIF image data, version 89a, 150 x 150
Hash efdb92def8808acacb9200e1cadc6050
83c1f65c5f824c938869cb356397cf4b9830adca
57164684357003a8fae77fcb9022874fd9294227971c7baf3be55c36b6f78491
GET /bf73ffed0c3942819d1234262c58a18b.gif HTTP/1.1
Host: 555bbb222bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:14 GMT
Content-Type: image/gif
Content-Length: 94955
Connection: keep-alive
Last-Modified: Sun, 24 Mar 2024 09:32:32 GMT
ETag: "65fff330-172eb"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
sdg453.av6k1.blog/includes/images/search.png
468 B URL sdg453.av6k1.blog/includes/images/search.png
IP
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Hash d424cd33a2f7faa4481143a3b16c6e6b
4812716c475863732fd6f277f43e744ba1a057e0
150d8361853c56a6befdd363752372305f4ea598d5d2eae4284d010706067272
GET /includes/images/search.png HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/includes/cdn/style.css?1
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b; _ga_25DH6ETVTY=GS1.1.1711688233.1.0.1711688233.0.0.0; _ga=GA1.1.1101335089.1711688234; __tins__21452705=%7B%22sid%22%3A%201711688234370%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711690034370%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: image/png
content-length: 468
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjl4LVSpivPy7vN2bukq951bErmAfmFoOZNOMPeU0UoNpGkrQJbTp6rE9i8PkfSLvppBt%2B0l011UQB%2FMNz7pqvprtAV3sRCse0WxJNRQgszwbzKnq9f717Kog5UW%2BDxTCZ70Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47294aafb524-OSL
alt-svc: h3=":443"; ma=86400
ads.adxadserv.com/ad?spotid=65e5da0361d6e26da177f88d&type=728x90&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234534&screen=1280x1024&tags=
782 B URL ads.adxadserv.com/ad?spotid=65e5da0361d6e26da177f88d&type=728x90&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234534&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (584)
Hash 60f54b752fd5a8e41768e598eaa3e2e3
04c8567fac8c371daf86a8202851f07b50004394
55acfee16f131724161a9248f9c0adb5b5ece0f837f8cf8215f2ec2fa298ce53
GET /ad?spotid=65e5da0361d6e26da177f88d&type=728x90&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234534&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: text/html; charset=utf-8
content-length: 782
cache-control: no-cache
X-Firefox-Spdy: h2
im.ue8im.com/wg-2023440066/960-120.gif
0 B URL GET im.ue8im.com/wg-2023440066/960-120.gif
IP
ASN #64050 BGPNET Global ASN
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerLet's Encrypt
Subjectim.ue8im.com
Fingerprint7A:A0:7C:61:CB:65:F6:EC:F4:0D:01:38:F4:6A:5B:4B:67:9A:A1:E6
ValidityThu, 29 Feb 2024 11:39:50 GMT - Wed, 29 May 2024 11:39:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wg-2023440066/960-120.gif HTTP/1.1
Host: im.ue8im.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /GE/CC/VALIDATOR?key=a8b3a993817fd2ead6bdedc587294c86.d201afa35f10f8999c2f80f21c025706.1711688234&url=https%3A%2F%2Fim.ue8im.com%2Fwg-2023440066%2F960-120.gif
content-length: 0
date: Fri, 29 Mar 2024 04:57:14 GMT
X-Firefox-Spdy: h2
leafy-feel.com/cjDw9w6/b.2/5/l/ScWDQK9CNADcgS1/O/DAMyyCMKyf0x0tOcD/Ue4wMcznIY0_
200 OK 0 B URL GET HTTP/2 leafy-feel.com/cjDw9w6/b.2/5/l/ScWDQK9CNADcgS1/O/DAMyyCMKyf0x0tOcD/Ue4wMcznIY0_
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerLet's Encrypt
Subjectleafy-feel.com
Fingerprint62:9F:A0:E7:F8:D0:69:E2:ED:35:21:CB:EF:23:28:44:A5:E9:30:E2
ValiditySun, 11 Feb 2024 14:01:27 GMT - Sat, 11 May 2024 14:01:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cjDw9w6/b.2/5/l/ScWDQK9CNADcgS1/O/DAMyyCMKyf0x0tOcD/Ue4wMcznIY0_ HTTP/1.1
Host: leafy-feel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: application/javascript
content-length: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ads.adxadserv.com/ad?spotid=65e5d0ae61d6e24093326998&type=300x250&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234871&screen=1280x1024&tags=
784 B URL ads.adxadserv.com/ad?spotid=65e5d0ae61d6e24093326998&type=300x250&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234871&screen=1280x1024&tags=
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (586)
Hash 3403b5d057e1c138be5dfbad1061449f
9b932261180a432a013b0e2b571990c112833603
5fe617053ce4fd98bf15fbb3fd6dfe89b5c5712b06e685cc016cc3656660169f
GET /ad?spotid=65e5d0ae61d6e24093326998&type=300x250&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234871&screen=1280x1024&tags= HTTP/1.1
Host: ads.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: text/html; charset=utf-8
content-length: 784
cache-control: no-cache
X-Firefox-Spdy: h2
555bbb222bbb.com/b8288faa1cad41cfbf7d54033c2cc0a3.gif
405 kB URL 555bbb222bbb.com/b8288faa1cad41cfbf7d54033c2cc0a3.gif
IP
Certificate IssuerLet's Encrypt
Subject222bbb888bbb.com
Fingerprint70:86:22:F0:75:47:81:37:A1:13:E3:C8:67:01:FE:E3:FB:FA:2D:B5
ValidityTue, 05 Mar 2024 12:26:32 GMT - Mon, 03 Jun 2024 12:26:31 GMT
File type GIF image data, version 89a, 960 x 120
Size 405 kB (405314 bytes)
Hash 68da247da6a941c14f9de4160cb9d80d
8cce4c1dff82331df2db1745553969dc90743ad7
03a0d31020f95b4a73a07c013a08e79d574a2c32caa4412ca8ca7f5584274242
GET /b8288faa1cad41cfbf7d54033c2cc0a3.gif HTTP/1.1
Host: 555bbb222bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:14 GMT
Content-Type: image/gif
Content-Length: 405314
Connection: keep-alive
Last-Modified: Sun, 24 Mar 2024 09:32:17 GMT
ETag: "65fff321-62f42"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
sdg453.av6k1.blog/includes/hilltopads0313.js
200 OK 1.5 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/hilltopads0313.js
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 104ca5e4d7211c7cfd9500c09b72572a
c71a79d7a0eab4e245d08370ee434e4443480d84
a34bad558b3b2f10bc3bd0a73f9f309fb43503a23ce9730c501843fd2798f0b9
GET /includes/hilltopads0313.js HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b; _ga_25DH6ETVTY=GS1.1.1711688233.1.0.1711688233.0.0.0; _ga=GA1.1.1101335089.1711688234; __tins__21452705=%7B%22sid%22%3A%201711688234370%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711690034370%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:14 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:05:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CX7hW3cn20ouPJXghu1sNMy4pVZ5rIcHRWj%2FaQTLUgqkOkW50LqZYvI0ydy9Sh7UwQMMs3KqDGozuKQuPKF5ZoKafBE%2F4rnyfCVsexJwJhk5JgTM1RSX%2FG4l57Z90SCL5Yhs5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4729bad1b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
r.trackwilltrk.com/s1/19babe85-d656-410b-b03e-739008d59c4a?externalId=e0a0878c-c091-49bd-b88d-ded1464184ed&cv1=e0a0878c-c091-49bd-b88d-ded1464184ed&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5daf061d6e273bb1c52cc&cv5=65e5dadf61d6e27a59015b44&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5d0ae61d6e24093326998&cv10=qpa_flat_300x250_av6k.com_26998
1.2 kB URL r.trackwilltrk.com/s1/19babe85-d656-410b-b03e-739008d59c4a?externalId=e0a0878c-c091-49bd-b88d-ded1464184ed&cv1=e0a0878c-c091-49bd-b88d-ded1464184ed&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5daf061d6e273bb1c52cc&cv5=65e5dadf61d6e27a59015b44&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5d0ae61d6e24093326998&cv10=qpa_flat_300x250_av6k.com_26998
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (459)
Hash f60879fbcbd9ef33459ea50b069d88cb
973abf6f4e509f857ab3c351e87dd5eb7ad76817
e9e7e2e47c1cc82e6f0dd2ad796730ad756ac8da2254c58a6d61992344c5fe53
GET /s1/19babe85-d656-410b-b03e-739008d59c4a?externalId=e0a0878c-c091-49bd-b88d-ded1464184ed&cv1=e0a0878c-c091-49bd-b88d-ded1464184ed&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5daf061d6e273bb1c52cc&cv5=65e5dadf61d6e27a59015b44&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5d0ae61d6e24093326998&cv10=qpa_flat_300x250_av6k.com_26998 HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Fri, 29 Mar 2024 04:57:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=ZTAPp-8-p; Path=/; Domain=trackwilltrk.com; Expires=Sat, 30 Mar 2024 04:57:15 GMT; HttpOnly
X-Request-Id: cb5bc52b-e030-4b5b-93a9-a097e3bc8a9c
Content-Encoding: gzip
333bbb555bbb.com/34ecab712b2047c2afcb516e5acbb407.gif
553 kB URL 333bbb555bbb.com/34ecab712b2047c2afcb516e5acbb407.gif
IP
File type GIF image data, version 89a, 960 x 120
Size 553 kB (552807 bytes)
Hash a6c6ab7ec350b1fb51bc87edaca12bf8
809e967faea421bb2a6bade111342076b5428387
3280f26011813406f96a9954a1849acf575dedccf7cc23c9c4daaf76bde50acf
GET /34ecab712b2047c2afcb516e5acbb407.gif HTTP/1.1
Host: 333bbb555bbb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:14 GMT
Content-Type: image/gif
Content-Length: 552807
Connection: keep-alive
Last-Modified: Sun, 24 Mar 2024 09:31:23 GMT
ETag: "65fff2eb-86f67"
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
im.u833ij.com/tu-2022290039/960-120.gif
0 B URL im.u833ij.com/tu-2022290039/960-120.gif
IP
ASN #64050 BGPNET Global ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tu-2022290039/960-120.gif HTTP/1.1
Host: im.u833ij.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /GE/CC/VALIDATOR?key=5d24bfccd3e02d251f44f453d9a98128.0cbdb813969dfc580d75beca6c42ad0d.1711688235&url=https%3A%2F%2Fim.u833ij.com%2Ftu-2022290039%2F960-120.gif
content-length: 0
date: Fri, 29 Mar 2024 04:57:15 GMT
X-Firefox-Spdy: h2
im.ue8im.com/GE/CC/VALIDATOR?key=a8b3a993817fd2ead6bdedc587294c86.d201afa35f10f8999c2f80f21c025706.1711688234&url=https%3A%2F%2Fim.ue8im.com%2Fwg-2023440066%2F960-120.gif
0 B URL im.ue8im.com/GE/CC/VALIDATOR?key=a8b3a993817fd2ead6bdedc587294c86.d201afa35f10f8999c2f80f21c025706.1711688234&url=https%3A%2F%2Fim.ue8im.com%2Fwg-2023440066%2F960-120.gif
IP
ASN #64050 BGPNET Global ASN
Certificate IssuerLet's Encrypt
Subjectim.ue8im.com
Fingerprint7A:A0:7C:61:CB:65:F6:EC:F4:0D:01:38:F4:6A:5B:4B:67:9A:A1:E6
ValidityThu, 29 Feb 2024 11:39:50 GMT - Wed, 29 May 2024 11:39:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GE/CC/VALIDATOR?key=a8b3a993817fd2ead6bdedc587294c86.d201afa35f10f8999c2f80f21c025706.1711688234&url=https%3A%2F%2Fim.ue8im.com%2Fwg-2023440066%2F960-120.gif HTTP/1.1
Host: im.ue8im.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://im.ue8im.com/wg-2023440066/960-120.gif
content-length: 0
date: Fri, 29 Mar 2024 04:57:15 GMT
X-Firefox-Spdy: h2
go.xlrdr.com/i?campaignId=728cps2girl&creativeId=728cps2girl&tag=girls&sourceId=728cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal
