webgf.pw/images/logo.png
200 OK 10 kB IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 224 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 05013865bcc360088fe077a4ac82648a
06ce64c46a10e3be138362b601ad2deac72b2cbf
e8c4f262187649455961c5e049ea714a99d7fef2225aad00acf5cd07e5815e1e
GET /images/logo.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 10233
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 06:57:40 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 514604
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqLgd7f54IkeN72e7XF5FbSSMBtRgirYzYJwy0DCfj56hq0CFbuCpCvy%2BpbEo1Q2qn36j01ulRmfOVVHYbmW7E2qWRIwRg80Fs2HJiEWFZQOCOBfFIWajdRzyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08c419bf56ab-OSL
alt-svc: h3=":443"; ma=86400
webgf.pw/images/collapse.png
200 OK 369 B URL GET HTTP/3 webgf.pw/images/collapse.png
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c
GET /images/collapse.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 369
cache-control: public, max-age=604800
expires: Sat, 09 Dec 2023 10:31:22 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 242586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9OEJBaYqp8S6TNzBq115KdHYUspIFI0QCRnIk6FjxdXUgLs0Rk1PDM7%2Fk8wIBtzw4x3crHgq3tk3Y2wH4hj2bStYIbwIg6H30fOS%2BkT9B3l772K%2BC07CeQCRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08c429cb56ab-OSL
alt-svc: h3=":443"; ma=86400
mrteen.cc/banner/mrt_banner468.jpg
200 OK 13 kB URL GET HTTP/2 mrteen.cc/banner/mrt_banner468.jpg
IP
Certificate IssuerLet's Encrypt
Subjectmrteen.cc
FingerprintDF:18:ED:B0:B2:52:8E:E3:51:61:0B:18:20:07:AE:EE:E7:E8:B7:CE
ValidityMon, 23 Oct 2023 08:09:31 GMT - Sun, 21 Jan 2024 08:09:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 468x60, components 3\012- data
Hash 57ee96cd7ce2e6a97e730eeda843dd8d
619f374d56f360e3fbbe80c7fac8eb0a6f587f1a
160be46da80e6b9e12035dceae4a16805986660d0419e411396c34202cfd11fd
GET /banner/mrt_banner468.jpg HTTP/1.1
Host: mrteen.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/jpeg
content-length: 13445
last-modified: Fri, 18 Mar 2022 11:19:39 GMT
etag: "3485-5da7c5293d2f3"
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6946
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nl8HQThmTeA%2FofDLwDNqoTu98pl%2FbEDBK4uXJ%2FML8O7APncP29i6PIRYdx2AnR793Z3UeBG0Ff3w7MX90fBAGbKrrMHlkilwi12I5rVlzq%2FK9NOusUgXY84FHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c52c92b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.usertrust.com/
472 B IP
Hash 5e95c7f5942a93223a79d21d7ea29708
84a612d03ad103783265fa486acc92e192571a7c
8e2929356b3e4273ec6cae665e89f70255504b8835c8dff1b09feba3b85f4658
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Dec 2023 03:56:45 GMT
Expires: Mon, 11 Dec 2023 03:56:44 GMT
Etag: "84a612d03ad103783265fa486acc92e192571a7c"
Cache-Control: max-age=602531,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1263
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 830a08c56975b4ed-OSL
webgf.pw/jscripts/jquery.plugins.min.js?ver=1821
200 OK 25 kB URL GET HTTP/3 webgf.pw/jscripts/jquery.plugins.min.js?ver=1821
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type ASCII text, with very long lines (14798)
Hash cf1f71e20e14765d6d5ea640aa4f7fc7
d1f3a0e46dd50d3a4d1839cb821ad42802619def
a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149
GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 07 Dec 2023 05:09:46 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 434678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sc0ylucyhXnxpmgumcb1zOmMgxg%2BbH%2BsIqmaJ71QupyalgO9RH7t1MS9i%2F%2BGvVmjIALnnKLvu6DnA2nsDTKS83ykzt7R882UlcVgLDfRGFoFGEM121UbRz9NTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c409b356ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
webgf.pw/images/headerlinks_sprite.png
200 OK 2.3 kB URL GET HTTP/3 webgf.pw/images/headerlinks_sprite.png
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 16 x 196, 8-bit colormap, non-interlaced\012- data
Hash e38f7f29cf3f740d7dc3651cb82098ec
65787e91831d3707a9ec747ab272c1fb5d52b2d8
bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a
GET /images/headerlinks_sprite.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/cache/themes/theme1/global.css
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 2342
cache-control: public, max-age=604800
expires: Mon, 11 Dec 2023 07:15:54 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 81510
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbqjPgZQViwLgwNCaO0UyvCrNd2Q2%2Fx7OOAtcjStvhv5wheoN%2B5c8dH8jpdzyvSGYpJ4JuxD6vUQcIn3%2F4MAbGjdX%2Bl8k48PwaOnl7UbrAHnlywca4ORL%2B%2F%2Fvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08c5ea9356ab-OSL
alt-svc: h3=":443"; ma=86400
webgf.pw/images/tcat.png
200 OK 131 B IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 10b96a318e186e39860a5945a9071b92
daa068efc07bb97ff0a2af218aedebbb28c9f1bb
91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf
GET /images/tcat.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/cache/themes/theme1/global.css
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 131
