tm-offers.gamingadult.com/?offer=49&uid=507583a4-7fe9-4587-a5fd-cf52fcff602d&lp=49&subid=w1qv2tseo96q06al2jk5n13u
302 Found 0 B URL HTTP/1.1 tm-offers.gamingadult.com/?offer=49&uid=507583a4-7fe9-4587-a5fd-cf52fcff602d&lp=49&subid=w1qv2tseo96q06al2jk5n13u
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?offer=49&uid=507583a4-7fe9-4587-a5fd-cf52fcff602d&lp=49&subid=w1qv2tseo96q06al2jk5n13u HTTP/1.1
Host: tm-offers.gamingadult.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 20 Dec 2022 06:02:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HH-offer49=1; expires=Tue, 20-Dec-2022 18:02:02 GMT; Max-Age=43200; path=/; SameSite=Lax
Location: https://www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7666
Expires: Tue, 20 Dec 2022 08:09:48 GMT
Date: Tue, 20 Dec 2022 06:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8574
Expires: Tue, 20 Dec 2022 08:24:56 GMT
Date: Tue, 20 Dec 2022 06:02:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 05:34:25 GMT
content-type: application/json
age: 1657
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16279
Expires: Tue, 20 Dec 2022 10:33:21 GMT
Date: Tue, 20 Dec 2022 06:02:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wC1nXFgFWK5VqVvQlbCs4VVtdnGQ3rCQnCvnRafApp3QoAw5JIkNdnF9B9BhtACQXCkAcpPd3UM=
x-amz-request-id: Q9MRY5PVZS5XZCCF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 05:29:19 GMT
age: 1963
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e9f860cba7f916fbb2613cd984339ea
e41db2f8c15d55ad8f6856a0d2dadea11289189d
85be8d6a91d358493ea3f145fcef73695b81a07176579b0dcfcb2e3740c2e75f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85BE8D6A91D358493EA3F145FCEF73695B81A07176579B0DCFCB2E3740C2E75F"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Tue, 20 Dec 2022 06:57:13 GMT
Date: Tue, 20 Dec 2022 06:02:02 GMT
Connection: keep-alive
www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
200 OK 2.1 kB URL HTTP/2 www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fadcb09b5e38cbdb2eaf5464c97628c7
89a91ead8a20360eca197512e8e8d9b928ff2796
82084e005f6ea6e3fa4095ae931b0deec8768e44609d114630f621c945ce2f02
GET /?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8= HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; expires=Tue, 20-Dec-2022 14:02:02 GMT; Max-Age=28800; path=/; secure; SameSite=None
lang=en; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
ref_id=24; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc2=1377; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc3=49; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc4=SOI; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
tc5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
tc6=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
tc7=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
tc8=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; SameSite=None
age_verification=1; expires=Wed, 20-Dec-2023 06:02:02 GMT; Max-Age=31536000; path=/; secure; SameSite=None
HAPBK=web2; path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 2138
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.gayharem.com/js/screenfull.js?v=67118461
200 OK 935 B URL HTTP/2 www.gayharem.com/js/screenfull.js?v=67118461
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (2863), with no line terminators
Hash 4dfe9ff40759d6d7316a51d4c38e5f9e
e1e3d4777637e222b1200a6d6bc67135492f9dd0
5ba0c79e328a50335bcd5850178c1f0cb70cd5478e738950a925081d04c49c50
GET /js/screenfull.js?v=67118461 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:50 GMT
etag: "b2f-5efeefd0e8359-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 935
content-type: application/javascript
X-Firefox-Spdy: h2
www.gayharem.com/css/chat.css?v=67118458
200 OK 15 kB URL HTTP/2 www.gayharem.com/css/chat.css?v=67118458
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2d01ac5a3fb2c3339e23e4bf41cbf0aa