0 B URL go.xlrdr.com/i?campaignId=728cps2girl&creativeId=728cps2girl&tag=girls&sourceId=728cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i?campaignId=728cps2girl&creativeId=728cps2girl&tag=girls&sourceId=728cps2girl&targetDomain=&buttonColor=&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&liveBadgeColor=&showButton=1&showModelName=1&showTitle=1&showLiveBadge=1&isXhDesign=0&actionButtonPlacement=bottom&thumbSizeKey=small&hideButtonOnSmallSpots=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&showModal=signup&memberId={clickid}&landing=WidgetV4Universal HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 29 Mar 2024 04:57:15 GMT
content-length: 0
location: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVDEEFVkNrzLraWx7y76y8S7zjLg; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:15 GMT; HttpOnly
server: cloudflare
cf-ray: 86bd472e5804b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sdg453.av6k1.blog/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /includes/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/includes/cdn/4.7.0_font-awesome.css
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b; _ga_25DH6ETVTY=GS1.1.1711688233.1.0.1711688233.0.0.0; _ga=GA1.1.1101335089.1711688234; __tins__21452705=%7B%22sid%22%3A%201711688234370%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711690034370%7D; __51cke__=; __51laig__=2; __tins__21803937=%7B%22sid%22%3A%201711688234883%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711690034883%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: font/woff2
content-length: 77160
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ue62eTdF1mjT8x%2BlWOElvj5Qf4IPTHvo9NXVL6%2BiEhnFpTTjl0tVvwI8nSU%2F9eumiTBtu1LlpXp33TEylhsUepIpElUWtnnAIfwZiNb7zXc7exyBMxDC08h2Z9XSJDsz8kr9Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd472c7b7bb524-OSL
alt-svc: h3=":443"; ma=86400
im.u833ij.com/GE/CC/VALIDATOR?key=5d24bfccd3e02d251f44f453d9a98128.0cbdb813969dfc580d75beca6c42ad0d.1711688235&url=https%3A%2F%2Fim.u833ij.com%2Ftu-2022290039%2F960-120.gif
0 B URL im.u833ij.com/GE/CC/VALIDATOR?key=5d24bfccd3e02d251f44f453d9a98128.0cbdb813969dfc580d75beca6c42ad0d.1711688235&url=https%3A%2F%2Fim.u833ij.com%2Ftu-2022290039%2F960-120.gif
IP
ASN #64050 BGPNET Global ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GE/CC/VALIDATOR?key=5d24bfccd3e02d251f44f453d9a98128.0cbdb813969dfc580d75beca6c42ad0d.1711688235&url=https%3A%2F%2Fim.u833ij.com%2Ftu-2022290039%2F960-120.gif HTTP/1.1
Host: im.u833ij.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: https://im.u833ij.com/tu-2022290039/960-120.gif
content-length: 0
date: Fri, 29 Mar 2024 04:57:15 GMT
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
16 B URL video.ktkjmp.com/adsbygoogle.js
IP
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: Uy+BI0f9xi3njNOl7P4PsULkPp0g6ssxBGHnYb4mQe+eet3x2+C470ZEAYzLvRraWhXf8LMEGWU=
x-amz-request-id: WWWZDEMQD0DJ51HX
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.bbrdbr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 4137
expires: Fri, 29 Mar 2024 08:57:15 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd4730dcc3b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.cgyx.tv:66/tj/tongji.js?v=1.2
200 OK 22 kB URL GET HTTP/1.1 api.cgyx.tv:66/tj/tongji.js?v=1.2
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerSectigo Limited
Subjectapi.cgyx.tv
Fingerprint2F:9C:40:0D:F6:94:56:3E:C5:4B:78:9F:6C:4A:1F:FD:09:77:EC:0A
ValidityThu, 20 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (55808)
Hash b4026f54085e53a8c43db658368ebd1b
cc4b9e416b2d3995c299825eda743c79b4954dac
a26bdaae83661b987ffbd36529120e8c920acef28752da726d6a993bc6e17f20
GET /tj/tongji.js?v=1.2 HTTP/1.1
Host: api.cgyx.tv:66
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 15 Mar 2024 16:24:21 GMT
Vary: Accept-Encoding
ETag: W/"65f47635-da0f"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Server: nginx
X-Cache-Status: HIT
video.ktkjmp.com/adsbygoogle.js
16 B URL video.ktkjmp.com/adsbygoogle.js
IP
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: 4tVeBW1UnfFGDpPQ0uJbW/mMNuaFzhEYmQ3d1Iw6C2BDe1StwtEG5jCWm9N6UyvWj+KiFbQSr44ziARwYsxtbA==
x-amz-request-id: HYSE3CDYTF5VG8V6
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xlrdr.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 3975
expires: Fri, 29 Mar 2024 08:57:15 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd47321d10b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.bbrdbr.com/abc.gif?sourceId=300cps2girlwl&creativeId=300cps2girlwl&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&action=sbSignupWithModel&thumbSizeKey=big&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A399%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A36%2C%22transferSize%22%3A80950%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A17%2C%22transferSize%22%3A4625%7D%5D&mh=-1963164110
200 OK 103 B URL GET HTTP/3 go.bbrdbr.com/abc.gif?sourceId=300cps2girlwl&creativeId=300cps2girlwl&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&action=sbSignupWithModel&thumbSizeKey=big&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A399%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A36%2C%22transferSize%22%3A80950%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A17%2C%22transferSize%22%3A4625%7D%5D&mh=-1963164110
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300cps2girlwl&creativeId=300cps2girlwl&responsive=0&hideButton=1&hideTitle=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&action=sbSignupWithModel&memberId={clickid}
Certificate IssuerLet's Encrypt
Subjectbbrdbr.com
FingerprintFF:18:54:C8:66:67:95:43:BF:60:10:5C:5C:38:B6:B0:03:00:9C:46
ValidityMon, 15 Jan 2024 11:46:02 GMT - Sun, 14 Apr 2024 11:46:01 GMT
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?sourceId=300cps2girlwl&creativeId=300cps2girlwl&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&action=sbSignupWithModel&thumbSizeKey=big&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fr.trackwilltrk.com%2F&i=0&ib=0&filtersMatch=0&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A399%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A36%2C%22transferSize%22%3A80950%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A261%2C%22duration%22%3A17%2C%22transferSize%22%3A4625%7D%5D&mh=-1963164110 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVD3SofQ5NjJpXSe3LV99VaEnDkY; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:15 GMT; HttpOnly
server: cloudflare
cf-ray: 86bd47328acf568f-OSL
alt-svc: h3=":443"; ma=86400
creative.xlrdr.com/widgets/v4/Universal/lang/en.json
13 kB URL creative.xlrdr.com/widgets/v4/Universal/lang/en.json
IP
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: application/json
last-modified: Thu, 28 Mar 2024 08:57:34 GMT
etag: W/"660530fe-ac"
expires: Fri, 29 Mar 2024 04:57:15 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd4731a9ca568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
api.cgyx.tv:66/api/v1/api2/statistics/start?s=e4caf4e536dbc0dbc51bb5bdb81ead80&d=Z0xIUTE3aFJpZTRQaFpOMzN6L1RvSGpNTFd3MGNPZnVwUzVsbFovemNMZHdkTHFNTC8xTTE0ckROcmEycXZ6TlVZaGZJUmtTVU5yTFYvajhnSnNyTjBLNEk5VHdXd25tSDk4UVRjRUtLT2JaZ1VRS01pZFo2cForazM3NlRPQmU2TWluc0hwbmU3T0pweGwrNWdncytDbDNJKzVqQ2hmM0dGdld3alBGNHhOOFE1MUE5SGZFS0wyWEZta3Jpbk5rRC9uVXMyNGFxaDJWRStkcEdXVGVhRVdySVljcTJHTVdsbVhCRkpmRjJadi9iaWU0WHYyWnQ2TkFBMDl2MXFvclRtRG1BVXBiK2htVFNBYlRkRzQwTkpNSTlFbDBubjBtcVVmSnovdzBoUTU5TEk5bE9sTlhMNmpnNFZzMWlqYzVOYkY3VWNKZVFBRUFRaDFHZmhNOGpCeUhyNTZpYzhMRnNRK3hxYy9ucU4vcTZTZnBzQm1nekszY2FKRFpGQ0dMTGtkdHRiWXNLS2FHYXR0dFNzVm5KUlZ3bVpJTmJjZnF5R1kvaTZyMG1hT3Vvbm1CT1RrVWk5TU1DWTRSZ2FOVHM1NUF3L0xWTWphMXlUQ2JRMWkreXFqRmxNNVV6aDM2Qkl5OURvSVV2alk9&t=1711688235897
102 B URL api.cgyx.tv:66/api/v1/api2/statistics/start?s=e4caf4e536dbc0dbc51bb5bdb81ead80&d=Z0xIUTE3aFJpZTRQaFpOMzN6L1RvSGpNTFd3MGNPZnVwUzVsbFovemNMZHdkTHFNTC8xTTE0ckROcmEycXZ6TlVZaGZJUmtTVU5yTFYvajhnSnNyTjBLNEk5VHdXd25tSDk4UVRjRUtLT2JaZ1VRS01pZFo2cForazM3NlRPQmU2TWluc0hwbmU3T0pweGwrNWdncytDbDNJKzVqQ2hmM0dGdld3alBGNHhOOFE1MUE5SGZFS0wyWEZta3Jpbk5rRC9uVXMyNGFxaDJWRStkcEdXVGVhRVdySVljcTJHTVdsbVhCRkpmRjJadi9iaWU0WHYyWnQ2TkFBMDl2MXFvclRtRG1BVXBiK2htVFNBYlRkRzQwTkpNSTlFbDBubjBtcVVmSnovdzBoUTU5TEk5bE9sTlhMNmpnNFZzMWlqYzVOYkY3VWNKZVFBRUFRaDFHZmhNOGpCeUhyNTZpYzhMRnNRK3hxYy9ucU4vcTZTZnBzQm1nekszY2FKRFpGQ0dMTGtkdHRiWXNLS2FHYXR0dFNzVm5KUlZ3bVpJTmJjZnF5R1kvaTZyMG1hT3Vvbm1CT1RrVWk5TU1DWTRSZ2FOVHM1NUF3L0xWTWphMXlUQ2JRMWkreXFqRmxNNVV6aDM2Qkl5OURvSVV2alk9&t=1711688235897
IP
Certificate IssuerSectigo Limited
Subjectapi.cgyx.tv
Fingerprint2F:9C:40:0D:F6:94:56:3E:C5:4B:78:9F:6C:4A:1F:FD:09:77:EC:0A
ValidityThu, 20 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Hash 3a10a377153ab3c0b6edcddfcd55e323
04342844246289915ebe77e71dc91070ce018b79
522768b781b4d35d5f24026eac05b2a4ec83d116d5040a3db467420138c671e1
GET /api/v1/api2/statistics/start?s=e4caf4e536dbc0dbc51bb5bdb81ead80&d=Z0xIUTE3aFJpZTRQaFpOMzN6L1RvSGpNTFd3MGNPZnVwUzVsbFovemNMZHdkTHFNTC8xTTE0ckROcmEycXZ6TlVZaGZJUmtTVU5yTFYvajhnSnNyTjBLNEk5VHdXd25tSDk4UVRjRUtLT2JaZ1VRS01pZFo2cForazM3NlRPQmU2TWluc0hwbmU3T0pweGwrNWdncytDbDNJKzVqQ2hmM0dGdld3alBGNHhOOFE1MUE5SGZFS0wyWEZta3Jpbk5rRC9uVXMyNGFxaDJWRStkcEdXVGVhRVdySVljcTJHTVdsbVhCRkpmRjJadi9iaWU0WHYyWnQ2TkFBMDl2MXFvclRtRG1BVXBiK2htVFNBYlRkRzQwTkpNSTlFbDBubjBtcVVmSnovdzBoUTU5TEk5bE9sTlhMNmpnNFZzMWlqYzVOYkY3VWNKZVFBRUFRaDFHZmhNOGpCeUhyNTZpYzhMRnNRK3hxYy9ucU4vcTZTZnBzQm1nekszY2FKRFpGQ0dMTGtkdHRiWXNLS2FHYXR0dFNzVm5KUlZ3bVpJTmJjZnF5R1kvaTZyMG1hT3Vvbm1CT1RrVWk5TU1DWTRSZ2FOVHM1NUF3L0xWTWphMXlUQ2JRMWkreXFqRmxNNVV6aDM2Qkl5OURvSVV2alk9&t=1711688235897 HTTP/1.1
Host: api.cgyx.tv:66
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:16 GMT
Content-Type: application/json
Content-Length: 102
Connection: keep-alive
Cache-Control: no-cache, private
Access-Control-Allow-Origin: https://sdg453.av6k1.blog
Access-Control-Allow-Methods: POST,GET,DELETE,OPTIONS,HEAD
Access-Control-Allow-Headers: lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 10080
Set-Cookie: HWIDHASH=fe50907a61edf443b9076a1b4f536afd; expires=Sat, 21-Feb-2026 15:36:16 GMT; path=/; httponly
Strict-Transport-Security: max-age=31536000
Server: nginx
video.saawsedge.com/checkUrl
15 B URL video.saawsedge.com/checkUrl
IP
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: video.saawsedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
content-length: 15
date: Thu, 28 Mar 2024 07:37:08 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 86b5f4041c050e59-MXP
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Xxui91H3xr2J_VXaO55d0J8YzM6-evCyZ6pKTW5UciV1A6_yN3Gr2Q==
age: 76808
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1711688160/92628023_webp
200 OK 12 kB URL GET HTTP/3 img.strpst.com/thumbs/1711688160/92628023_webp
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 648x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash a8552916f0052dd09901cb4247b04b0e