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 04:41:44 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 522760
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjYgU%2By12qLWM7Rs4t3gYu23OYR8yjw%2BwK5gQfl12sfVec43A7PQa3rNG3OA1S%2FOH97VSg0Yooa2nfY%2B%2Be9uS20GUrrmKXl5lR1LwTTHt3GiaPKPtlxA7IDLsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08c5fa9a56ab-OSL
alt-svc: h3=":443"; ma=86400
webgf.pw/images/thead.png
200 OK 115 B URL GET HTTP/3 webgf.pw/images/thead.png
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 96dfa0b7296d710946b220639f5a9d1c
40838eabc4f6384d72ec9adca7a773fc4db21c44
d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f
GET /images/thead.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/cache/themes/theme1/global.css
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 115
cache-control: public, max-age=604800
expires: Mon, 11 Dec 2023 07:15:54 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 81510
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH9SC1g%2B5RU%2FDoud767Tdgx7ea6%2Bts98YBwqDMbsJxb3vvezho6KZEcL9%2F8TxeC2RTyUHIaoXuxW4x5jJV%2FXd2%2FPf8mwZsv9diilKUCvcPS09VkKoVWWKtZN%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08c5fa9b56ab-OSL
alt-svc: h3=":443"; ma=86400
webgf.pw/cache/themes/theme1/global.css
200 OK 8.1 kB URL GET HTTP/3 webgf.pw/cache/themes/theme1/global.css
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
Hash 625916f0e174ce5878c641a8e6ab4d55
0adb906f55c50797eebf4e4af1dde6f960adfe46
2bd4832e24833c6bb33870e9a4cf6bc6841c3d83dc60e119f8abb84ca7d8832c
GET /cache/themes/theme1/global.css HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 02:10:30 GMT
last-modified: Sun, 09 Aug 2020 13:14:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 531834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7OrodjHiBReU8sRgF3kW0QkJ8XlUOdTP%2Falu%2BfiG6FzESHvL4QQ4orS2TJ%2FF1GQzSsKMyLLI1VKObS5PsYHSI9nirF9qKlyOPNfPhhDDg0%2Bx8Uf33G%2Bipyp5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c409b856ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
neonaut.neocities.org/images/buttons/neocitizens/herocore.gif
200 OK 28 kB URL GET HTTP/2 neonaut.neocities.org/images/buttons/neocitizens/herocore.gif
IP
Certificate IssuerLet's Encrypt
Subjectneocities.org
Fingerprint35:13:46:55:5F:F8:49:5A:C3:60:2B:DE:35:F1:0B:19:5D:85:DA:4F
ValiditySun, 03 Dec 2023 20:35:07 GMT - Sat, 02 Mar 2024 20:35:06 GMT
File type GIF image data, version 89a, 88 x 31\012- data
Hash a6c84f0a09b1788dd7252f5512001909
6a69df253c6f841a523a0e8272bb2a9afe3968f4
51f4b96257df00974cd63722e6cb458a5743ab79f49b7acea49bb8fc57555159
GET /images/buttons/neocitizens/herocore.gif HTTP/1.1
Host: neonaut.neocities.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/gif
content-length: 28187
last-modified: Fri, 01 Apr 2022 13:55:18 GMT
etag: "62470446-6e1b"
server: neocities
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
x-neocities-cdn: cdn-fra
upgrade-insecure-requests: 1
x-cached: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
images2.imgbox.com/2b/26/MmEyIwbu_o.jpg
200 OK 18 kB URL GET HTTP/1.1 images2.imgbox.com/2b/26/MmEyIwbu_o.jpg
IP
ASN #30880 SpaceDump IT AB
Certificate IssuerGoGetSSL
Subject*.imgbox.com
FingerprintC6:95:D3:4F:93:91:25:67:D4:E7:4F:4F:27:C3:8A:CC:7E:6F:D4:92
ValidityFri, 20 Oct 2023 00:00:00 GMT - Tue, 19 Nov 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash f45f8ce65a224a0a507fecacbfdc830a
92e654dedccc01c27f6c1e76a8eff8056218a549
7c47f57d239e76a2eb5d12340aa4fca658bf53a7ea03dbf8b0c02b83387a8edf
GET /2b/26/MmEyIwbu_o.jpg HTTP/1.1
Host: images2.imgbox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/jpeg
Content-Length: 18525
last-modified: Fri, 19 Jun 2020 14:44:06 GMT
etag: "485d-5a870ecc9b980"
expires: Wed, 03 Apr 2024 11:21:55 GMT
cache-control: max-age=10630963
X-Cache: HIT
X-Whom: srv1583
Accept-Ranges: bytes
neonaut.neocities.org/images/buttons/neocitizens/dollz.gif
200 OK 1.2 kB URL GET HTTP/2 neonaut.neocities.org/images/buttons/neocitizens/dollz.gif
IP
Certificate IssuerLet's Encrypt
Subjectneocities.org
Fingerprint35:13:46:55:5F:F8:49:5A:C3:60:2B:DE:35:F1:0B:19:5D:85:DA:4F
ValiditySun, 03 Dec 2023 20:35:07 GMT - Sat, 02 Mar 2024 20:35:06 GMT
File type GIF image data, version 89a, 88 x 31\012- data
Hash fff800486bcc2d99e022ee57281254af
0738a8ec0350724b4af03f25f5539ab5162b467c
895b844d0af5c71659768a6781bfafb1fea59487aea439fe397672de6e6f40dc
GET /images/buttons/neocitizens/dollz.gif HTTP/1.1
Host: neonaut.neocities.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/gif
content-length: 1218
last-modified: Fri, 01 Apr 2022 13:54:16 GMT
etag: "62470408-4c2"
server: neocities
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
x-neocities-cdn: cdn-fra
upgrade-insecure-requests: 1
x-cached: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img91.pixhost.to/images/79/401487114_thenudepages.gif
200 OK 13 kB URL GET HTTP/1.1 img91.pixhost.to/images/79/401487114_thenudepages.gif
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type GIF image data, version 89a, 468 x 60\012- data
Hash 7c945ae99e8450422f91c9d256d3451e
daf0112ed9af3ccf6e05c13fcaf682f67bfea67c
8aeb5eeec551a7323fc40c58422b3e89a03df9d5120d48114e38596b782e6d50