e6feaa4b9ee4d19431ebac85c488634a00ce2870
e7157a84d25bbb8104d85c9c312572c1970cdf45720345c1434d9d686f9197d8
GET /css/chat.css?v=67118458 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:23 GMT
etag: "20522-5efeefb7479c9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15318
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Dec 2022 21:07:50 GMT
expires: Sun, 17 Dec 2023 21:07:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 204852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b566e9b898d67738a1dd57804d0434cb
40a8bf96d28ac5f49e6f8db831858b15c1b3e9e9
5f8bc73be62ef28ef124fb964c6eb72f506fca5b8dd5a1e70a0c12884d1c1f71
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 06:02:02 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Dec 2022 03:14:34 GMT
Expires: Mon, 26 Dec 2022 03:14:33 GMT
Etag: "40a8bf96d28ac5f49e6f8db831858b15c1b3e9e9"
Cache-Control: max-age=507750,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77c62ab75e80b50c-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gh1.hh-content.com/clubs/ic_xCross.png
200 OK 1.3 kB URL HTTP/2 gh1.hh-content.com/clubs/ic_xCross.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 82 x 74, 8-bit colormap, non-interlaced\012- data
Hash 8ae89c096a2186b9ed393a2baa1e8886
53917bc9a063bc304440ec6ae17fb1c583c8f9c4
02c88820b0f0b1292dfc9a5ad88c8cbbfd7941a41ca69f00b769b41deb198be6
GET /clubs/ic_xCross.png HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/png
content-length: 1264
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-45810-h-0-0---;6141-31-30442----0-0-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gayharem.com/home.html
200 OK 3.8 kB URL HTTP/2 www.gayharem.com/home.html
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1409)
Hash 383fafb466982b66f71fec5d20d26324
9076201ea37a75a21b7ba6457b76ef381c9a93d4
2e7e0bc27142558586dddb3c6d29e9e8049f7129b656cf99780769a2e69b0fe6
GET /home.html HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
content-length: 3811
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 384a2b2f97397ee2741922068da5bdcd
256bcaf0f153a739623feb917ad1c8745b7a3651
541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gh1.hh-content.com/design/ic_login.svg
200 OK 8.7 kB URL HTTP/2 gh1.hh-content.com/design/ic_login.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5915a8ebac160e3953e4467dedec30b8
df20474ef16fc034e7c9bf27bb1bff222d106032
fec09101a2dbd6d4956c64c59f4898b448ec8dc884cbc01976ce6e6fa6eeb118
GET /design/ic_login.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 8722
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-9944-h-0-0---;6141-28-30442----0-0-1
X-Firefox-Spdy: h2
fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 27984, version 1.0\012- data
Hash 9c01ef3c4862a40bf29bd780e7e88da4
54db29d9cf8092d9c50d477c5d9d9e199c944453
dc6d951120092f271275422fbff657a219671695d03bdd251761e05ee9e86589
GET /s/carterone/v17/q5uCsoe5IOB2-pXv9UcNExN8hA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gayharem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:38 GMT
expires: Sat, 16 Dec 2023 13:33:38 GMT
cache-control: public, max-age=31536000
age: 318504
last-modified: Thu, 21 Apr 2022 17:07:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gayharem.com/js/quest.js?v=67118460
200 OK 7.7 kB URL HTTP/2 www.gayharem.com/js/quest.js?v=67118460
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (31654), with no line terminators
Hash efde19043846eed5c38023dc05d3764a
b989fbd03dcbd78f13c808368f473b7cca93b588
f6180b4fa5a5b80075e4b7f62beb2aeb79c7914409733ebcaf7fbd3b90eb6e0a
GET /js/quest.js?v=67118460 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:46 GMT
etag: "7ba6-5efeefcd0af1a-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7692
content-type: application/javascript
X-Firefox-Spdy: h2
gh1.hh-content.com/design/ic_join.svg