7825153d8137ab68453ab11b599152c5953e4efb
aca0019e37d56cd70ada85ecd904041e24fb550192d7174519a2de30b9d4f63d
GET /thumbs/1711688160/92628023_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 12186
etag: "a8552916f0052dd09901cb4247b04b0e"
last-modified: Fri, 29 Mar 2024 04:54:59 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 71
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd473439fa712e-OSL
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1711688160/148146673_webp
200 OK 19 kB URL GET HTTP/3 img.strpst.com/thumbs/1711688160/148146673_webp
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash efc6265639b0fda98601b5f45a4c6f61
8c0dee3d95b1ecddd5211d6787d0f66a430d2b87
63ca1452c219c65dfa2f16245397751d21ae1a269d960c9ab7266db958ac17cd
GET /thumbs/1711688160/148146673_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 19332
etag: "efc6265639b0fda98601b5f45a4c6f61"
last-modified: Fri, 29 Mar 2024 04:55:18 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 72
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd473439fb712e-OSL
alt-svc: h3=":443"; ma=86400
go.xlrdr.com/app/domain-checker/get-check
200 OK 3.0 kB URL POST HTTP/3 go.xlrdr.com/app/domain-checker/get-check
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash ba86f6c03abf0b3de4679499c6c2bb46
d47be053b334a17afb4a381cb6e3b0eee9b5ff55
348c87d31156ca1c722612b2222a12b7b617a48696a1a55e0cf7fd2f440bcd33
POST /app/domain-checker/get-check HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlrdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28upDCGznfDm9XVD3VBZigQJNzkRqu1qWiQhUbBiL; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:16 GMT; HttpOnly
server: cloudflare
cf-ray: 86bd47334a3f568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1711688160/135905778_webp
200 OK 14 kB URL GET HTTP/3 img.strpst.com/thumbs/1711688160/135905778_webp
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash aed8a3bf14e1f7849d6fbc4f525fc8be
b4e7b54c66d32f9b898b51fa155c71ee63885d52
c01322afb6beaf8148303028979b9a335cb807dabce53bd3331feaf2ed747a5c
GET /thumbs/1711688160/135905778_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 14382
etag: "aed8a3bf14e1f7849d6fbc4f525fc8be"
last-modified: Fri, 29 Mar 2024 04:54:49 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 81
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd473439fe712e-OSL
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1711688160/131025976_webp
7.4 kB URL img.strpst.com/thumbs/1711688160/131025976_webp
IP
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash f5c80d7c04ae4c69f29d868f3acde278
b247852263a6e7a3b33a329f44e626fabec82b7c
816cb64f9973cf6c2ad96b307e579fb4cb5bc020e28fe3889c111ad9202425aa
GET /thumbs/1711688160/131025976_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 7356
etag: "f5c80d7c04ae4c69f29d868f3acde278"
last-modified: Fri, 29 Mar 2024 04:55:22 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 71
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd473449ff712e-OSL
alt-svc: h3=":443"; ma=86400
go.xlrdr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1
200 OK 17 kB URL GET HTTP/3 go.xlrdr.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash 84d3d7c78cbf5a2d4fe4e757cadb23d1
d83b6ca69c7fdcbb1cc20b6d77e0d4c54fbf49b1
6a69755d2d7ab89c45520a21c44d3b5e6064451a5d81688c7f476ae0f9b6c3e1
GET /api/models?tag=girls&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1 HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVDEEFVkNrzLraWx7y76y8S7zjLg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: application/json
access-control-allow-origin: https://creative.xlrdr.com
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Fri, 29 Mar 2024 04:56:25 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 86bd4732ba12568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sdg453.av6k1.blog/includes/cdn/myjs.js?1
1.8 kB URL sdg453.av6k1.blog/includes/cdn/myjs.js?1
IP
File type JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Hash 785db698409ce54d6febb01fc3c510b5
306aab004ef3a7786ebb2ed9600a59cbbfa66148
6e8d0de754f6a000dd801b9a46a6a6ccb0a33a55974ccde170fde4b8ebeba449
GET /includes/cdn/myjs.js?1 HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87XxzCdSemp0COals%2BaqskuCMEdbevOxEZi47%2BAb6EHXBrReObJgh8BuTMyWAWPziuTKe%2FDD%2FjrvNn7Rh5ZV80eVILQLjnljRdno7I983ZhaZRzDIoXA6lncr8HNdnTOlAR8ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47200820b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.bbrdbr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.bbrdbr.com/app/domain-checker/check-result
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300cps2girlwl&creativeId=300cps2girlwl&responsive=0&hideButton=1&hideTitle=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&action=sbSignupWithModel&memberId={clickid}
Certificate IssuerLet's Encrypt
Subjectbbrdbr.com
FingerprintFF:18:54:C8:66:67:95:43:BF:60:10:5C:5C:38:B6:B0:03:00:9C:46
ValidityMon, 15 Jan 2024 11:46:02 GMT - Sun, 14 Apr 2024 11:46:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 29 Mar 2024 04:57:16 GMT
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrs3cR5HVWEzYfypfyXEuwrXLsgp; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:16 GMT; HttpOnly
server: cloudflare
cf-ray: 86bd47345b3a568f-OSL
alt-svc: h3=":443"; ma=86400
ocsp.e2m02.amazontrust.com/
279 B URL ocsp.e2m02.amazontrust.com/
IP
Hash 2a340689413ccf6ba465d9506380738e
5ee1c11e5fdc16e3f4450fbf6a502c53da0ae3a4
6eda5a8af334a43f259baf9eee0a2b84784313bee5f0f2e126106fa2070321e5
POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 29 Mar 2024 04:57:16 GMT
Last-Modified: Fri, 29 Mar 2024 03:08:34 GMT
Server: ECAcc (ska/F6E1)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4CZZzRZZRTLnl5jIOJJ4h0yI9uwXrIm6eTKbHeYbqPOK1ckTU92omQ==
Age: 6522
ia.51.la/go1?id=21803937&rt=1711688234883&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=C%25E7%25AB%2599-%25E7%259C%258B%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E7%2594%25B5%25E5%25BD%25B1%25E5%25B0%25B1%25E6%259D%25A5av6k%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E8%25BF%2599%25E9%2587%258C%25E6%259C%2589%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E8%2589%25B2&ing=2&ekc=&sid=1711688234883&tt=AV6K%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591-C%25E7%25AB%2599-%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E6%2583%2585A%25E7%2589%2587%25E7%25BA%25BF%25E4%25B8%258A%25E7%259C%258Bsdg453.av6k1.blog&kw=&cu=https%253A%252F%252Fsdg453.av6k1.blog%252Fhome%252F%253Fxyz%253Dhttps%253A%252F%252Fyandex.com%252F&pu=
0 B URL ia.51.la/go1?id=21803937&rt=1711688234883&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=C%25E7%25AB%2599-%25E7%259C%258B%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E7%2594%25B5%25E5%25BD%25B1%25E5%25B0%25B1%25E6%259D%25A5av6k%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E8%25BF%2599%25E9%2587%258C%25E6%259C%2589%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E8%2589%25B2&ing=2&ekc=&sid=1711688234883&tt=AV6K%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591-C%25E7%25AB%2599-%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E6%2583%2585A%25E7%2589%2587%25E7%25BA%25BF%25E4%25B8%258A%25E7%259C%258Bsdg453.av6k1.blog&kw=&cu=https%253A%252F%252Fsdg453.av6k1.blog%252Fhome%252F%253Fxyz%253Dhttps%253A%252F%252Fyandex.com%252F&pu=
IP
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21803937&rt=1711688234883&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=C%25E7%25AB%2599-%25E7%259C%258B%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E7%2594%25B5%25E5%25BD%25B1%25E5%25B0%25B1%25E6%259D%25A5av6k%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E8%25BF%2599%25E9%2587%258C%25E6%259C%2589%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E8%2589%25B2&ing=2&ekc=&sid=1711688234883&tt=AV6K%25E6%2588%2590%25E4%25BA%25BA%25E7%25BD%2591-C%25E7%25AB%2599-%25E5%2585%258D%25E8%25B4%25B9%25E6%2588%2590%25E4%25BA%25BA%25E5%25BD%25B1%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E6%2583%2585A%25E7%2589%2587%25E7%25BA%25BF%25E4%25B8%258A%25E7%259C%258Bsdg453.av6k1.blog&kw=&cu=https%253A%252F%252Fsdg453.av6k1.blog%252Fhome%252F%253Fxyz%253Dhttps%253A%252F%252Fyandex.com%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 29 Mar 2024 04:57:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=c7b68674da3bba8783579b880b7c6fe66525c9563c87ff9fb8f9cc59cb7bc2cd; Path=/; HttpOnly
acw_tc=1a0c39c717116882360388816e5287d619f274d61536aca1e67204b72cd8f9;path=/;HttpOnly;Max-Age=1800
ocsp.sectigochina.com/
600 B IP
Hash 4e34eceef8ce504684d2e6a055d44b91
72bb17b73e9ceca720b8b9df3f4dc6bbc66a609c
98d64702873da805f6c70a15a6c1950d559ffa910f368e14b6b61128c97986e3
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:16 GMT
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 20:43:14 GMT
Expires: Wed, 03 Apr 2024 20:43:13 GMT
Etag: "72bb17b73e9ceca720b8b9df3f4dc6bbc66a609c"
Cache-Control: max-age=488284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 86bd4734db4856c1-OSL
cambaddies.com/checkUrl
200 OK 15 B IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerLet's Encrypt
Subjectcambaddies.com
Fingerprint5C:01:8B:BC:7A:72:00:EF:22:EC:CA:6F:1D:2D:39:C1:F8:91:09:6B
ValiditySat, 17 Feb 2024 07:52:12 GMT - Fri, 17 May 2024 07:52:11 GMT
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: cambaddies.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://creative.xlrdr.com
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Fri, 29 Mar 2024 04:57:16 GMT
content-length: 15
X-Firefox-Spdy: h2
sdg453.av6k1.blog/video-ads/img/smrk61.ico
5.9 kB URL sdg453.av6k1.blog/video-ads/img/smrk61.ico
IP
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel
Hash 747139902ba516e5f2630b4a96ad28de
935a70970bd2ebd19a7571647383e5d658e09772
b4ba3f07ea2c2216a7badfb2c7d9a8539c36386585f44ed787992686f4e41e36
GET /video-ads/img/smrk61.ico HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/x-icon
last-modified: Sat, 06 May 2023 01:31:00 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1trMzcbey5yFtYSBq4Go3SOQ77PK7mJcXjct3abQvAAVZprjH3mNvjES18UVKzLHYb5m%2F4PQvLQHRlWZumGDPy8ZqUQRv2FHpTUP84pONT1q24pnQERti%2Bw%2F6mwC7AB8OXywyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47201828b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.e2m01.amazontrust.com/
278 B URL ocsp.e2m01.amazontrust.com/
IP
Hash f524f8794a0e80951a3229b9bcf6eae2
0171d408c8e6ea358ecf028c55e23d81a6795ef7
b4a704383b0dc69c39cf2a387bdd753757f60e52baed835dd58feb09b36714b8
POST / HTTP/1.1
Host: ocsp.e2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 278