GET /images/79/401487114_thenudepages.gif HTTP/1.1
Host: img91.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/gif
Content-Length: 13354
Last-Modified: Mon, 27 Nov 2023 04:36:02 GMT
Connection: keep-alive
ETag: "65641cb2-342a"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
img90.pixhost.to/images/748/397218911_4113893faa23dc006394c1364fa7539338aab483.jpg
200 OK 10 kB URL GET HTTP/1.1 img90.pixhost.to/images/748/397218911_4113893faa23dc006394c1364fa7539338aab483.jpg
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type JPEG image data, baseline, precision 8, 472x68, components 3\012- data
Hash be06754a682f4f82055a0a1a06afd913
4113893faa23dc006394c1364fa7539338aab483
06698971fe7cc1e7f25aac98aa052c56ab8a653e73ca2aa2d72c5b6b84fb5ec9
GET /images/748/397218911_4113893faa23dc006394c1364fa7539338aab483.jpg HTTP/1.1
Host: img90.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/jpeg
Content-Length: 9986
Last-Modified: Thu, 09 Nov 2023 13:02:56 GMT
Connection: keep-alive
ETag: "654cd880-2702"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
img89.pixhost.to/images/553/380823762_aenudebodyartexposed.gif
200 OK 15 kB URL GET HTTP/1.1 img89.pixhost.to/images/553/380823762_aenudebodyartexposed.gif
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type GIF image data, version 89a, 468 x 60\012- data
Hash 2f6b10053bd52596d2a82f2854161f49
b8260b3009b7f2977034c5a6b59a62dcb23358cc
c03699846023316a350664a51d4cc7368e5d8108ea8a259093fabd0ca4657576
GET /images/553/380823762_aenudebodyartexposed.gif HTTP/1.1
Host: img89.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/gif
Content-Length: 15316
Last-Modified: Wed, 13 Sep 2023 14:11:54 GMT
Connection: keep-alive
ETag: "6501c32a-3bd4"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
img91.pixhost.to/images/65/401307074_c2db41ac13b129557afa2471e98aabca04ddeb18.png
200 OK 18 kB URL GET HTTP/1.1 img91.pixhost.to/images/65/401307074_c2db41ac13b129557afa2471e98aabca04ddeb18.png
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 7bb0be43b73aaaf77e4796c0ee170b92
c51508f9baf712f0631c3c360d770a492aba5a14
febfb8932dd259496f752412c7f4818e76770a65471d4ff82dd05b1c49aa6edf
GET /images/65/401307074_c2db41ac13b129557afa2471e98aabca04ddeb18.png HTTP/1.1
Host: img91.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/png
Content-Length: 17525
Last-Modified: Sun, 26 Nov 2023 14:27:49 GMT
Connection: keep-alive
ETag: "656355e5-4475"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
img90.pixhost.to/images/583/395683138_169893410512885420.gif
200 OK 26 kB URL GET HTTP/1.1 img90.pixhost.to/images/583/395683138_169893410512885420.gif
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type GIF image data, version 87a, 528 x 58\012- data
Hash aee1d991223eaad1aedcf502f4ab4256
a648a808935acd8748f4ee7814e4b47da2841e5f
33b0bb051589d1826ade018f33aad6a775a235ec8f57f319c3ae68639eb74178
GET /images/583/395683138_169893410512885420.gif HTTP/1.1
Host: img90.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/gif
Content-Length: 26437
Last-Modified: Thu, 02 Nov 2023 14:12:14 GMT
Connection: keep-alive
ETag: "6543ae3e-6745"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
webgf.pw/jscripts/jquery.js?ver=1823
200 OK 36 kB URL GET HTTP/3 webgf.pw/jscripts/jquery.js?ver=1823
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type ASCII text, with very long lines (65451)
Hash 12b69d0ae6c6f0c42942ae6da2896e84
d2cc8d43ce1c854b1172e42b1209502ad563db83
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 11 Dec 2023 04:16:11 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 92293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot0lOIH9wq1QP2Suojhg3FoP%2FHrzRXFZmvLcGfGeDH0rCJNwwlMj1vMrk%2F3%2Fcp44xxk092pXdvjr42As7Vht%2BZU2eINEVWcY1JKTfdWCrctran7AZFj2VjpXVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c409ad56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
neonaut.neocities.org/images/buttons/neocitizens/howtobecomeanangel.png
200 OK 2.7 kB URL GET HTTP/2 neonaut.neocities.org/images/buttons/neocitizens/howtobecomeanangel.png
IP
Certificate IssuerLet's Encrypt
Subjectneocities.org
Fingerprint35:13:46:55:5F:F8:49:5A:C3:60:2B:DE:35:F1:0B:19:5D:85:DA:4F
ValiditySun, 03 Dec 2023 20:35:07 GMT - Sat, 02 Mar 2024 20:35:06 GMT
File type PNG image data, 88 x 31, 8-bit colormap, non-interlaced\012- data
Hash 1c35074eaa0691f0a98e204124ab75dd
1ada9764dfaaceb9c13400523c0758f5aea41f5b
721e42555babb7c2f89c9a6ea7ea8a681712b4cb79c86a20575c980f13928c66
GET /images/buttons/neocitizens/howtobecomeanangel.png HTTP/1.1
Host: neonaut.neocities.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 2698
last-modified: Wed, 09 Feb 2022 12:15:06 GMT
etag: "6203b04a-a8a"
server: neocities
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests; default-src 'unsafe-inline' 'unsafe-eval' 'self' data: blob: *
x-neocities-cdn: cdn-fra
upgrade-insecure-requests: 1
x-cached: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
livezombymil.com/apu.php?zoneid=1809942
200 OK 36 kB URL GET HTTP/2 livezombymil.com/apu.php?zoneid=1809942
IP
Certificate IssuerBuypass AS-983163327
Subject