200 OK 1.4 kB URL HTTP/2 gh1.hh-content.com/design/ic_join.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF line terminators
Hash 8ba97dba6572f93deebde7fe83bd5b69
f4cda4f98492c210aa990cf6063e8a79590ae011
f5557fa48f8dcff13b38b1b5055d04768470bc01be5a1a0971fd9293042b1b79
GET /design/ic_join.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 1411
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-13837-h-0-0---;6141-28-30442----0-0-1
X-Firefox-Spdy: h2
gh1.hh-content.com/design/ic_legal.svg
200 OK 2.3 kB URL HTTP/2 gh1.hh-content.com/design/ic_legal.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e12db90b345490737b33530778cf44ee
e873e0209b1a08f5d87dd0534d6fd3311c9f766f
b8f586101e80adb692675c6b21adaad397a7ba1033d45d61d2f0189b78c6cb91
GET /design/ic_legal.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 2320
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-5536-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/quest/ic_eyeclosed.svg
200 OK 1.4 kB URL HTTP/2 gh1.hh-content.com/quest/ic_eyeclosed.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ee4ad4b4410fcc5898cab08a69780cd6
a8ed6e8ef5b181c240270cbcc7aa155405eb3003
1221af76045abbae2c6505da09d58cdee9ece408c45c084198f4b6646e60cb84
GET /quest/ic_eyeclosed.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 1424
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-39153-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/quest/ic_eyeopen.svg
200 OK 1.1 kB URL HTTP/2 gh1.hh-content.com/quest/ic_eyeopen.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d024138a612c10f6f1f53a59ee5e3dd2
eeaf38bfbcc7b8eb245647db978e61db286bcc30
54dc51810c4190a40a490c712bc60a7a2764e6213f8c1b7230836d83de5de996
GET /quest/ic_eyeopen.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 1142
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7846-0-11520-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
www.gayharem.com/js/guest.js?v=67118459
200 OK 529 B URL HTTP/2 www.gayharem.com/js/guest.js?v=67118459
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (1367), with no line terminators
Hash 7348e55be15dc16f98e50b2826ece833
4186367a3694585077625c655a9c503cdabbd545
ea3aab4a54f71ce834d19887b7b10988bb3ba09ed818f92b80ee64150bf59972
GET /js/guest.js?v=67118459 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:31 GMT
etag: "557-5efeefbeb8e66-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 529
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 384a2b2f97397ee2741922068da5bdcd
256bcaf0f153a739623feb917ad1c8745b7a3651
541c129fcb8391e0516ad5f1ee19da5c060ce54cabedfdc7cb65d2af2b4410e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 06:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gh1.hh-content.com/pictures/design/mob_rotation.gif
200 OK 237 kB URL HTTP/2 gh1.hh-content.com/pictures/design/mob_rotation.gif
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type GIF image data, version 89a, 786 x 698\012- data
Size 237 kB (237009 bytes)
Hash e6e83330ff5589bfe920467e9899f31e
c628ffd1e5a5cb9fb54503b2c739bbd958b2de59
1189ad1cf1763829b8d69976c20f8105a2b321894d53cea4bafb7dbe81caec2f
GET /pictures/design/mob_rotation.gif HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/gif
content-length: 237009
last-modified: Thu, 08 Apr 2021 09:29:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-13837-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
images.hh-content.com/gay/pictures/design/logo2.png
200 OK 2.7 kB URL HTTP/2 images.hh-content.com/gay/pictures/design/logo2.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 318 x 250, 8-bit colormap, non-interlaced\012- data
Hash 0c3bb2832345bfd21e34cc9187cd3c4f
5b24617ff5f5e01c22ac97c2b37e668f93d99a50
4a7c61eee015a7b5201c12c84f4906902e08204c0aaf08bd91eea65c797e3bde
GET /gay/pictures/design/logo2.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/png
content-length: 2683