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 29 Mar 2024 04:57:16 GMT
Last-Modified: Fri, 29 Mar 2024 04:42:52 GMT
Server: ECAcc (ska/F6AF)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OEAOv89p8zDFxNS3UTLLMdFbUcR8oge69TszORlZLKcCudrDebAbSg==
Age: 864
292fff568c425b1bfgg.4vgyjja.cn:8005/sc/4346?n=baazopep
200 OK 9.6 kB URL GET HTTP/1.1 292fff568c425b1bfgg.4vgyjja.cn:8005/sc/4346?n=baazopep
IP
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerCerSign Technology Limited
Subject4ukbzju.cn
FingerprintCA:9D:5C:BD:F4:7D:19:8C:43:8A:66:F8:3C:DD:E3:DF:BE:A0:06:FB
ValidityTue, 27 Feb 2024 00:00:00 GMT - Mon, 27 May 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (9586), with CRLF line terminators
Hash df5943cd6c27256016aed2d82afce06c
005a5c379dc09818d78694fd60351c7f541c2d85
1884e77e32e6ba21ad46a775590b6ff6226322f4b2a071767d38ac6d37d97b57
GET /sc/4346?n=baazopep HTTP/1.1
Host: 292fff568c425b1bfgg.4vgyjja.cn:8005
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 29 Mar 2024 04:57:16 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Pragma: max-age=1800
b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
200 OK 1.5 kB URL GET HTTP/3 b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash e8ea6b350f16dceb79ecb685dc3c25b3
976628e5c81eea180e760a958dd13cd907117cfe
396f31305e29691e57f0f334e41e109a6c5d5397b68f36dd0a09ebc7257a0c27
GET /hls/92628023/92628023.m3u8 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:14 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:16 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cg86LL1aA7QO0X0U6co92cqwnQCyG2lLSh_b0NaACCEqhunymBoBVw==
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023_init_K82qwgZ858yllHYf.mp4
200 OK 1.2 kB URL GET HTTP/2 b-hls-05.doppiocdn.net/hls/92628023/92628023_init_K82qwgZ858yllHYf.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5
Hash 2cac3c6174543ae0dc453ad3968eac5c
0375dd2cbe9ebd89c3ce8c30f89b10ea8909daef
0fe896b116b49cc1e1021933562d7e7f9a7881f259ca150cb68a78c972a7fae0
GET /hls/92628023/92628023_init_K82qwgZ858yllHYf.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: video/mp4
content-length: 1227
server: nginx
last-modified: Fri, 29 Mar 2024 04:53:28 GMT
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:56:49 GMT
cache-control: public, max-age=60, s-maxage=60
etag: "66064948-4cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a1a7tCHlXVmJA6vNkYeAmOiJ4beJoWDcAIxTfFzdsFL2jt6vn_HQFA==
age: 27
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023_117_6eQ0wUUJYvCcbYZR_1711688228.mp4
200 OK 256 kB URL GET HTTP/2 b-hls-05.doppiocdn.net/hls/92628023/92628023_117_6eQ0wUUJYvCcbYZR_1711688228.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 256 kB (256288 bytes)
Hash 9ce416a96f2d0bc06caf954050564272
940ca72e511bb4d9915d93f45867949d3bd839d8
16a61db307f0a665f5f4550e39cf8679c66085bc34383c1bd66c897fb14999e9
GET /hls/92628023/92628023_117_6eQ0wUUJYvCcbYZR_1711688228.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: video/mp4
content-length: 256288
server: nginx
date: Fri, 29 Mar 2024 04:57:11 GMT
last-modified: Fri, 29 Mar 2024 04:57:10 GMT
etag: "66064a26-3e920"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pxMB2B7M-HcujBCveS1_v2QQo9_uyzxOpc-OBr4-zlreWXFs3F1T2A==
age: 5
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
200 OK 257 kB URL GET HTTP/3 b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Size 257 kB (256608 bytes)
Hash e63c3910850256706d03c5859e4d3ad3
fb0e7be413ffd789438abc8773c9bbed9438725a
e738b5c0c9a1eaef96f3508943beb4f29ee7ac23531028319bcef166621b8235
GET /hls/92628023/92628023.m3u8 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:14 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:16 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pjCRKgpR9VPZrnc0EXqYx4KHWncm8rEWFH82wN58EJEEzEZFgafiFQ==
age: 0
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4
200 OK 279 kB URL GET HTTP/2 b-hls-05.doppiocdn.net/hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 279 kB (278920 bytes)
Hash a38e923b200af337d05fb6d3b5845c8b
088d838d098a46ecfbbdf9c5c4677408576845dd
5dcb8260e7ba0b43930a8038c5bf2e1177f45414612ca1ed7cc67d2eec4e7821
GET /hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: video/mp4
content-length: 278920
server: nginx
date: Fri, 29 Mar 2024 04:57:13 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-44188"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: awSH-0Dcx32Wn4AnDPFO0vC84UljQcRmnQfeG7Cfhu2rTFsVd2bHxg==
age: 3
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4
200 OK 279 kB URL GET HTTP/2 b-hls-05.doppiocdn.net/hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 279 kB (278920 bytes)
Hash a38e923b200af337d05fb6d3b5845c8b
088d838d098a46ecfbbdf9c5c4677408576845dd
5dcb8260e7ba0b43930a8038c5bf2e1177f45414612ca1ed7cc67d2eec4e7821
GET /hls/92628023/92628023_118_oWhZBUhC5e2tw1dE_1711688230.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 278920
age: 3
server: nginx
date: Fri, 29 Mar 2024 04:57:13 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-44188"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VEdYM_b68UNUYwH-8gGcgV-MzHpLbAAlddxGjckr9G_tGny0KdFPOA==
b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_init_J7RI6QhcBbq7vBjI.mp4
1.2 kB URL b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_init_J7RI6QhcBbq7vBjI.mp4
IP
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5
Hash d2746d8c84452fad0fbcaa8aa8655df4
ba183afe288717c403835989cb4e94d8fb20e71a
d73fe4083b892cfc00ada5690a2d9b7b4ac8258a957b584f6e5c570d6dd25a10
GET /hls/148146673/148146673_480p_init_J7RI6QhcBbq7vBjI.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 1237
age: 5
server: nginx
last-modified: Fri, 29 Mar 2024 04:40:20 GMT
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:57:14 GMT
cache-control: public, max-age=60, s-maxage=60
etag: "66064634-4d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NvUKnQyUBI7BVcJXYZffT1EKDs-QWShqibGO7FGxkA17UiQnN5wA6w==
b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_504_b2c41KxtDOAAbWgw_1711688228.mp4
298 kB URL b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_504_b2c41KxtDOAAbWgw_1711688228.mp4
IP
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 298 kB (297773 bytes)
Hash b47ade0a7dcba5196637330c3f749131
e9f87c9617851620525a5bd7ec31eadfb448e156
37e3f1e01148b5a764b631c651ff17499b2e246c8012c82d4a1eeabcef05ebf5
GET /hls/148146673/148146673_480p_504_b2c41KxtDOAAbWgw_1711688228.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 297773
age: 5
server: nginx
date: Fri, 29 Mar 2024 04:57:11 GMT
last-modified: Fri, 29 Mar 2024 04:57:10 GMT
etag: "66064a26-48b2d"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _WgqyjtMjMZK3whET41TC8P1REGBznfxoaFaQFiYg9LEIk4qvF38Ww==
b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_505_4zo7J4HoOUFMn33Q_1711688230.mp4
200 OK 316 kB URL GET HTTP/3 b-hls-05.doppiocdn.net/hls/148146673/148146673_480p_505_4zo7J4HoOUFMn33Q_1711688230.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 316 kB (316341 bytes)
Hash b81a527da732730dad73703c5ecf18d0
7992953339359b84cd5fcf3cb3ca1fd7f973ed26
8f606f4f332f4c4e07a855839a3e333440fef187091e67c270025e7714db5f17
GET /hls/148146673/148146673_480p_505_4zo7J4HoOUFMn33Q_1711688230.mp4 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 316341
age: 3
server: nginx
date: Fri, 29 Mar 2024 04:57:13 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-4d3b5"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OpwE-CT5eiP65Gie1tRlC2MKmYlirrQMc3mULyMcOBpsc7dk1iQfiw==
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_init_zuYkYmqowi6ojgaL.mp4
1.2 kB URL b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_init_zuYkYmqowi6ojgaL.mp4
IP
File type ISO Media, MP4 Base Media v5
Hash 7ff73d1639cd7d8a8dc6415e00737a14
98acc4e60168cf704802ff5ea43a478be248bf93
599f8a8cdfbe8df6874e8d93be72ff05104c47565d8769cf1943662bbf8738f8
GET /hls/84739822/84739822_480p_init_zuYkYmqowi6ojgaL.mp4 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 1237
age: 25
server: nginx
last-modified: Fri, 29 Mar 2024 04:27:21 GMT
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:56:51 GMT
cache-control: public, max-age=60, s-maxage=60
etag: "66064329-4d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uIDIxNN65Z27d8sr6OgROPbK7fD1HCo7RNNSjm_F5sDtq1CHDdnRWw==
ocsp.digicert.cn/
471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 844373f0994cae87e5ac9fb62b5cee03
c64887cca9a8f7bd783a222b90d2d84698f5d77e
abc93ce8041a32b14bcb48960039b6809163eb25bf3ac8ecc21d401364202f83
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 29 Mar 2024 04:57:16 GMT
Ali-Swift-Global-Savetime: 1711688236
Via: cache40.l2fr1[211,210,200-0,M], cache40.l2fr1[211,0], cache1.ru4[268,267,200-0,M], cache1.ru4[268,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 29 Mar 2024 04:57:16 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6039517116882366765884e
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_892_BDdL5Q9KCvC2HFPz_1711688228.mp4
331 kB URL b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_892_BDdL5Q9KCvC2HFPz_1711688228.mp4
IP
Size 331 kB (331085 bytes)
Hash 1e105a421fd39989066daffac1dbb218
505b93fe48a1da7a7e66ac9aa9646e746dae03d5
a03d77c831c2037a0abad0bbf9e62d2e842ff887ce6bd517824b4e72eb486c47
GET /hls/84739822/84739822_480p_892_BDdL5Q9KCvC2HFPz_1711688228.mp4 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 331085
age: 5
server: nginx
date: Fri, 29 Mar 2024 04:57:11 GMT
last-modified: Fri, 29 Mar 2024 04:57:10 GMT
etag: "66064a26-50d4d"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: UZnrI4Uzu-tXYv7pwQlE_KLta1Lf_2cSpkFciqW-E7gytJYxErs0bg==
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_893_ZEl9Wfy3m7f6tia3_1711688230.mp4
308 kB URL b-hls-04.doppiocdn.net/hls/84739822/84739822_480p_893_ZEl9Wfy3m7f6tia3_1711688230.mp4
IP
Size 308 kB (308429 bytes)
Hash e3af9c98a6cf568655ba0932611790d6
76ec0c34440232f99f6cc12cb02a0b77528b5a83
5e07e5ec46976de67c9505691b545dcadaa79db74c28e519d121bc072555d90f
GET /hls/84739822/84739822_480p_893_ZEl9Wfy3m7f6tia3_1711688230.mp4 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 308429
age: 4
server: nginx
date: Fri, 29 Mar 2024 04:57:13 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-4b4cd"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LcaAM-J3DXhrzYjC6k1-oA4-wTBpX6mkB5E6ulu6jmku9NvIseWFUQ==
ssd.zmneysz.com:7891/stats/6972/2198?ukey=57a5f19ea2112686f45ec60f122fa1aa&host=sdg453.av6k1.blog
0 B URL ssd.zmneysz.com:7891/stats/6972/2198?ukey=57a5f19ea2112686f45ec60f122fa1aa&host=sdg453.av6k1.blog
IP
ASN #136188 NINGBO, ZHEJIANG Province, P.R.China.