FingerprintD6:92:EF:54:61:0C:3A:E3:F7:6C:D8:B0:CB:2B:07:BC:72:09:5F:8B
ValiditySat, 28 Oct 2023 13:53:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash cc7aa7cd1b234f011050948ef58e6336
0348b9fa477adc86ef7fd97f1bac3eb8239d22d3
f219164c027b7fca0e8afd742cccd3dcce4e06a445af605a64d119df8a33bcf5
GET /apu.php?zoneid=1809942 HTTP/1.1
Host: livezombymil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
last-modified: Fri, 24 Nov 2023 15:39:42 GMT
vary: Accept-Encoding
etag: W/"6560c3be-1659d"
x-js-ab2: var428
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
img187.imagevenue.com/loc540/th_841417311_youngnudetop1_123_540lo.jpg
200 OK 5.8 kB URL GET HTTP/1.1 img187.imagevenue.com/loc540/th_841417311_youngnudetop1_123_540lo.jpg
IP
ASN #30880 SpaceDump IT AB
Certificate IssuerGoGetSSL
Subject*.imagevenue.com
FingerprintB9:BE:CE:C5:F3:23:44:7D:53:F4:54:4D:CF:4A:31:5C:73:55:57:6B
ValiditySat, 21 Oct 2023 00:00:00 GMT - Wed, 20 Nov 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, software=ACD Systems Digital Imaging, datetime=2018:12:22 18:52:37], baseline, precision 8, 90x30, components 3\012- data
Hash 4ed6e2e66a2d8b321063fb59e9c50f56
6a241a706d78ae099b91f6131472b9c6651fcecd
28a1752fd774529750aaa01ce1de48d5561784f3e4aecbe777739fd26670a47d
GET /loc540/th_841417311_youngnudetop1_123_540lo.jpg HTTP/1.1
Host: img187.imagevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/jpeg
Content-Length: 5789
last-modified: Tue, 04 Feb 2020 18:41:16 GMT
etag: "1aeab9ba9-169d-59dc4628b4b00"
expires: Thu, 22 Feb 2024 22:15:13 GMT
cache-control: max-age=10374182
X-Cache: HIT
X-Whom: srv1535
Accept-Ranges: bytes
archive.fo/IxMul/802b989292c53aaa04a239eb929f3638818876d4.gif
200 OK 7.2 kB URL GET HTTP/2 archive.fo/IxMul/802b989292c53aaa04a239eb929f3638818876d4.gif
IP
ASN #36352 AS-COLOCROSSING
Certificate IssuerLet's Encrypt
Subjectarchive.fo
Fingerprint5D:FF:88:32:EE:73:7E:6C:12:15:F8:39:EA:32:24:88:F6:C8:85:02
ValidityThu, 07 Sep 2023 01:07:40 GMT - Wed, 06 Dec 2023 01:07:39 GMT
File type GIF image data, version 89a, 88 x 31\012- data
Hash 4afc9c3d4e59c6f74d232dfcd5e04224
802b989292c53aaa04a239eb929f3638818876d4
28267c75472fb8d665a82c4a6050bb714cd8f0578326baff7e7eb67db73d3ff7
GET /IxMul/802b989292c53aaa04a239eb929f3638818876d4.gif HTTP/1.1
Host: archive.fo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/gif
content-length: 7233
access-control-allow-origin: *
etag: 802b989-292c-53aaa04a
last-modified: Sat, 26 Jun 2021 08:13:08 GMT
cache-control: maxage=3600
expires: Tue, 05 Dec 2023 06:12:23 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
jimperial.top/topl.png
200 OK 3.5 kB IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 88 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 979abce1b714b378e3e6b7ce1d7b66d2
81f34390516044a0602e5fe4c422f19e1b0d7f2d
733e6ac763fe405d689358693a695028063af3e1c48fcf52c9b9ba78c0caaa2b
GET /topl.png HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:24 GMT
Server: Apache
Last-Modified: Sun, 25 Jun 2023 12:54:58 GMT
Accept-Ranges: bytes
Content-Length: 3473
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
archive.fo/IxMul/c10c08fba9393f1e7e3dde29f9234d3e5eac4097.jpg
200 OK 2.1 kB URL GET HTTP/2 archive.fo/IxMul/c10c08fba9393f1e7e3dde29f9234d3e5eac4097.jpg
IP
ASN #36352 AS-COLOCROSSING
Certificate IssuerLet's Encrypt
Subjectarchive.fo
Fingerprint5D:FF:88:32:EE:73:7E:6C:12:15:F8:39:EA:32:24:88:F6:C8:85:02
ValidityThu, 07 Sep 2023 01:07:40 GMT - Wed, 06 Dec 2023 01:07:39 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 88x31, components 3\012- data
Hash 384261eb15db7392681d94ad9ae4ac6f
c10c08fba9393f1e7e3dde29f9234d3e5eac4097
a9bf3bf9c3c729e03c65a8ba30b3fc4b410b265e48079288dc32e5bcaa90e2f7
GET /IxMul/c10c08fba9393f1e7e3dde29f9234d3e5eac4097.jpg HTTP/1.1
Host: archive.fo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/jpeg
content-length: 2115
access-control-allow-origin: *
etag: c10c08f-ba93-93f1e7e3
last-modified: Sat, 26 Jun 2021 08:13:08 GMT
cache-control: maxage=3600
expires: Tue, 05 Dec 2023 06:12:23 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
livezombymil.com/solid.gif?z=1809942&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1
200 OK 43 B URL POST HTTP/2 livezombymil.com/solid.gif?z=1809942&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1
IP
Certificate IssuerBuypass AS-983163327
Subject
FingerprintD6:92:EF:54:61:0C:3A:E3:F7:6C:D8:B0:CB:2B:07:BC:72:09:5F:8B
ValiditySat, 28 Oct 2023 13:53:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1809942&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1 HTTP/1.1
Host: livezombymil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webgf.pw
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: CHCK=1; Path=/; Expires=Tue, 07 Jan 2025 05:54:25 GMT; Secure; SameSite=None
UID=2312050054f811488e63ee40a196a2321c84; Path=/; Expires=Tue, 07 Jan 2025 05:54:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
webgf.pw/images/forum_icon_sprite.png
200 OK 1.1 kB URL GET HTTP/3 webgf.pw/images/forum_icon_sprite.png
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type PNG image data, 30 x 120, 8-bit colormap, non-interlaced\012- data