last-modified: Tue, 23 Mar 2021 12:09:11 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-13837-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/ic_loading_carrot.svg
200 OK 3.7 kB URL HTTP/2 gh1.hh-content.com/ic_loading_carrot.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c7ea21734a64fecf0b2b8f54e582e036
2383ef4319d210f37b256cdd05a6e75de60091bc
bd50e89429493ff3043675f67cbbdeea7da18da0ef2a8e0de870eb39dac8dd25
GET /ic_loading_carrot.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
content-type: image/svg+xml
content-length: 3743
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-39153-h-0-0---;6141-28-30442----0-0-0
X-Firefox-Spdy: h2
images.hh-content.com/gay/pictures/design/logo-apple-touch-icon.png
200 OK 1.8 kB URL HTTP/2 images.hh-content.com/gay/pictures/design/logo-apple-touch-icon.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 45596fd87d941cd0a5af48c457dfad57
5c46418a8a2bf547740caca495b2d7ed4ca9e84f
d3b23aeca39a160509db3cc52c620386e594be966c8878ba224bde58f8fc296a
GET /gay/pictures/design/logo-apple-touch-icon.png HTTP/1.1
Host: images.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 1806
last-modified: Thu, 17 Dec 2020 17:04:14 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: images.hh-content.com
accept-ranges: bytes
x-cdn-diag: ams5-6139-0-45810-h-0-0---;6141-24-30442----0-0-1
X-Firefox-Spdy: h2
gh1.hh-content.com/pictures/design/ic_favicon_32px.png
200 OK 5.5 kB URL HTTP/2 gh1.hh-content.com/pictures/design/ic_favicon_32px.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9909e889c21e1f6408588f07147f675c
20e533825b0d5e1791da81ec0e01d5b2992ba717
a04155cd847c3777cd2555cdd2167fbe1ed489a3cf29ebe34f042e497921af9f
GET /pictures/design/ic_favicon_32px.png HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 5479
last-modified: Mon, 26 Jun 2017 12:04:55 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-6141-0-5536-h-0-0---;6141-24-30442----0-0-0
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 05:33:24 GMT
age: 1719
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gayharem.com/js/default.js?v=67118460
200 OK 445 kB URL HTTP/2 www.gayharem.com/js/default.js?v=67118460
IP
ASN #60781 LeaseWeb Netherlands B.V.
Size 445 kB (444934 bytes)
Hash 279a68c184b054ddd82efcc13a5c3bd2
257bd93c5f54aa7fab9e8538491901067461e5a6
a12bb4c762af4b679bbe699ba83babdce311c0b07d100734280cc8b34306b5e5
GET /js/default.js?v=67118460 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:44 GMT
etag: "1ca8f2-5efeefcb007a9-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22144, version 1.0\012- data
Hash f3ad3b3081bb38a18628d88ddf39b8b6
befa33190a885871d06ebf259dc12d0d325fd74c
252063af6ade8b9a744cde4ddad0fc21ea53b8ba711eed121a0c2e8610ea9c93
GET /s/kalam/v16/YA9Qr0Wd4kDdMtDqHTLMkiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gayharem.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Dec 2022 14:44:58 GMT
expires: Sun, 17 Dec 2023 14:44:58 GMT
cache-control: public, max-age=31536000
age: 227825
last-modified: Tue, 26 Apr 2022 15:48:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gh1.hh-content.com/design/ic_fullscreen.svg
200 OK 9.1 kB URL HTTP/2 gh1.hh-content.com/design/ic_fullscreen.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0831c44a1a21d67c02ef25bc69e5b889
b160e53081718dfbde5d57fc71d3d09e7d263eac
ceb0ca832f16fdb1647cbf5d34d6c095dd6ad6b8b842dc2cf7317f15dcbe2f76
GET /design/ic_fullscreen.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/svg+xml
content-length: 9108
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-9948-h-0-0---;6141-30-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/design/menu/sound_on.svg
200 OK 2.3 kB URL HTTP/2 gh1.hh-content.com/design/menu/sound_on.svg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c89b911deef6444f334ee6bec8b70bae
8e9121d4a8eb7cac274a7cc6b9665531d908e604
7c114f2ad2ce1fb762d9a537d35c75de9901a6885e00a77aa1b9486dd8169c8f