Certificate IssuerSectigo Limited
Subjectapi.cgyx.tv
Fingerprint2F:9C:40:0D:F6:94:56:3E:C5:4B:78:9F:6C:4A:1F:FD:09:77:EC:0A
ValidityThu, 20 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /stats/6972/2198?ukey=57a5f19ea2112686f45ec60f122fa1aa&host=sdg453.av6k1.blog HTTP/1.1
Host: ssd.zmneysz.com:7891
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 04:57:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
Set-Cookie: ukey=57a5f19ea2112686f45ec60f122fa1aa; Path=/; Domain=ssd.zmneysz.com; Max-Age=5184000; HttpOnly; Secure; SameSite=None
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p_init_ljZpc8eOh9KeYAiM.mp4
200 OK 1.2 kB URL GET HTTP/3 b-hls-20.doppiocdn.net/hls/135905778/135905778_480p_init_ljZpc8eOh9KeYAiM.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5
Hash aa9ffb4796180c2e53dbfb0dd1a5be74
535848755688f4344b8f5102f01e2e858bf0ef3d
615f64b696f08a6dabb722375e055f0eb89ce60a0de3233a63c6e3a8b70ef2b5
GET /hls/135905778/135905778_480p_init_ljZpc8eOh9KeYAiM.mp4 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 1235
age: 36
server: nginx
last-modified: Fri, 29 Mar 2024 04:54:12 GMT
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:56:49 GMT
cache-control: public, max-age=60, s-maxage=60
etag: "66064974-4d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8vGHO2y9nwmhV-zr8NItFHiLrtwiafZpNw2MDme8dmUXGRZHWA4r2Q==
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p_695_fiX5UlNl28jsJagl_1711688230.mp4
305 kB URL b-hls-20.doppiocdn.net/hls/135905778/135905778_480p_695_fiX5UlNl28jsJagl_1711688230.mp4
IP
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 305 kB (304837 bytes)
Hash ac43d56ad5896ba6af3cf0b5983f0a83
14e580f668bb4b5fa34b5d59ed5877bf09e17b24
b99fc869567d485c744ae7935c24f51456e296bcf9d800ce68a2720571d81509
GET /hls/135905778/135905778_480p_695_fiX5UlNl28jsJagl_1711688230.mp4 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 304837
age: 4
server: nginx
date: Fri, 29 Mar 2024 04:57:13 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-4a6c5"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cc7345TxvgTBbMOzg-QeH5DSo0_chqxtfcr7B-xGq6Fnxg5FVn5c4A==
go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300cps2girlwl%26creativeId%3D300cps2girlwl%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75%26autoplay%3Dall%26autoplayForce%3D1%26action%3DsbSignupWithModel%26memberId%3D%7Bclickid%7D
200 OK 318 kB URL GET HTTP/2 go.bbrdbr.com/config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300cps2girlwl%26creativeId%3D300cps2girlwl%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75%26autoplay%3Dall%26autoplayForce%3D1%26action%3DsbSignupWithModel%26memberId%3D%7Bclickid%7D
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300cps2girlwl&creativeId=300cps2girlwl&responsive=0&hideButton=1&hideTitle=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&action=sbSignupWithModel&memberId={clickid}
Certificate IssuerLet's Encrypt
Subjectbbrdbr.com
FingerprintFF:18:54:C8:66:67:95:43:BF:60:10:5C:5C:38:B6:B0:03:00:9C:46
ValidityMon, 15 Jan 2024 11:46:02 GMT - Sun, 14 Apr 2024 11:46:01 GMT
Size 318 kB (317551 bytes)
Hash b6e96edf3edad0f84ab94734abf49738
ae41b61121b3497bf3c6b06bc163378ac36b4ef6
456807a1f192337e3581581db6afc1083ec6be2dc67ce786e4f531e3fd102725
GET /config?url=https%3A%2F%2Fcreative.bbrdbr.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%26thumbsMargin%3D0%26gridRows%3D1%26gridColumns%3D1%26sourceId%3D300cps2girlwl%26creativeId%3D300cps2girlwl%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3Debe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75%26autoplay%3Dall%26autoplayForce%3D1%26action%3DsbSignupWithModel%26memberId%3D%7Bclickid%7D HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.bbrdbr.com/
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: application/json
access-control-allow-origin: https://creative.bbrdbr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Fri, 29 Mar 2024 04:49:53 GMT
cf-cache-status: HIT
age: 139
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd4730da7d56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigochina.com/
600 B IP
Hash 90dd1d771fc40e8ed1977cfa87a383fa
286faef011d773596b49d6c896ad586294dbd9cf
780600f239febf2063ccbc50c2fca700235a3faba309fe30c7d3aae2d4408c6f
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 04:57:17 GMT
Content-Type: application/ocsp-response
Content-Length: 600
Connection: keep-alive
Last-Modified: Thu, 28 Mar 2024 17:58:36 GMT
Expires: Thu, 04 Apr 2024 17:58:35 GMT
Etag: "286faef011d773596b49d6c896ad586294dbd9cf"
Cache-Control: max-age=564677,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 86bd473aad0956c1-OSL
b-hls-10.doppiocdn.net/hls/131025976/131025976_480p.m3u8
200 OK 1.6 kB URL GET HTTP/3 b-hls-10.doppiocdn.net/hls/131025976/131025976_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 188c8da24c2ee2f92f4ccc1dc46c4ea0
d8eeea2fbbbeae1140439409d0f759bf54d37f12
2f3f8243c700c516f779fdbd8238a476578f0ae221c6496605d467399be85199
GET /hls/131025976/131025976_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:14 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:17 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: Ya3vzAFfx1YvZaJ8Ub2uOA2aWoMqxshrBOdWEV_L5fnJnld5af0NOw==
b-hls-10.doppiocdn.net/hls/131025976/131025976_480p_210_9hYgw8CdmhZsAYqF_1711688228.mp4
200 OK 310 kB URL GET HTTP/3 b-hls-10.doppiocdn.net/hls/131025976/131025976_480p_210_9hYgw8CdmhZsAYqF_1711688228.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 310 kB (310141 bytes)
Hash af159d1a88690625cb85e096d9300698
989bac23d241ce2b110c42f1206fc77ad5b236f7
27eb31982a0cda3994d7e7debe456c7b94b239692d8a42c344f7738166ff3ef5
GET /hls/131025976/131025976_480p_210_9hYgw8CdmhZsAYqF_1711688228.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 310141
age: 5
server: nginx
date: Fri, 29 Mar 2024 04:57:12 GMT
last-modified: Fri, 29 Mar 2024 04:57:10 GMT
etag: "66064a26-4bb7d"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jBhzVFvd4pXPFn7jg59GV1bpLanqN3r-Vjx4Qzeqd_Ffd6i4eHMoYA==
edge-hls.doppiocdn.net/hls/135905778/master/135905778_480p.m3u8
330 kB URL edge-hls.doppiocdn.net/hls/135905778/master/135905778_480p.m3u8
IP
File type gzip compressed data, from Unix
Size 330 kB (330228 bytes)
Hash 908588ff102f173e28ee9f6acaab091a
3bbf3c90d547337c0e58eb9c247ff15f18699336
11c255e3e86dba5e6fbef5018e06c6f25ed98fd2a4c2e8fa283e671633774905
GET /hls/135905778/master/135905778_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
age: 1
server: nginx
date: Fri, 29 Mar 2024 04:57:16 GMT
last-modified: Fri, 29 Mar 2024 04:57:07 GMT
access-control-allow-origin: *
cache-control: public, max-age=3, s-maxage=3
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FoTNc-TX16ZcVushM7WKv1QxJbGneeX0s5gfMN8Br4GjnkDl7bja_g==
edge-hls.doppiocdn.net/hls/131025976/master/131025976_480p.m3u8
1.4 kB URL edge-hls.doppiocdn.net/hls/131025976/master/131025976_480p.m3u8
IP
File type gzip compressed data, from Unix
Hash 623728612b605d57a9716120a783c033
c904813946790041fcbb8f8228196249a2abd72b
6500b50c287451693d8fce1defdd8a07b4f3df4fd6a1e4cee9aeb877ee3b8ebc
GET /hls/131025976/master/131025976_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:17 GMT
last-modified: Fri, 29 Mar 2024 04:57:07 GMT
access-control-allow-origin: *
cache-control: public, max-age=3, s-maxage=3
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-id: zoNhZHOFDl53Hh_e-WPnYW6E9Gg_xcvblmJkzL-1BhxDyBJSzySI_w==
b-hls-11.doppiocdn.net/hls/27734927/27734927_480p_2213_zmwrLgEx8eVdvjy5_1711688229.mp4
200 OK 326 kB URL GET HTTP/3 b-hls-11.doppiocdn.net/hls/27734927/27734927_480p_2213_zmwrLgEx8eVdvjy5_1711688229.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 326 kB (325609 bytes)
Hash 0d4dc5558124d92afa2ae18194feb658
e6c14b58c9d5aff7f855e36d68cecbbe21524f2c
ad532ca1371d0b7e10f492a83877269a016f37668d0b433a490094babd82b91a
GET /hls/27734927/27734927_480p_2213_zmwrLgEx8eVdvjy5_1711688229.mp4 HTTP/1.1
Host: b-hls-11.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: video/mp4
content-length: 325609
age: 5
server: nginx
date: Fri, 29 Mar 2024 04:57:12 GMT
last-modified: Fri, 29 Mar 2024 04:57:11 GMT
etag: "66064a27-4f7e9"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HlFfVmJwx-1PMxZvye2FdLVljLe58MjrBZW6iWKGCPLebbyXZWUrnw==
b-hls-05.doppiocdn.net/hls/148146673/148146673_480p.m3u8
200 OK 300 kB URL GET HTTP/3 b-hls-05.doppiocdn.net/hls/148146673/148146673_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Size 300 kB (299664 bytes)
Hash dc0bb63e41ca4b99be3951285f49b37f
57ec502d662813971d8bff8bd131d9b694e5755a
cad96447a049eebfd664cc5bf1dd5eb1eedd0f4bc5eccb83428c2522478e76f8
GET /hls/148146673/148146673_480p.m3u8 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:14 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:16 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: NRZGFT5_McSTmCJMI1uQ_gzrmNPd3lSBE4DK4-kgz9zfklFrjfEEMg==
2912.3prndxd.cn:8005/d/4346?t=0.05231269768738622
28 B URL 2912.3prndxd.cn:8005/d/4346?t=0.05231269768738622
IP
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type Unicode text, UTF-8 text, with no line terminators
Hash df2fdee2ff4559c30cabe657eb1e6d3b
1d1fdcd96ac80e5ff51ac33210e57d632335d9cc
fdf8936970164492811051ae6faef978a883f717d5acdd6b55038a70b8ecdf76
GET /d/4346?t=0.05231269768738622 HTTP/1.1
Host: 2912.3prndxd.cn:8005
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Fri, 29 Mar 2024 04:57:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
edge-hls.doppiocdn.net/hls/84739822/master/84739822_480p.m3u8
681 B URL edge-hls.doppiocdn.net/hls/84739822/master/84739822_480p.m3u8
IP