Hash 212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b
GET /images/forum_icon_sprite.png HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/cache/themes/theme1/global.css
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: image/png
content-length: 1130
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 01:46:57 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 533248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMi9Ypas6nmaUXLJUj8q%2FLlc6%2BtYoHV5ntfL3YYfOfxhJHpuj3FGeZpDBSv4ZLfS3%2BN08%2BxqesaJRt2WM%2B%2BjBa%2BTU3o5%2BaICjlzQLXD2Uzr7fJFsz4L7klb3YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08ccada856ab-OSL
alt-svc: h3=":443"; ma=86400
jimperial.top/
200 OK 10 kB IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1265), with CRLF, LF line terminators
Hash 39dd9193172c02d34918491e7189764e
58e02cac2b7e400e488969674b1897a20560ddc3
4ab6cf4cc9b63c33ec6a7b83e2bb1b97cf4921ad91a5e4630561df501a10bfc2
GET / HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: embed
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:25 GMT
Server: Apache
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
archive.fo/OAFri/711c43cd22a1dfb5864f6dc3347f4927559d51f8.png
200 OK 105 kB URL GET HTTP/2 archive.fo/OAFri/711c43cd22a1dfb5864f6dc3347f4927559d51f8.png
IP
ASN #36352 AS-COLOCROSSING
Certificate IssuerLet's Encrypt
Subjectarchive.fo
Fingerprint5D:FF:88:32:EE:73:7E:6C:12:15:F8:39:EA:32:24:88:F6:C8:85:02
ValidityThu, 07 Sep 2023 01:07:40 GMT - Wed, 06 Dec 2023 01:07:39 GMT
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Size 105 kB (104694 bytes)
Hash b9b2f04d609f2f5d1ceb86f1b1f13528
711c43cd22a1dfb5864f6dc3347f4927559d51f8
cebbdaf578ff07e0893a40f93b18269e4a291e0a323bc73a4004792b36241a87
GET /OAFri/711c43cd22a1dfb5864f6dc3347f4927559d51f8.png HTTP/1.1
Host: archive.fo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: image/png
content-length: 104694
access-control-allow-origin: *
etag: 711c43c-d22a-1dfb5864
last-modified: Wed, 26 Aug 2020 20:26:00 GMT
cache-control: maxage=3600
expires: Tue, 05 Dec 2023 06:12:23 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
a.magsrv.com/iframe.js?idzone=4757176&size=300x100
200 OK 1.1 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 264aea4b96f8909059b0e23ea6e6e8de
fea56ac709085378c81111b8cb90a776ac108e6e
1c323cbd4f08f570cd89470ba4a9c6c56d5b1e3e42843c0102c3792eed0cc86b
GET /iframe.js?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"93d55bda36ddbba329cc7a797c3"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:06 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IhsAAAwBuUwKAQH3WwoAAAwB1GY4mQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e6592d6061c
x-accel-expires: @1701759166
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9608
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6946
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/build-iframe-js-url.js?idzone=4757176
200 OK 1.7 kB URL GET HTTP/2 a.magsrv.com/build-iframe-js-url.js?idzone=4757176
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type ASCII text, with very long lines (2511), with no line terminators
Hash 7eb6bc71e160460daad380b4d70de950
89079bebc02b98aa85a1da9a2aa78bf943a7dd81
c5c6d173a7c0bf711faf56ea628f3d78c12315ebdc9e3acc5eee018b69f905f8
GET /build-iframe-js-url.js?idzone=4757176 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e7b6ecb48b5717f2bfdf0d8b0bf"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH3XAoAAAwB1GY4mQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e65abf09d2b
x-accel-expires: @1701759165
x-accel-date: 1701748718
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2652, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1691), with no line terminators
Hash 3257eecff62094ef40ade6d2471ce78f
11c7b9cacf502dd22498e038eab7970207818778
43288550bf595bbb07c9074f48233e0d57e2048998acad1a3b6ebde7071d0cd1
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11d8a8e9.948794593891472628%22%3B%7D; expires=Thu, 04-Dec-2025 05:54:25 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1584), with no line terminators
Hash 78df7e34717054b88ef495f77208b41d
a9e48e82acdc6fb65519c8ad71334440085e507d
28c2df26c7db1a407efc3fd2fbd40c821874eebffde983e973822b336095b79b
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11dbf672.503019222432186323%22%3B%7D; expires=Thu, 04-Dec-2025 05:54:25 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.magsrv.com/build-iframe-js-url.js?idzone=4143654
200 OK 907 B URL GET HTTP/2 a.magsrv.com/build-iframe-js-url.js?idzone=4143654
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash c00f17609fc639181502bcd77f627a3f
df91b04d1903985f689c78aa67a7bc0d1d7c37cb
26762a69e74aaa2838b9339976b695e22ee5963952c4a8318e5da6ad79156e6c
GET /build-iframe-js-url.js?idzone=4143654 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"761744ec97c2170aa7ae4ee4ede"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKAQH3XAoAAAwB1GY4AQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e65dd719908
x-accel-expires: @1701759165
x-accel-date: 1701748718
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2652, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1582), with no line terminators