GET /design/menu/sound_on.svg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/svg+xml
content-length: 2269
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
vary: Accept-Encoding
accept-ranges: bytes
x-cdn-diag: ams5-6249-0-13836-h-0-0---;6141-30-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
200 OK 500 B URL HTTP/2 gh1.hh-content.com/design/quest_fullscreen/quest_exit_fullscreen.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 0be950aa354017dc58d2523c5d7bb687
d0fc1a220cdc3975fa92ac6f5f7b118048c54902
10bc9639649542c420fdec036e7aceedb3b16a0081c33fc97125c07b90f2b6b8
GET /design/quest_fullscreen/quest_exit_fullscreen.png HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 500
last-modified: Fri, 23 Sep 2022 06:45:28 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-9948-h-0-0---;6141-30-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/pictures/design/ic_soft_currency.png
200 OK 4.8 kB URL HTTP/2 gh1.hh-content.com/pictures/design/ic_soft_currency.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 628032e842e346860ba4132a5b66fe93
d441605bb3c43621520525758d75b9c9bc99831a
1fbde569f6ce61dc1302f088318f2d1acdc24b85475e998bda540fc131c4f04a
GET /pictures/design/ic_soft_currency.png HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 4783
last-modified: Wed, 13 Mar 2019 16:03:42 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-7619-0-9948-h-0-0---;6141-30-30442----0-0-0
X-Firefox-Spdy: h2
gh1.hh-content.com/design_v2/gh_ic_XP.png
200 OK 4.3 kB URL HTTP/2 gh1.hh-content.com/design_v2/gh_ic_XP.png
IP
ASN #11019 HAPROXY-TECHNOLOGIES
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 56afc911f1367343363901032f074bb1
b2db1da840e402fb2861f2294a914c1cdafd3329
07e4cfffe075e888a8d21fb449717f4f40d1e2c962591146563d87e74ce70799
GET /design_v2/gh_ic_XP.png HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 4317
last-modified: Tue, 05 May 2020 14:59:59 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
accept-ranges: bytes
x-cdn-diag: ams5-6140-0-39151-h-0-0---;6141-30-30442----0-0-0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3ca04c6f99b03a4822077d9406b1a3f7
5a09a78930193c5bc472ec10ebcc0ced8d8f11d5
eb5fc7bd32645b1cb70d68c4336b00410b57c4d33cbae078ea3ea5811ee19f42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB5FC7BD32645B1CB70D68C4336B00410B57C4D33CBAE078EA3EA5811EE19F42"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5871
Expires: Tue, 20 Dec 2022 07:39:54 GMT
Date: Tue, 20 Dec 2022 06:02:03 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0kcg7ca2BgS6XdbezBuHGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OXYMn7jeRg3NkRIUm8hA1aKqpDc=
www.gayharem.com/ajax.php
200 OK 16 B URL HTTP/2 www.gayharem.com/ajax.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /ajax.php HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: https://www.gayharem.com
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:03 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 16
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2
use.typekit.net/lfu1uah.css
200 OK 827 B URL HTTP/2 use.typekit.net/lfu1uah.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash 23cb3bd0e9baa58586be8877ed1fa4cf
4ba80bb386eced49c48a45d0f1760810178e4fbe
9170aa9c3289e5e5d09f40bc0941d772e3d4cde22e5f145eafdfa7b68118ad69
GET /lfu1uah.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 827
date: Tue, 20 Dec 2022 06:02:03 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css
IP
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=lfu1uah&ht=tk&f=34212.34213.34214.34215.34216.34217&a=13331608&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: text/css
cross-origin-resource-policy: cross-origin
etag: "613bee4d-5"
last-modified: Fri, 10 Sep 2021 23:46:21 GMT
server: nginx
content-length: 5
unused62: 8096267
date: Tue, 20 Dec 2022 06:02:03 GMT
X-Firefox-Spdy: h2
gh1.hh-content.com/pictures/audio/bg_music_2.ogg