File type gzip compressed data, from Unix
Hash 4f5399b822bc38f16e8fa63774f89fec
60a6e8daa17841be9255309f06a8d30406d64d3a
4beef88f79720bdc1eb95d36c7cb648e72439efe8dcea9c113dc659090dfb4d0
GET /hls/84739822/master/84739822_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:16 GMT
last-modified: Fri, 29 Mar 2024 04:57:11 GMT
access-control-allow-origin: *
cache-control: public, max-age=3, s-maxage=3
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-id: cZJ0Lv-Z0Ymsf1FcKbRHmllyAkrF9MDmp5Gp32W1_u-xguC3vcKNlA==
b-hls-11.doppiocdn.net/hls/27734927/27734927_480p.m3u8
200 OK 799 B URL GET HTTP/3 b-hls-11.doppiocdn.net/hls/27734927/27734927_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 2d15d1613ad2319a54876e1a50a876e4
46f3a802f97f93295cf0de4a4195e0b6e734bcb1
164a3ecd646b62404da3cfcfa8d4407e249e6e9d26876e57916f372a8ce63d5e
GET /hls/27734927/27734927_480p.m3u8 HTTP/1.1
Host: b-hls-11.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:15 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:17 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: hwa074dw12ZkOl8QSHzC2ZimnDDRE52MSgLuQhf4qWZ3LlkkZHFMRg==
kpm.jhzpgw.com:26573/mnrt/nowx4.json
200 OK 3.4 kB URL GET HTTP/1.1 kpm.jhzpgw.com:26573/mnrt/nowx4.json
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerSectigo Limited
Subjectkpm.jhzpgw.com
Fingerprint4F:F4:3D:69:F0:90:64:E5:C0:1D:99:04:78:89:93:CF:F7:0A:7D:5A
ValiditySat, 16 Sep 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hash ce174bc2f2659d1c7bd771ba419abb58
9a6da8d4aaf3cfe52a9b3741ff93cc316d39a3ce
a4dfd5204c687ab46ad8a7b86bc8b6c65d385b75a077f9438f846fc5b02a831b
GET /mnrt/nowx4.json HTTP/1.1
Host: kpm.jhzpgw.com:26573
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 04:57:18 GMT
Content-Type: application/json
Content-Length: 3358
Last-Modified: Thu, 04 Jan 2024 09:36:07 GMT
Connection: keep-alive
ETag: "65967c07-d1e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,PUT,GET,DELETE
Access-Control-Allow-Headers: version, access-token, user-token, Accept, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
292fff568c425b1bfgcc.4btcqjy.cn:8005/d/4346?c=1&n=baazopep
28 B URL 292fff568c425b1bfgcc.4btcqjy.cn:8005/d/4346?c=1&n=baazopep
IP
ASN #140224 STARCLOUD GLOBAL PTE., LTD.
File type Unicode text, UTF-8 text, with no line terminators
Hash df2fdee2ff4559c30cabe657eb1e6d3b
1d1fdcd96ac80e5ff51ac33210e57d632335d9cc
fdf8936970164492811051ae6faef978a883f717d5acdd6b55038a70b8ecdf76
GET /d/4346?c=1&n=baazopep HTTP/1.1
Host: 292fff568c425b1bfgcc.4btcqjy.cn:8005
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.18.0
Date: Fri, 29 Mar 2024 04:57:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
hn.zabiul.com:26579/0212ypnow/3.json
277 kB URL hn.zabiul.com:26579/0212ypnow/3.json
IP
ASN #9808 China Mobile Communications Group Co., Ltd.
Certificate IssuerSectigo Limited
Subjectapi.cgyx.tv
Fingerprint2F:9C:40:0D:F6:94:56:3E:C5:4B:78:9F:6C:4A:1F:FD:09:77:EC:0A
ValidityThu, 20 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
Size 277 kB (277255 bytes)
Hash 89aa2aac84ac892af6e0464eff85ed33
c221360e949f8a79b1f5da9f5eaf2f3884058cd3
1cd896209b599e9f982c92c194d5c3ffb08a65635c965308a91d9493c5bb5407
GET /0212ypnow/3.json HTTP/1.1
Host: hn.zabiul.com:26579
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 20:54:26 GMT
Content-Type: application/json
Content-Length: 277255
Last-Modified: Mon, 12 Feb 2024 15:35:29 GMT
Connection: keep-alive
ETag: "65ca3ac1-43b07"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,PUT,GET,DELETE
Access-Control-Allow-Headers: version, access-token, user-token, Accept, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
edge-hls.doppiocdn.net/hls/92628023/master/92628023.m3u8
200 OK 63 kB URL GET HTTP/2 edge-hls.doppiocdn.net/hls/92628023/master/92628023.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash c0bb2a72d9383ac928e41187dc6fb709
0f64f6796fb1b2f4d7fc3909ad1832e446b5bf1e
4809acbdc068df232d99ccceeed2e51675be3bf682697dd39d79f0b868901ec6
GET /hls/92628023/master/92628023.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.bbrdbr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:02 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:16 GMT
cache-control: public, max-age=3, s-maxage=3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ym_BP07ZOkOYdiiMHbbWNZUblQWZFv6cnHNjGKUzir4t2ZoVHdIN8A==
X-Firefox-Spdy: h2
b-hls-11.doppiocdn.net/hls/27734927/27734927_480p.m3u8
200 OK 796 B URL GET HTTP/3 b-hls-11.doppiocdn.net/hls/27734927/27734927_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 803c19360c2261b0df07d96e9561d887
980fb7014d09b7bec3e2c783eebef3419fe603b4
8a8aa96221cf815a915c7df8da32b1a4b86dc8b365db646bc96afc9878ffd844
GET /hls/27734927/27734927_480p.m3u8 HTTP/1.1
Host: b-hls-11.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:17 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:19 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: xHWHUG96MfvXYIwCmHXIwRfNiHs-4xszViW2OhCbafoTeNfmmkB0aA==
fg.yrwlkjgs.com:9896/effect.php?type=ecv&planid=356&adsid=3293&zoneid=2198&uid=6972&adtplid=1&plantype=cpv
4.8 kB URL fg.yrwlkjgs.com:9896/effect.php?type=ecv&planid=356&adsid=3293&zoneid=2198&uid=6972&adtplid=1&plantype=cpv
IP
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Certificate IssuerSectigo Limited
Subjectapi.cgyx.tv
Fingerprint2F:9C:40:0D:F6:94:56:3E:C5:4B:78:9F:6C:4A:1F:FD:09:77:EC:0A
ValidityThu, 20 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash d75ea0a68d9f995cb7c34920757fdc3b
eaef63602340a1ac14b5803d81854ae5c4a7ec8d
5197ee856a2ae247e034027f59995147d7cd725887644ff32f142e8551ba7832
POST /effect.php?type=ecv&planid=356&adsid=3293&zoneid=2198&uid=6972&adtplid=1&plantype=cpv HTTP/1.1
Host: fg.yrwlkjgs.com:9896
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:21 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
200 OK 7.7 kB URL GET HTTP/3 b-hls-05.doppiocdn.net/hls/92628023/92628023.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash de78a3ba7ba731a05b0a86639e037525
ae71bab56b64ffc3be8f047c6c9d22d4f874c782
64bf3efe35b8d2184b740836714d2aa35edc98be732bb2358a2e1bcec272f198
GET /hls/92628023/92628023.m3u8 HTTP/1.1
Host: b-hls-05.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
age: 0
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:18 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:20 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: INS_dxd2H9akhyfwxVhIsQwwgvpxgtUXjEcg68g7QYs68l2Ab7FnxQ==
b-hls-10.doppiocdn.net/hls/131025976/131025976_480p.m3u8
200 OK 7.9 kB URL GET HTTP/3 b-hls-10.doppiocdn.net/hls/131025976/131025976_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 1f198b1cd8c5ac5effe5f7cbc595f3f2
1b6405f0f64dc802f1f33b64778e3e43cd507b96
b97b3a2b50ba876ef8740871ed78d3a50fb79fb6c8c2cc234dc3f9fb39ccaf11
GET /hls/131025976/131025976_480p.m3u8 HTTP/1.1
Host: b-hls-10.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:18 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:21 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: _XBP6ZVdgA3vyDn2F_T6KZsfNl1yHWCMqkGbCUw-zPSLpAhDejSZdw==
fg.yrwlkjgs.com:9896/c.php?s=JnpvbmVpZD0yMTk4JnNpdGVpZD0mdWlkPTY5NzImYWRzaWQ9MzI5MyZwbGFuaWQ9MzU2JnBsYW50eXBlPWNwdiZ1cmw9aHR0cHMlM0ElMkYlMkZ0OTEyMDIwLnh5eiUzQTcyNjUmdnRpbWU9MjAyNC0wMy0yOSAxMjo1NzoxNiZpcD05MS45MC40Mi4xNTQ=;59448dc6084d0e9718cc160b5b9aa666;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0Ozs7NDg7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnNkZzQ1My5hdjZrMS5ibG9nJTJGaG9tZSUyRiUzRnh5eiUzRGh0dHBzJTNBJTJGJTJGeWFuZGV4LmNvbSUyRiZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9QVY2SyVFNiU4OCU5MCVFNCVCQSVCQSVFNyVCRCU5MS1DJUU3JUFCJTk5Jmw9ZW4tVVMmYz0xJmg9NDg5NA==
200 OK 10 kB URL POST HTTP/2 fg.yrwlkjgs.com:9896/c.php?s=JnpvbmVpZD0yMTk4JnNpdGVpZD0mdWlkPTY5NzImYWRzaWQ9MzI5MyZwbGFuaWQ9MzU2JnBsYW50eXBlPWNwdiZ1cmw9aHR0cHMlM0ElMkYlMkZ0OTEyMDIwLnh5eiUzQTcyNjUmdnRpbWU9MjAyNC0wMy0yOSAxMjo1NzoxNiZpcD05MS45MC40Mi4xNTQ=;59448dc6084d0e9718cc160b5b9aa666;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0Ozs7NDg7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnNkZzQ1My5hdjZrMS5ibG9nJTJGaG9tZSUyRiUzRnh5eiUzRGh0dHBzJTNBJTJGJTJGeWFuZGV4LmNvbSUyRiZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9QVY2SyVFNiU4OCU5MCVFNCVCQSVCQSVFNyVCRCU5MS1DJUU3JUFCJTk5Jmw9ZW4tVVMmYz0xJmg9NDg5NA==
IP
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerSectigo Limited
Subjectfg.yrwlkjgs.com
FingerprintCF:CD:36:9D:6B:7C:FC:53:DF:3C:89:E8:28:1C:F0:25:52:E3:C9:B6
ValiditySun, 10 Mar 2024 00:00:00 GMT - Thu, 10 Apr 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 657f44dd194119956e9524d24e3b3902
06ce69b098c76ad4cc2707a7a29d28bda7249a2c
57d80b68ceb83ef802db7ac5b29b913a636002b05576eab94f1bb2b5000142aa
POST /c.php?s=JnpvbmVpZD0yMTk4JnNpdGVpZD0mdWlkPTY5NzImYWRzaWQ9MzI5MyZwbGFuaWQ9MzU2JnBsYW50eXBlPWNwdiZ1cmw9aHR0cHMlM0ElMkYlMkZ0OTEyMDIwLnh5eiUzQTcyNjUmdnRpbWU9MjAyNC0wMy0yOSAxMjo1NzoxNiZpcD05MS45MC40Mi4xNTQ=;59448dc6084d0e9718cc160b5b9aa666;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0Ozs7NDg7MjQmaz0mc2U9MiZmPTAmdT1odHRwcyUzQSUyRiUyRnNkZzQ1My5hdjZrMS5ibG9nJTJGaG9tZSUyRiUzRnh5eiUzRGh0dHBzJTNBJTJGJTJGeWFuZGV4LmNvbSUyRiZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9QVY2SyVFNiU4OCU5MCVFNCVCQSVCQSVFNyVCRCU5MS1DJUU3JUFCJTk5Jmw9ZW4tVVMmYz0xJmg9NDg5NA== HTTP/1.1
Host: fg.yrwlkjgs.com:9896
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:21 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS
set-cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Wed, 25-Sep-2024 04:57:21 GMT; Max-Age=15552000; path=/; domain=fg.yrwlkjgs.com:9896; secure; HttpOnly; SameSite=None