Hash d01d2c3ef4847a61369f81173e33acec
0643f2da4b95fa7daa4d9d5c1e0d960c2c934956
4a5b8ccb09bd226646f6c21a58dbc3792515ba358b89681394506615eef2e86b
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11e3ca60.502156373461885969%22%3B%7D; expires=Thu, 04-Dec-2025 05:54:25 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1601), with no line terminators
Hash 71a5c02e6e2e3141142665d70b6f6204
3a20ac62bc881e6b988ac09f298736d06721b82b
a7898e19a8bd42c37f3a16ed6f5cfda0f63dec81f85fd82e412510a6e637f66b
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11e73492.278772043338331186%22%3B%7D; expires=Thu, 04-Dec-2025 05:54:25 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
a.magsrv.com/build-iframe-js-url.js?idzone=4757176
200 OK 37 kB URL GET HTTP/2 a.magsrv.com/build-iframe-js-url.js?idzone=4757176
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type ASCII text, with very long lines (31414)
Hash cf92d53d0791fb8d120f462fcd17e542
38460bc45defbc737f26ed145eab18eabc5ead98
98154b0952d9f6eba461472586910a59557e43275b47b6064f079097bffe4a85
GET /build-iframe-js-url.js?idzone=4757176 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"e7b6ecb48b5717f2bfdf0d8b0bf"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH3XAoAAAwB1GY4mQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e657bb4b911
x-accel-expires: @1701759165
x-accel-date: 1701748718
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2652, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1686), with no line terminators
Hash 82e3b6df9d379b5c67ce2556c08a0505
b8078842a1ce95310a13057dfc8cc38bf07fc9f9
a1f85e2d6f0aeb21f381ce3f3fbbbc28455e740846cb9c3dd7fe08a2127e7eee
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; expires=Thu, 04-Dec-2025 05:54:26 GMT; Max-Age=63072000; path=/; domain=magsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
limurol.com/ssp/req/1809942/?pb=f77c320468055c3e89d16aeb16d7410e1701762865&psp=FKYV5FoMh8lAIDZmvpt2LP5n2csZ9hUGXBwH--yRi57Gwx9AYG2vf5ZPrstWU5pmoZyHAhx-Nsgf8MdOYbUZupy_hRM9nkU54V55Vwe9yi6LuLeyLXvcwkkgA7WQkG_92nX4C6QKtaCZ44aH4FQMuK0DVdyJV-qPuDHa--5W6VXo9x8B_gpK6LlR7dq61yf4iR-PBQd_R4TE2Kz_Tbcrbbh6wB7IrsPnJ2vcQmaIoeK9jK3Inf9OqaXFJQA72WI7h87m1glzvW4rnhUPeNw4rPVeFIcrNIA_2N6koLBHcvh7wUKP73TDdXeJuhm4zjYLI_Raj5wQqr918f4g4oFG3bzY3b5IwSmMTfQYZA85CDsLx3miA6HhBcfn3oD3P9yinucfMSbDJGMA_VuKTsAiVlazBUHgrhhbzPbHep5iGVsbwUdFtrSQeNObGClXFYkJPDlfog1mXOE-jWgvVwcN2TdWR5vTV_36wgOYhmnZWYU4__hwaIBj89zmet9P9Wpw4O4RgCkkhFUTGOUv-j1HsS_YkDL0r_LxDzdiAYCyCQI2n7RASY4kNFc9al2rYDOFGYV_IBHZtIsY268qawUHSyjqbStPBHdHFlmCVyPbvjRNuoQLQl3G3_tgMdlhtGSWCYtwsXtBVitbKgHC-h9m6-uHtqb84qe-jzqLA4X43HFi9w5nyoEqKOj_ZQ4nRafDMuL93MJlCaCw7AvaVOEoIYrr9akcwec-rNhkjBWM3j4--_pQQfls_yPkKGutqMbcPpAOYEYo-qDPtwe3ms2oculv57GYSLD6U5LyfXVTfRS0Qnj7NpFENMkClpPwEmiuhVYjOrEKFoNLX-y2aBUjEtGiR_mbi8MnVJDlJ2M79N52O-RQ0MuLc5y2_Oug5uM6_YgeW_UtVYThuQ7731InXr5NfWir2qMY1QfGYbCBdSyZI3IOs0caAW__CCrTnJBpzhkVU1jJFjpptBGLF9SZS9oqz_cp-w8jc22TuNd7RVp7YJlw7ZS3GY5jg82YXRPc1i5IJdVTMV4Q2VywNEs0dlmuCSeWw24AXjw6qDc5M7xRtRDYWJk8TBimVHQmDSOr40Q2ARzdtOEX_n-Myvd8MpOZX670Hs_yoasw8In1ShZnwIL9FbRqQPMWS-5vISh6_sd9GDPqVi36sQD-LKk3pg6eGkzMwKuP1OVT0id5kEBuOpoZjHCeNZOIRYt9A-QiLyvndQrIqLE-IEPdsazNvZHrAnVGCiwOwA==&im=1&frq=0&cb=_cl7qevf9t0ivjynm1w9bo7&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1
200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1809942/?pb=f77c320468055c3e89d16aeb16d7410e1701762865&psp=FKYV5FoMh8lAIDZmvpt2LP5n2csZ9hUGXBwH--yRi57Gwx9AYG2vf5ZPrstWU5pmoZyHAhx-Nsgf8MdOYbUZupy_hRM9nkU54V55Vwe9yi6LuLeyLXvcwkkgA7WQkG_92nX4C6QKtaCZ44aH4FQMuK0DVdyJV-qPuDHa--5W6VXo9x8B_gpK6LlR7dq61yf4iR-PBQd_R4TE2Kz_Tbcrbbh6wB7IrsPnJ2vcQmaIoeK9jK3Inf9OqaXFJQA72WI7h87m1glzvW4rnhUPeNw4rPVeFIcrNIA_2N6koLBHcvh7wUKP73TDdXeJuhm4zjYLI_Raj5wQqr918f4g4oFG3bzY3b5IwSmMTfQYZA85CDsLx3miA6HhBcfn3oD3P9yinucfMSbDJGMA_VuKTsAiVlazBUHgrhhbzPbHep5iGVsbwUdFtrSQeNObGClXFYkJPDlfog1mXOE-jWgvVwcN2TdWR5vTV_36wgOYhmnZWYU4__hwaIBj89zmet9P9Wpw4O4RgCkkhFUTGOUv-j1HsS_YkDL0r_LxDzdiAYCyCQI2n7RASY4kNFc9al2rYDOFGYV_IBHZtIsY268qawUHSyjqbStPBHdHFlmCVyPbvjRNuoQLQl3G3_tgMdlhtGSWCYtwsXtBVitbKgHC-h9m6-uHtqb84qe-jzqLA4X43HFi9w5nyoEqKOj_ZQ4nRafDMuL93MJlCaCw7AvaVOEoIYrr9akcwec-rNhkjBWM3j4--_pQQfls_yPkKGutqMbcPpAOYEYo-qDPtwe3ms2oculv57GYSLD6U5LyfXVTfRS0Qnj7NpFENMkClpPwEmiuhVYjOrEKFoNLX-y2aBUjEtGiR_mbi8MnVJDlJ2M79N52O-RQ0MuLc5y2_Oug5uM6_YgeW_UtVYThuQ7731InXr5NfWir2qMY1QfGYbCBdSyZI3IOs0caAW__CCrTnJBpzhkVU1jJFjpptBGLF9SZS9oqz_cp-w8jc22TuNd7RVp7YJlw7ZS3GY5jg82YXRPc1i5IJdVTMV4Q2VywNEs0dlmuCSeWw24AXjw6qDc5M7xRtRDYWJk8TBimVHQmDSOr40Q2ARzdtOEX_n-Myvd8MpOZX670Hs_yoasw8In1ShZnwIL9FbRqQPMWS-5vISh6_sd9GDPqVi36sQD-LKk3pg6eGkzMwKuP1OVT0id5kEBuOpoZjHCeNZOIRYt9A-QiLyvndQrIqLE-IEPdsazNvZHrAnVGCiwOwA==&im=1&frq=0&cb=_cl7qevf9t0ivjynm1w9bo7&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1
IP
Certificate IssuerBuypass AS-983163327
Subject
FingerprintF5:B7:17:E8:F4:87:B4:48:99:C9:D2:6D:DA:4A:E3:52:D3:E9:8C:0E