206 Partial Content 31 kB URL HTTP/2 gh1.hh-content.com/pictures/audio/bg_music_2.ogg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
Hash 9f239050435104f4eb479ed551bc572e
6fb1f2be5cc8d1c7a37ad1817dc93352032aba7e
254539f96da4f49640a68355510591e55b42825ae910fe5b8f58961f93b7a416
GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=1802240-
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: audio/ogg
content-length: 31368
last-modified: Mon, 22 Feb 2021 10:25:29 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
content-range: bytes 1802240-1833607/1833608
x-cdn-diag: ams5-7846-0-11520-h-0-0---;6141-24-30442----0-0-1
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/show.svg
200 OK 510 B URL HTTP/2 eggs-content.kinkoid.com/authentication/show.svg
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (510), with no line terminators
Hash aae407daa4dba9e5d6b2ddf37a0f1b41
fa37c7736d6c33b9e62349cc65d0252bc715cb47
84bc80996a1db1c515d60d9fb037042d6220adc9b5be3bf279b06013fc9d6aa2
GET /authentication/show.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/svg+xml
content-length: 510
last-modified: Tue, 14 Jul 2020 06:31:15 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/hide.svg
200 OK 748 B URL HTTP/2 eggs-content.kinkoid.com/authentication/hide.svg
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (748), with no line terminators
Hash cad59edc70e2ae6387ab04e4f961528f
c7bb66aa521e859f4d8a35b6b8da847862e24413
51bdb6a686feff9b34838a4e975c4ed30fb665543036b1f8adc6036be0764192
GET /authentication/hide.svg HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/svg+xml
content-length: 748
last-modified: Tue, 14 Jul 2020 06:31:25 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/gay/logo.png
200 OK 3.0 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/gay/logo.png
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 200 x 164, 8-bit colormap, non-interlaced\012- data
Hash 2a358132cf75e190deb6c8b897a15e56
96355ada6eeb3ff2530d7f926864a7db88fc5f65
931960a7b78fb2fa8055a2e9ee7c45898fea75efd117008a7d689fbac85d122f
GET /authentication/gay/logo.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 2957
last-modified: Tue, 01 Sep 2020 04:45:50 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gayharem.com/js/chat.js?v=67118460
200 OK 520 kB URL HTTP/2 www.gayharem.com/js/chat.js?v=67118460
IP
ASN #60781 LeaseWeb Netherlands B.V.
Size 520 kB (520398 bytes)
Hash e2e481e75923eea813beec80d472ea23
48cb5968d64f585fa2e445fb5aeded2eff9f1d3d
9dc6eaadc456d671ab2ade4a825eae38cfd7a149a5a16e1bb249b95df315cfec
GET /js/chat.js?v=67118460 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/?ref_id=24&noagev=1&tc1=HH99c932322d8dc0e6c29111fd7c95e5ca&tc2=1377&tc3=49&tc4=SOI&tc5=&tc6=&tc7=&tc8=
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:49 GMT
etag: "65bd9-5efeefcfb39cf-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/gay/register.png
200 OK 392 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/gay/register.png
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size 392 kB (392512 bytes)
Hash 014ad549dd3e2f34fb0ce16437a644c1
1afbae4d3c8495e66e14d7a8f6f5d4ac0ec4aea7
d8b94f33162a2d00a49187fdc97a7be901a72a503c90067673e7828dacfef9ec
GET /authentication/gay/register.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 392512
last-modified: Tue, 01 Sep 2020 05:53:58 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
eggs-content.kinkoid.com/authentication/gay/authenticate.png
200 OK 640 kB URL HTTP/2 eggs-content.kinkoid.com/authentication/gay/authenticate.png
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1200 x 3000, 8-bit colormap, non-interlaced\012- data
Size 640 kB (640316 bytes)
Hash 9f61fff17d7fd4367fbc28ddde97b9e4
8f91f4746c5f0ccbd3fe1b3a7accd3c8cd3d8323
7c79b819840ba34b6551d63e354b836e4bdaa6d030c0f747b901be73e181197b
GET /authentication/gay/authenticate.png HTTP/1.1