visitnum=1; expires=Fri, 05-Apr-2024 04:57:21 GMT; Max-Age=604800; path=/; domain=fg.yrwlkjgs.com:9896; secure; HttpOnly; SameSite=None
6972_356=re; expires=Fri, 29-Mar-2024 09:57:21 GMT; Max-Age=18000; path=/; domain=fg.yrwlkjgs.com:9896; secure; HttpOnly; SameSite=None
do2click_356=3293%7C356%7C6972%7C2198%7C; expires=Fri, 29-Mar-2024 07:57:21 GMT; Max-Age=10800; path=/; domain=fg.yrwlkjgs.com:9896; secure; HttpOnly; SameSite=None
doEffect_356=3293%7C356%7C6972%7C2198%7C; expires=Fri, 05-Apr-2024 04:57:21 GMT; Max-Age=604800; path=/; domain=fg.yrwlkjgs.com:9896; secure; HttpOnly; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
sdg453.av6k1.blog/video-ads/img/yanjiusuo93.ico
200 OK 4.3 kB URL GET HTTP/3 sdg453.av6k1.blog/video-ads/img/yanjiusuo93.ico
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Hash 4819f474141f644eebc299b10439fff4
ba58ebfe8c4d3c1366a3cb6855f774cc8b6da763
2624520993ac8758388696795f3dc3d609fb13df32cf8a4d0a12ec9647a07e48
GET /video-ads/img/yanjiusuo93.ico HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: image/x-icon
last-modified: Thu, 24 Nov 2022 06:03:24 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDCrxbT9R%2FeH596qEWKZ33qSHTg96GuUkwpglgCBv9bBaJaaWr9DOnKpxwicirP9DlWYcSVI4MGWvxC8NfdUFmtcuni%2F7ROsfdM%2Bp1qrIMeQJ5PQC1V%2B%2FLvlr8PTytKjcWi9Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd47201827b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.adxadserv.com/js/adb.js
200 OK 1.3 kB URL GET HTTP/2 static.adxadserv.com/js/adb.js
IP
ASN #60068 Datacamp Limited
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerLet's Encrypt
Subject1585977359.rsc.cdn77.org
Fingerprint4C:73:0E:1C:60:E7:FC:DF:1B:10:53:2C:66:FA:51:C4:7F:9B:71:86
ValidityThu, 01 Feb 2024 02:51:19 GMT - Wed, 01 May 2024 02:51:18 GMT
File type JavaScript source, ASCII text, with very long lines (1358), with no line terminators
Hash 79536041fa6e49b2e36f77d18dd54775
cd14cb46a30048c59f391263d052b21e2b22110a
b3eb4913e22a9a3b2a42cdd82d85d1fddf0295df0b0bd846b07cbefba1240f35
GET /js/adb.js HTTP/1.1
Host: static.adxadserv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 01 Feb 2024 12:13:19 GMT
etag: W/"65bb8adf-51a"
x-77-nzt: EwwBuUwJFAH3DXcLAAwBuUwKAQH39RQAAAgBisclxAGh
x-77-nzt-ray: af585630c38ce26c294a0666ba104e06
x-accel-expires: @1711973654
x-77-cache: HIT
content-encoding: gzip
x-accel-date: 1710936860
x-cache-lb: HIT
x-age-lb: 5365
x-77-age: 756738
server: CDN77-Turbo
x-cache: HIT
x-age: 751373
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
r.trackwilltrk.com/s1/228480e4-0735-4638-8f3b-9ff71dfe2002?externalId=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv1=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5db5b61d6e27ba549689a&cv5=65e5db4c61d6e27f85121b46&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5da0361d6e26da177f88d&cv10=ADxAD_IS_728x90_av6k_flat_0.08
200 OK 2.4 kB URL GET HTTP/1.1 r.trackwilltrk.com/s1/228480e4-0735-4638-8f3b-9ff71dfe2002?externalId=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv1=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5db5b61d6e27ba549689a&cv5=65e5db4c61d6e27f85121b46&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5da0361d6e26da177f88d&cv10=ADxAD_IS_728x90_av6k_flat_0.08
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://ads.adxadserv.com/ad?spotid=65e5da0361d6e26da177f88d&type=728x90&output=html&extra1=0&ref=https%3A%2F%2Fsdg453.av6k1.blog%2Fhome%2F%3Fxyz%3Dhttps%3A%2F%2Fyandex.com%2F&dt=1711688234534&screen=1280x1024&tags=
Certificate IssuerLet's Encrypt
Subjectr.trackwilltrk.com
Fingerprint22:2B:CD:C1:1A:BB:3C:0F:BB:DA:6F:0D:71:C4:AA:07:7C:02:39:66
ValidityWed, 13 Mar 2024 12:30:57 GMT - Tue, 11 Jun 2024 12:30:56 GMT
File type HTML document, ASCII text, with very long lines (2455), with no line terminators
Hash f6be924f8d301b4271ed30d101438bb8
190fe936bd1aa607e28a6dd212fed2feb6faf845
5c0479e333c9ba6050d0cd1ed8413cc46191611d8faea9035666df5157247b85
GET /s1/228480e4-0735-4638-8f3b-9ff71dfe2002?externalId=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv1=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5db5b61d6e27ba549689a&cv5=65e5db4c61d6e27f85121b46&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5da0361d6e26da177f88d&cv10=ADxAD_IS_728x90_av6k_flat_0.08 HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ads.adxadserv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Fri, 29 Mar 2024 04:57:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: uid=RpePMz8-M; Path=/; Domain=trackwilltrk.com; Expires=Sat, 30 Mar 2024 04:57:15 GMT; HttpOnly
X-Request-Id: 222f90ce-0f4a-4c14-b4e6-ffcf6f5ef8b0
Content-Encoding: gzip
img.strpst.com/thumbs/1711688160/27734927_webp
200 OK 16 kB URL GET HTTP/3 img.strpst.com/thumbs/1711688160/27734927_webp
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7a16ffd68e133265de567722611ba746
e0e100fd7e1ebd9bc34398f7c2a3969dab0c2de7
258c513a608318aede8df1b9273f9a3c6416d5c6e9fc2cd3a6015be11e45d3bf
GET /thumbs/1711688160/27734927_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 15648
etag: "7a16ffd68e133265de567722611ba746"
last-modified: Fri, 29 Mar 2024 04:54:55 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 75
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd47344a00712e-OSL
alt-svc: h3=":443"; ma=86400
creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
200 OK 811 B URL GET HTTP/2 creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
IP
Requested by https://r.trackwilltrk.com/s1/228480e4-0735-4638-8f3b-9ff71dfe2002?externalId=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv1=793edf46-83e6-4265-b2d4-f97fadeefe5b&cv2=4982d74cc5945eb5f443cbeab8c29c8c&cv3=desktop&cv4=65e5db5b61d6e27ba549689a&cv5=65e5db4c61d6e27f85121b46&cv6=en&cv7=%slava_kpss%&cv8=Firefox&cv9=65e5da0361d6e26da177f88d&cv10=ADxAD_IS_728x90_av6k_flat_0.08
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (872), with no line terminators
Hash 3e45fbd01560d9a1cd68cff1703be08e
1db275a7d248ebb4eac48f8fdd6bd6b4a0d7dd9e
d6e5cd70288432cc129231a458fc766db9267c036b5656a84ec53c59a5d97d65
GET /widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75 HTTP/1.1
Host: creative.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.trackwilltrk.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: text/html
last-modified: Thu, 28 Mar 2024 08:57:34 GMT
expires: Fri, 29 Mar 2024 04:57:22 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd472eb841b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sdg453.av6k1.blog/includes/cdn/touch.min.js
200 OK 13 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/cdn/touch.min.js
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type JavaScript source, ASCII text, with very long lines (12984)
Hash d90a69d4131a7b4b0fadb54a5b4501b6
2a838b7d7625500065506f3849601d8c5133133b
6fbd817cc8fc517a0febdf954ef2d00defc1d976b331f3b21ce6c97145abdf70
GET /includes/cdn/touch.min.js HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyiwTo9G8JlAPiHCH5vFOtutoUs%2B2czu62ukceLRMjrb3Wik8HmOF1cKzbFsq9vfCPA2B%2FRhz409IItca1R1jm16YKknqY%2Bscb0H84I%2FbzV8Z5m38saHYfSporKjx%2FdqxqCToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd472218b1b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
200 OK 722 B URL GET HTTP/3 b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (740), with no line terminators
Hash d9ee782b3ff9d2cefdcaab3ed99e4f76
e2c87dffe9c69723a2e2a7e9a5ec6263130772fc
b6a4825fbbcd3471eb3b98725586cad2a00bd16acf7bc4abf700a86d60a62b08
GET /hls/84739822/84739822_480p.m3u8 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:14 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:16 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: b3UMTCS_VKN7UhOcdQnrJ0VhpjpgbX73IYObOry-d_RrTLud-GnZ5A==
creative.xlrdr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
200 OK 61 B URL GET HTTP/3 creative.xlrdr.com/widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
GET /widgets/v4/Universal/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Mar 2024 08:58:57 GMT
etag: W/"66053151-3d"
expires: Fri, 29 Mar 2024 04:57:20 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqG3jTHqF85wnSu12Lb4oce7nnG4; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:16 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd4735ead5568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.xlrdr.com/app/domain-checker/check-result
204 No Content 0 B URL POST HTTP/3 go.xlrdr.com/app/domain-checker/check-result
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xlrdr.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 173
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Fri, 29 Mar 2024 04:57:16 GMT
access-control-allow-origin: https://creative.xlrdr.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrsnD7QZBLqqpmg3FrHfeRrbPrsW; SameSite=None; Secure; path=/; expires=Sat, 30-Mar-24 04:57:16 GMT; HttpOnly
server: cloudflare
cf-ray: 86bd4735ead7568e-OSL
alt-svc: h3=":443"; ma=86400
edge-hls.doppiocdn.net/hls/148146673/master/148146673_480p.m3u8
200 OK 227 B URL GET HTTP/3 edge-hls.doppiocdn.net/hls/148146673/master/148146673_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 7d44d46030ce076eb14a55620367a3a9
a9598cb876eb0cf5d08c9199cbca73f9f4c6f73c
31442896e376f53fbfac12279a88e2b1f1fe3f756c038680029a759e5966e812
GET /hls/148146673/master/148146673_480p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
age: 1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:03 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:15 GMT
cache-control: public, max-age=3, s-maxage=3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EvK6kltEyps5oswn9-IhmsI1tMPEKcGMc6w_mgjCGqIer3B2Dyfl6w==