ValiditySat, 28 Oct 2023 13:52:28 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1809942/?pb=f77c320468055c3e89d16aeb16d7410e1701762865&psp=FKYV5FoMh8lAIDZmvpt2LP5n2csZ9hUGXBwH--yRi57Gwx9AYG2vf5ZPrstWU5pmoZyHAhx-Nsgf8MdOYbUZupy_hRM9nkU54V55Vwe9yi6LuLeyLXvcwkkgA7WQkG_92nX4C6QKtaCZ44aH4FQMuK0DVdyJV-qPuDHa--5W6VXo9x8B_gpK6LlR7dq61yf4iR-PBQd_R4TE2Kz_Tbcrbbh6wB7IrsPnJ2vcQmaIoeK9jK3Inf9OqaXFJQA72WI7h87m1glzvW4rnhUPeNw4rPVeFIcrNIA_2N6koLBHcvh7wUKP73TDdXeJuhm4zjYLI_Raj5wQqr918f4g4oFG3bzY3b5IwSmMTfQYZA85CDsLx3miA6HhBcfn3oD3P9yinucfMSbDJGMA_VuKTsAiVlazBUHgrhhbzPbHep5iGVsbwUdFtrSQeNObGClXFYkJPDlfog1mXOE-jWgvVwcN2TdWR5vTV_36wgOYhmnZWYU4__hwaIBj89zmet9P9Wpw4O4RgCkkhFUTGOUv-j1HsS_YkDL0r_LxDzdiAYCyCQI2n7RASY4kNFc9al2rYDOFGYV_IBHZtIsY268qawUHSyjqbStPBHdHFlmCVyPbvjRNuoQLQl3G3_tgMdlhtGSWCYtwsXtBVitbKgHC-h9m6-uHtqb84qe-jzqLA4X43HFi9w5nyoEqKOj_ZQ4nRafDMuL93MJlCaCw7AvaVOEoIYrr9akcwec-rNhkjBWM3j4--_pQQfls_yPkKGutqMbcPpAOYEYo-qDPtwe3ms2oculv57GYSLD6U5LyfXVTfRS0Qnj7NpFENMkClpPwEmiuhVYjOrEKFoNLX-y2aBUjEtGiR_mbi8MnVJDlJ2M79N52O-RQ0MuLc5y2_Oug5uM6_YgeW_UtVYThuQ7731InXr5NfWir2qMY1QfGYbCBdSyZI3IOs0caAW__CCrTnJBpzhkVU1jJFjpptBGLF9SZS9oqz_cp-w8jc22TuNd7RVp7YJlw7ZS3GY5jg82YXRPc1i5IJdVTMV4Q2VywNEs0dlmuCSeWw24AXjw6qDc5M7xRtRDYWJk8TBimVHQmDSOr40Q2ARzdtOEX_n-Myvd8MpOZX670Hs_yoasw8In1ShZnwIL9FbRqQPMWS-5vISh6_sd9GDPqVi36sQD-LKk3pg6eGkzMwKuP1OVT0id5kEBuOpoZjHCeNZOIRYt9A-QiLyvndQrIqLE-IEPdsazNvZHrAnVGCiwOwA==&im=1&frq=0&cb=_cl7qevf9t0ivjynm1w9bo7&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: CHCK=1; Path=/; Expires=Tue, 07 Jan 2025 05:54:26 GMT; Secure; SameSite=None
UID=23120500542f91758fbcfe41ddb20dbdf9e2; Path=/; Expires=Tue, 07 Jan 2025 05:54:26 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
a.magsrv.com/iframe.js?idzone=4757176&size=300x100
200 OK 1.1 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type ASCII text, with very long lines (2293), with no line terminators
Hash 6f133df337d45ce0c4ebddfa2ea2cdbf
93d55bda36ddbba329cc7a797c362df0fc74e764
430c2bf60fc8d2949c9fb51b5f299f7c8253909991edca83680ece3ee3559288
GET /iframe.js?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11d4c606.195880773080190418%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"93d55bda36ddbba329cc7a797c3"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:06 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKAQH3WwoAAAwB1GY4mQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5012bb6e657020fb01
x-accel-expires: @1701759166
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9609
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQWoDMQz8Sj+wRpIl28q55xRa+gDv2ht6WFoSSHLQ4ysbCvVgGEsjzZiA4oK0gLwAnIRPJKYYFAJTQGE7v70boz36etnDz8OYCwsaU4kxWtFUMhhnyZiTCRQTSpowWSmFWNWbYNHAQRKZBwsAaD72+fE6Lw64CuCJAP4YpkY+6hyeYzYmbU1h67xRpajquzB1UUoite1DaDUc9XK73sP2fUzH6YUs3qW/gmMZ4ogcyfP4AZvlr/1aj272TzmQ525kI53MRizmkdM/27pwwSZtldJLrlma4NqVY28r/QJ1QWbhXwEAAA==
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PQWoDMQz8Sj+wRpIl28q55xRa+gDv2ht6WFoSSHLQ4ysbCvVgGEsjzZiA4oK0gLwAnIRPJKYYFAJTQGE7v70boz36etnDz8OYCwsaU4kxWtFUMhhnyZiTCRQTSpowWSmFWNWbYNHAQRKZBwsAaD72+fE6Lw64CuCJAP4YpkY+6hyeYzYmbU1h67xRpajquzB1UUoite1DaDUc9XK73sP2fUzH6YUs3qW/gmMZ4ogcyfP4AZvlr/1aj272TzmQ525kI53MRizmkdM/27pwwSZtldJLrlma4NqVY28r/QJ1QWbhXwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PQWoDMQz8Sj+wRpIl28q55xRa+gDv2ht6WFoSSHLQ4ysbCvVgGEsjzZiA4oK0gLwAnIRPJKYYFAJTQGE7v70boz36etnDz8OYCwsaU4kxWtFUMhhnyZiTCRQTSpowWSmFWNWbYNHAQRKZBwsAaD72+fE6Lw64CuCJAP4YpkY+6hyeYzYmbU1h67xRpajquzB1UUoite1DaDUc9XK73sP2fUzH6YUs3qW/gmMZ4ogcyfP4AZvlr/1aj272TzmQ525kI53MRizmkdM/27pwwSZtldJLrlma4NqVY28r/QJ1QWbhXwEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtCnr48+ss04gIQdw97SHLJqEGcjMQoeP7EWIhaGwnlwlAvESaYE+ASeVE6nVGCqCUIgq9vL6ZhLtvq+XHr7vRgKqxYQKM1upqWQ4IJwcVhTTVJkLWYFq9rYJjA1epCwylY98vD/PG73IGHiQwvXws+j/jAYeg95aVCj2dK6SMsWMpi2trkrfsvYBWgtHu9yuP2H7OoZD5pRsxMpuGUBE0wh/tYwpdoI8lB/YfP7s13bsZv/ImXia+A51CvOVosgIbDttay8rJObYumDv511S6YiUuTb5BYNm3OFjAQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtCnr48+ss04gIQdw97SHLJqEGcjMQoeP7EWIhaGwnlwlAvESaYE+ASeVE6nVGCqCUIgq9vL6ZhLtvq+XHr7vRgKqxYQKM1upqWQ4IJwcVhTTVJkLWYFq9rYJjA1epCwylY98vD/PG73IGHiQwvXws+j/jAYeg95aVCj2dK6SMsWMpi2trkrfsvYBWgtHu9yuP2H7OoZD5pRsxMpuGUBE0wh/tYwpdoI8lB/YfP7s13bsZv/ImXia+A51CvOVosgIbDttay8rJObYumDv511S6YiUuTb5BYNm3OFjAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PS2oEMQxEr5ILtCnr48+ss04gIQdw97SHLJqEGcjMQoeP7EWIhaGwnlwlAvESaYE+ASeVE6nVGCqCUIgq9vL6ZhLtvq+XHr7vRgKqxYQKM1upqWQ4IJwcVhTTVJkLWYFq9rYJjA1epCwylY98vD/PG73IGHiQwvXws+j/jAYeg95aVCj2dK6SMsWMpi2trkrfsvYBWgtHu9yuP2H7OoZD5pRsxMpuGUBE0wh/tYwpdoI8lB/YfP7s13bsZv/ImXia+A51CvOVosgIbDttay8rJObYumDv511S6YiUuTb5BYNm3OFjAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJvEnfNGiQQB8hMJxWLEaiVaBc+PE4WiFiRnuLPec8ExAvSAvoEcFI5kbphMkhCCVX85fXNBf2+r5eevu9OAmTVhSoze7VcCwQgnANWqK7ZmCt5BdUSbRdwdogiZZGpYuTj/XlejCJngAcphB5+jvHPaMBj0FtDBYU9n01yISzQtOU1VO1b0T5Ab+lol9v1J21fx3AonLOPWCUsE6DZNIK/WsYUB0ERKg74fP7s13bs7v/ImXiaxA42hcdKKDICezewNWcj3oE2KStu51pwb30tVlr+BQq3C59jAQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJvEnfNGiQQB8hMJxWLEaiVaBc+PE4WiFiRnuLPec8ExAvSAvoEcFI5kbphMkhCCVX85fXNBf2+r5eevu9OAmTVhSoze7VcCwQgnANWqK7ZmCt5BdUSbRdwdogiZZGpYuTj/XlejCJngAcphB5+jvHPaMBj0FtDBYU9n01yISzQtOU1VO1b0T5Ab+lol9v1J21fx3AonLOPWCUsE6DZNIK/WsYUB0ERKg74fP7s13bs7v/ImXiaxA42hcdKKDICezewNWcj3oE2KStu51pwb30tVlr+BQq3C59jAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PTU4DMQyFr8IFJvJvEnfNGiQQB8hMJxWLEaiVaBc+PE4WiFiRnuLPec8ExAvSAvoEcFI5kbphMkhCCVX85fXNBf2+r5eevu9OAmTVhSoze7VcCwQgnANWqK7ZmCt5BdUSbRdwdogiZZGpYuTj/XlejCJngAcphB5+jvHPaMBj0FtDBYU9n01yISzQtOU1VO1b0T5Ab+lol9v1J21fx3AonLOPWCUsE6DZNIK/WsYUB0ERKg74fP7s13bs7v/ImXiaxA42hcdKKDICezewNWcj3oE2KStu51pwb30tVlr+BQq3C59jAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QQWoDMQz8Sj+wRpIl2cq55xZa+gBnvRt6WFoSaHLQ4ysbCvVgGMkjzWACygvSAvIEcBI+kbhhMkhMCYX95fXNGf2+nS97+r47c2VBZ6o5Z6+mtYBzkYJFXaC6kJqieq2V2IycwbNDgCQzD5YA0GPs4/15XhwIFcADAaIYpk6xNzg8xmxW691g3XilRtksdqFuYqQire9D6C0d7XK7/qT165iO0wtJ45X+GoFliDNypsgTB3y2P/drOzb3f8qBMncjO9lkPmIxj5yu61lwFcigHTvEl+yshqV1rvum/Avoaqt0XwEAAA==