Host: eggs-content.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eggs-ext.kinkoid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: image/png
content-length: 640316
last-modified: Tue, 01 Sep 2020 05:53:58 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5835
Expires: Tue, 20 Dec 2022 07:39:19 GMT
Date: Tue, 20 Dec 2022 06:02:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
200 OK 2.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac396f580b50a626abbeb37c0ec5f005
626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb
3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2054
x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabqhHE6IAMFrxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: uJwyFukmL1DoqJnY-yzKVBLtnEITiYMDkVoZoXm46QGdni9vkzUTMA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:32 GMT
age: 29612
etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0b328a68846a842022c81d3cc08fa08
d400aa9d94ed7bad420b7dd83a618a538713d86e
76479b700a2ce9b43031a388ecd0d3d321d18c7076127bcdca520c92fa4fefdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5274
x-amzn-requestid: 9d08eee5-b9fa-41d1-a5b2-136e1cd86210
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4ZtGvlIAMFwfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10771-7c8c7f92746175e72592c2f9;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:53:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pciCvoLd69t8TZVg4j5Oen1cVB94Swa8Ya3uViN2FunwyOQHNADIhg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:42:56 GMT
etag: "d400aa9d94ed7bad420b7dd83a618a538713d86e"
content-type: image/jpeg
age: 15548
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:48:36 GMT
age: 29608
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8218fde73bff9978e07b0e06e1f7f0fb
ab15f8d74ea032d89f65603b4eef2377dc97e358
134d5a1046ea50f37f0234a4d1d167130b2950a1d61e93e2340dccbc922b4844
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa02d8232-1c91-401a-912a-46f6c668862e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9493
x-amzn-requestid: 54028261-e98d-4bb6-98da-51d41edc6d2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da61jElIIAMFl8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b56-7eeb3b142dd3d0f92e9fa9ba;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:09:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: oXQy1PwLBW8u0kv_sHcypb8QB6xwLtYMy4eWRZVQaD2xYjpw2dGA3A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:48:38 GMT
age: 15206
etag: "ab15f8d74ea032d89f65603b4eef2377dc97e358"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9202be4f-c80f-463e-ae97-df62e4689fe3.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9202be4f-c80f-463e-ae97-df62e4689fe3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f6e7d0dd2bed1d198a2be85d9ad3748
70d1ae32facfe702116c64c5fbc18dda254588d7
38d81432aa46cdcf8184fb452abe0ce42bbc35d3416ee39215d5d15b33e6ee30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9202be4f-c80f-463e-ae97-df62e4689fe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9262
x-amzn-requestid: 5f669f48-a92e-48a0-85bd-214eb779f11b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4ZwFtKoAMFnSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10771-0db735056340356f6a8b64af;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:53:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QtmwsZ-NQB5bZ1dMuvaSFiP7jcTtsWnstccWbZiDj_aE10iYJjlwTw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:33:13 GMT
etag: "70d1ae32facfe702116c64c5fbc18dda254588d7"
content-type: image/jpeg
age: 16131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b4e4cb2-4665-41c2-b4a2-770e29ed1a93.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b4e4cb2-4665-41c2-b4a2-770e29ed1a93.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1880bdabcb88af6220135bd6161fa32c
0998869e44aa5fcf4f9b27fc6698793716134f20