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
200 OK 730 B URL GET HTTP/3 b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (748), with no line terminators
Hash 983bb694c3d05acf2ca33dcbc4361f37
3caa095ddad8436493971c0ded53449c36b9f9d2
7dda4a3b784185b33a356c381b74d06906eb37b5b752cc1782b65af26ba9fc0f
GET /hls/135905778/135905778_480p.m3u8 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:29 GMT
last-modified: Fri, 29 Mar 2024 04:57:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: VbClGIgAQddkZ13y0ZMQyAMVCtOsaptOT_8rBJ6s2cnP9P0M2Z6sLg==
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
200 OK 730 B URL GET HTTP/3 b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (748), with no line terminators
Hash c65088f72beb2b87bfb3388323e312d4
878595580b965431a2be5d855414bc90c776f0c3
76e3b6f9c7fce61d8468f5d6a6d6215f066eb7046ab18f44e79f837459216702
GET /hls/135905778/135905778_480p.m3u8 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:27 GMT
last-modified: Fri, 29 Mar 2024 04:57:26 GMT
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: dgNhoPmn-tFYXObNmKKUQ8sBK68Qt9ObHLPoz1MNTgYZ0NHUosHrxA==
sdg453.av6k1.blog/includes/cdn/4.7.0_font-awesome.css
200 OK 37 kB URL GET HTTP/3 sdg453.av6k1.blog/includes/cdn/4.7.0_font-awesome.css
IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Certificate IssuerGoogle Trust Services LLC
Subjectav6k1.blog
Fingerprint96:A7:60:E0:7B:3B:0D:7F:20:E2:FD:90:69:08:C2:1B:FA:9E:67:16
ValidityFri, 22 Mar 2024 15:58:28 GMT - Thu, 20 Jun 2024 15:58:27 GMT
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash c495654869785bc3df60216616814ad1
0140952c64e3f2b74ef64e050f2fe86eab6624c8
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
GET /includes/cdn/4.7.0_font-awesome.css HTTP/1.1
Host: sdg453.av6k1.blog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=261d77af64f61e9e0ba051e6c4fecc3b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:13 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 00:25:54 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gB0MKF9UkpRkzk9mDUPUKATq5itErYahtkGk%2BBnIulvGmUkCsRRj2ugnou8NsZrnMtbfldj2rLRP9MEypcOC%2FGsei%2F4%2FpmjXJsOsIAZY2i0z2rykn3e2d5M55fxCoEs0yip%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd4720081db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-10.doppiocdn.net/hls/131025976/131025976_480p_211_ULQTnXB2m3tfdi5U_1711688230.mp4
200 OK 330 kB URL GET HTTP/3 b-hls-10.doppiocdn.net/hls/131025976/131025976_480p_211_ULQTnXB2m3tfdi5U_1711688230.mp4
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
Size 330 kB (330017 bytes)
Hash 90671d527e38d8087c507c0ba26a6aa4
a1f3862c3835c0b5c599c679818c2e1d868d551b
44857a45963cf92d94f7c8b434a4c43e7e47ebbb3a9fe72e4a69b653efef2a11
GET /hls/131025976/131025976_480p_211_ULQTnXB2m3tfdi5U_1711688230.mp4 HTTP/1.1
Host: b-hls-10.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: video/mp4
content-length: 330017
age: 3
server: nginx
date: Fri, 29 Mar 2024 04:57:14 GMT
last-modified: Fri, 29 Mar 2024 04:57:12 GMT
etag: "66064a28-50921"
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=60
timing-allow-origin: *
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 2TtyevcDbeDCqUmq0uXr92yUL0wzFailu37CLriC8zYLJH7D4khmjA==
bn.dhauifbg.com/sh/to/88
0 B IP
Requested by https://sdg453.av6k1.blog/home/?xyz=https://yandex.com/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sh/to/88 HTTP/1.1
Host: bn.dhauifbg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sdg453.av6k1.blog
DNT: 1
Connection: keep-alive
Referer: https://sdg453.av6k1.blog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
200 OK 722 B URL GET HTTP/3 b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (740), with no line terminators
Hash 637b73772c99b1d15f5ceb1592b6c8c3
f4e72327a503249bf092567b40926ced21d6bd60
3a4f88c67a3202b231e30be20120c841a877e0a09ba7e7135aed9db1bf327e4c
GET /hls/84739822/84739822_480p.m3u8 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
age: 0
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:22 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:24 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lk3Mdsw-J9-Q634Ou8oGyp4ibEA83_v0RzsiYeEtxybu_m5WcftYdg==
img.strpst.com/thumbs/1711688190/92628023_webp
200 OK 13 kB URL GET HTTP/2 img.strpst.com/thumbs/1711688190/92628023_webp
IP
Requested by https://creative.bbrdbr.com/widgets/v4/Universal?tag=girls&thumbsMargin=0&gridRows=1&gridColumns=1&sourceId=300cps2girlwl&creativeId=300cps2girlwl&responsive=0&hideButton=1&hideTitle=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75&autoplay=all&autoplayForce=1&action=sbSignupWithModel&memberId={clickid}
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
Fingerprint15:3B:1E:F6:13:E2:CF:39:35:E5:C5:64:DA:91:8D:43:49:24:9E:A8
ValiditySun, 03 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 648x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 20059d625b2a956ff5f9ed47d153b102
d2e6545badebc0381a4151c28f8c80b9244e86c0
c0b68023de6a1f193c1031bbf2db1a6aab1da4c9296f0c3e4d1111f2e8ca1921
GET /thumbs/1711688190/92628023_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.bbrdbr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:57:16 GMT
content-type: image/webp
content-length: 12902
etag: "20059d625b2a956ff5f9ed47d153b102"
last-modified: Fri, 29 Mar 2024 04:55:59 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 39
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd47330ffab529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xlrdr.com/widgets/v4/Universal/main.fc847eff71bf996e2002.js
200 OK 282 kB URL GET HTTP/3 creative.xlrdr.com/widgets/v4/Universal/main.fc847eff71bf996e2002.js
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerCloudflare, Inc.
Subjectxlrdr.com
FingerprintB7:7A:2F:CD:F6:76:0D:74:98:F0:DA:47:69:84:7D:8C:4E:2C:2D:63
ValidityWed, 03 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Size 282 kB (281850 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/v4/Universal/main.fc847eff71bf996e2002.js HTTP/1.1
Host: creative.xlrdr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:57:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Mar 2024 08:58:57 GMT
etag: W/"66053151-44cfa"
expires: Fri, 29 Mar 2024 04:57:15 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd4730497d568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
200 OK 730 B URL GET HTTP/3 b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (748), with no line terminators
Hash db7cb8f51ef7e7435a125566e0ec77b0
a77a51d41a42e4c721af5413f29a45d445cdc73f
57e62f85589748ad3067d8b84674c936f3d616d97c2e4f51fdcc632234a80ef6
GET /hls/135905778/135905778_480p.m3u8 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:31 GMT
last-modified: Fri, 29 Mar 2024 04:57:30 GMT
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: YHPSp5mOLNIWI8fERevaGXGpPPuF288vbDduRNfw_eydBsCNUkd40A==
b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
200 OK 722 B URL GET HTTP/3 b-hls-04.doppiocdn.net/hls/84739822/84739822_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (740), with no line terminators
Hash f875bb99952015a7ac6ac1033e41f53a
0f59a51a84c142c5f8f2c892ec43aba1e91fc4ec
728bf3873bcb904191f29c9f7452b2160bce5d3085984f6a66ef6d9ed6a1b50e
GET /hls/84739822/84739822_480p.m3u8 HTTP/1.1
Host: b-hls-04.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
last-modified: Fri, 29 Mar 2024 04:57:30 GMT
access-control-allow-origin: *
timing-allow-origin: *
x-proxy-cache-orig: EXPIRED
content-encoding: gzip
date: Fri, 29 Mar 2024 04:57:32 GMT
cache-control: public, max-age=1, s-maxage=1
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: rVzT84_ScboEK6F5k61SAiet70ZAgkzkX-LS--gjFz4OCTauc7isrg==
b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
200 OK 730 B URL GET HTTP/3 b-hls-20.doppiocdn.net/hls/135905778/135905778_480p.m3u8
IP
Requested by https://creative.xlrdr.com/widgets/v4/Universal/?actionButtonPlacement=bottom&autoplay=all&autoplayForce=1&buttonColor=&campaignId=728cps2girl&creativeId=728cps2girl&domain=stripchat&hideButtonOnSmallSpots=1&hideModelNameOnSmallSpots=1&hideTitleOnSmallSpots=1&isXhDesign=0&liveBadgeColor=&memberId=%7Bclickid%7D&showButton=1&showLiveBadge=1&showModal=signup&showModelName=1&showTitle=1&sound=off&sourceId=728cps2girl&tag=girls&targetDomain=&thumbSizeKey=small&trackOff=1&userId=ebe1e2aa04642c4dc9f7e9a5dfdb455c9ef1b6825ab8b9414a96e56e40140e75
Certificate IssuerAmazon
Subject*.doppiocdn.net
Fingerprint3F:C9:5F:74:41:CE:6C:76:DD:E0:68:01:E9:2C:1A:92:54:8B:19:49
ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 03 Oct 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (748), with no line terminators
Hash e0acbd536443457dcb59cbaf8fc83a8b
10260e5727b54593a66aae3a421ce865be3cb41f
1184cf542b2c8e0a9250bab33b4e46db55dd6e65952140b2391b28d176e8d77e
GET /hls/135905778/135905778_480p.m3u8 HTTP/1.1
Host: b-hls-20.doppiocdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.xlrdr.com
DNT: 1
Connection: keep-alive
Referer: https://creative.xlrdr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/vnd.apple.mpegurl
alt-svc: h3=":443"; ma=86400
x-amz-cf-pop: OSL50-C1
server: nginx
date: Fri, 29 Mar 2024 04:57:17 GMT
last-modified: Fri, 29 Mar 2024 04:57:16 GMT
access-control-allow-origin: *
cache-control: public, max-age=1, s-maxage=1
timing-allow-origin: *
x-proxy-cache-orig: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-id: 9TLeWbglkecsa9XOvVGBryX_e_jQLClC3liLhtq8pcTFfjCBSVf2hw==
104.21.45.215
64.32.30.252
185.98.53.2
134.122.130.105
203.107.86.226
154.23.138.124
45.131.147.145
51.222.244.150
185.76.9.25
0.0.0.0