dce294bff18f231e388ebf4c32d74e7babc085407c220566a12978fc18fe547e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b4e4cb2-4665-41c2-b4a2-770e29ed1a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10170
x-amzn-requestid: 1c055e82-1ed3-4861-a026-56bd6da8b4db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4KKEruoAMF0VA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a1070d-3b2f511749fba8622a03eeb5;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:51:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qjvt-uaAETnHXPvExfwby0Iun22qXXz5hFT3S9pU1Cyzs9yzJvtkmQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:39 GMT
age: 17605
etag: "0998869e44aa5fcf4f9b27fc6698793716134f20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gh1.hh-content.com/pictures/audio/bg_music_2.ogg
206 Partial Content 0 B URL HTTP/2 gh1.hh-content.com/pictures/audio/bg_music_2.ogg
IP
ASN #11019 HAPROXY-TECHNOLOGIES
GET /pictures/audio/bg_music_2.ogg HTTP/1.1
Host: gh1.hh-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 20 Dec 2022 06:02:03 GMT
content-type: audio/ogg
content-length: 1833608
last-modified: Mon, 22 Feb 2021 10:25:29 GMT
cache-control: public, max-age=2592000
access-control-allow-origin: *
x-vhost-info: gh
content-range: bytes 0-1833607/1833608
x-cdn-diag: ams5-7846-0-11520-h-0-0---;6141-24-30442----0-0-0
X-Firefox-Spdy: h2
www.gayharem.com/img/quests/1/1/1600x/p1a.jpg
200 OK 0 B URL HTTP/2 www.gayharem.com/img/quests/1/1/1600x/p1a.jpg
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /img/quests/1/1/1600x/p1a.jpg HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
cache-control: private, max-age=2629000, pre-check=2629000
pragma: private
expires: Sat, 31 Jan 70 11:16:40 +0100
strict-transport-security: max-age=31536000
content-type: image/jpg
X-Firefox-Spdy: h2
www.gayharem.com/phoenix-tr_labels-en-1183.js
200 OK 0 B URL HTTP/2 www.gayharem.com/phoenix-tr_labels-en-1183.js
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /phoenix-tr_labels-en-1183.js HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
content-encoding: gzip
cache-control: private, max-age=604800, pre-check=604800
pragma: private
expires: Thu, 08 Jan 70 01:00:00 +0100
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script
IP
GET /css?family=Carter+One|Kalam:700|Mr+Dafoe|Alegreya+Sans:700i|Marck+Script HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Dec 2022 06:02:02 GMT
date: Tue, 20 Dec 2022 06:02:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gayharem.com/css/default.css?v=67118458
200 OK 0 B URL HTTP/2 www.gayharem.com/css/default.css?v=67118458
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /css/default.css?v=67118458 HTTP/1.1
Host: www.gayharem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/home.html
Cookie: HH_SESS_14=nnmbshntipbpuf6rsi8k53l0qf; lang=en; ref_id=24; tc1=HH99c932322d8dc0e6c29111fd7c95e5ca; tc2=1377; tc3=49; tc4=SOI; age_verification=1; HAPBK=web2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 06:02:02 GMT
server: Apache
strict-transport-security: max-age=31536000
last-modified: Fri, 16 Dec 2022 09:56:20 GMT
etag: "1a5ced-5efeefb4a0e54-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
eggs-ext.kinkoid.com/authentication/start_authentication?product_id=2&language=en&purpose=authenticate
200 OK 0 B URL HTTP/2 eggs-ext.kinkoid.com/authentication/start_authentication?product_id=2&language=en&purpose=authenticate
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /authentication/start_authentication?product_id=2&language=en&purpose=authenticate HTTP/1.1
Host: eggs-ext.kinkoid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gayharem.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST, GET
access-control-max-age: 2592000
access-control-allow-headers: protocol
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 06:02:03 GMT
X-Firefox-Spdy: h2
137.74.247.34
23.36.76.122
142.250.74.131
94.75.250.120
104.18.32.68