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QQWoDMQz8Sj+wRpIl2cq55xZa+gBnvRt6WFoSaHLQ4ysbCvVgGMkjzWACygvSAvIEcBI+kbhhMkhMCYX95fXNGf2+nS97+r47c2VBZ6o5Z6+mtYBzkYJFXaC6kJqieq2V2IycwbNDgCQzD5YA0GPs4/15XhwIFcADAaIYpk6xNzg8xmxW691g3XilRtksdqFuYqQire9D6C0d7XK7/qT165iO0wtJ45X+GoFliDNypsgTB3y2P/drOzb3f8qBMncjO9lkPmIxj5yu61lwFcigHTvEl+yshqV1rvum/Avoaqt0XwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QQWoDMQz8Sj+wRpIl2cq55xZa+gBnvRt6WFoSaHLQ4ysbCvVgGMkjzWACygvSAvIEcBI+kbhhMkhMCYX95fXNGf2+nS97+r47c2VBZ6o5Z6+mtYBzkYJFXaC6kJqieq2V2IycwbNDgCQzD5YA0GPs4/15XhwIFcADAaIYpk6xNzg8xmxW691g3XilRtksdqFuYqQire9D6C0d7XK7/qT165iO0wtJ45X+GoFliDNypsgTB3y2P/drOzb3f8qBMncjO9lkPmIxj5yu61lwFcigHTvEl+yshqV1rvum/Avoaqt0XwEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OTU4EIRCFr+IFmtQvULN2rYnGA9A9MHHR0YyJ46IObzXG4QV4qXw8HgHxgrSAPgCcVE6kbpgMklBCFX96fnFBv/X1MtLnzVEAtLpQZWavlmuBAIRzwArViYuyHrcVxVpcwNkhRMoi08WTt9fHuTFEHsfxkRPMAfwc1NZQQaHns0kuhAWatryGq2MrOg7QW9rb5ev6nbaPfWaHEnCWmQt3LQfM0ZOiQyzwOX4f17Z39zv333CGEznZdH8AuoudO9toWM1WVrQOZVDNSqC9avkFUH9VH1EBAAA=
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz2OTU4EIRCFr+IFmtQvULN2rYnGA9A9MHHR0YyJ46IObzXG4QV4qXw8HgHxgrSAPgCcVE6kbpgMklBCFX96fnFBv/X1MtLnzVEAtLpQZWavlmuBAIRzwArViYuyHrcVxVpcwNkhRMoi08WTt9fHuTFEHsfxkRPMAfwc1NZQQaHns0kuhAWatryGq2MrOg7QW9rb5ev6nbaPfWaHEnCWmQt3LQfM0ZOiQyzwOX4f17Z39zv333CGEznZdH8AuoudO9toWM1WVrQOZVDNSqC9avkFUH9VH1EBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz2OTU4EIRCFr+IFmtQvULN2rYnGA9A9MHHR0YyJ46IObzXG4QV4qXw8HgHxgrSAPgCcVE6kbpgMklBCFX96fnFBv/X1MtLnzVEAtLpQZWavlmuBAIRzwArViYuyHrcVxVpcwNkhRMoi08WTt9fHuTFEHsfxkRPMAfwc1NZQQaHns0kuhAWatryGq2MrOg7QW9rb5ev6nbaPfWaHEnCWmQt3LQfM0ZOiQyzwOX4f17Z39zv333CGEznZdH8AuoudO9toWM1WVrQOZVDNSqC9avkFUH9VH1EBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
jimperial.top/data/style.css
200 OK 907 B URL GET HTTP/1.1 jimperial.top/data/style.css
IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
Hash d9865300fc33d45bdc07ee7e19567ffb
b05c9b0db7abc534effb2fced5008482e181907a
20e3fd215909876fb726fde6edbd5c45598ffc97298a0560b316de323346c545
GET /data/style.css HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:26 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 18:19:21 GMT
Accept-Ranges: bytes
Content-Length: 907
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
s.magsrv.com/v1/api.php
200 OK 1.3 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1771), with no line terminators
Hash 582c7f2aef9f25e33978a31e10a9296a
7906935e3281c5614ed0f1ffcddd9f005693266d
af67b50644d44863d0c9a60904978c1a9077853b1abcb6468364661668ba2e45
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.3 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1774), with no line terminators
Hash 57a95e155607109b8a9f61d61947c31b
2bc81fc1640be74715cd4029ce66cb3169f5f858
642966c0391df82b6189a6850160864a6f7b76fda7a057696f9e6de10d27f115
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.3 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1779), with no line terminators
Hash d378a07618ea8ba1f66b0d977273cc7f
453b1cf568af582f5bfbdf63d8ed48cdedb1ac02
87069d51942f39d5f010ff2ab026c57d8fc446b558d7a15ac006ed64a9ac6863
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QS2pDMQy8Si/wjL7+ZN11Cy09gN+zHboILQk0WejwlQ2FejCM5JFmMAHxhrSBPgGcVE4UrWAoEIQCqtjL65sJ2r3v5xG+7yaSRdGEMjNbLjEnMEmaMEVTyKYUS8RoSVGEOJqAsYGDlEUmCwBoPvbx/rwuTrgK4IEAXkxTI9/rHB5zlmNprcDR5aBKXIrvwti1UFStbUyh1XCp59v1Jxxfl+W4vCiyv9Jfw7FNMaMweR4/YKv9Oa710s3+KSfS2o1iVBazGUtk5jSSso+exw6NqPnfgGRuNfdOdRDwL7QP0IRfAQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QS2pDMQy8Si/wjL7+ZN11Cy09gN+zHboILQk0WejwlQ2FejCM5JFmMAHxhrSBPgGcVE4UrWAoEIQCqtjL65sJ2r3v5xG+7yaSRdGEMjNbLjEnMEmaMEVTyKYUS8RoSVGEOJqAsYGDlEUmCwBoPvbx/rwuTrgK4IEAXkxTI9/rHB5zlmNprcDR5aBKXIrvwti1UFStbUyh1XCp59v1Jxxfl+W4vCiyv9Jfw7FNMaMweR4/YKv9Oa710s3+KSfS2o1iVBazGUtk5jSSso+exw6NqPnfgGRuNfdOdRDwL7QP0IRfAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QS2pDMQy8Si/wjL7+ZN11Cy09gN+zHboILQk0WejwlQ2FejCM5JFmMAHxhrSBPgGcVE4UrWAoEIQCqtjL65sJ2r3v5xG+7yaSRdGEMjNbLjEnMEmaMEVTyKYUS8RoSVGEOJqAsYGDlEUmCwBoPvbx/rwuTrgK4IEAXkxTI9/rHB5zlmNprcDR5aBKXIrvwti1UFStbUyh1XCp59v1Jxxfl+W4vCiyv9Jfw7FNMaMweR4/YKv9Oa710s3+KSfS2o1iVBazGUtk5jSSso+exw6NqPnfgGRuNfdOdRDwL7QP0IRfAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1667), with no line terminators
Hash e7e106d0d1611172909d3c1985846695
71d9c1a9802109cb2b373429097408410e21a086
5fd6ca651a683894f5f97c85508d98c116d7a028aa53495189324972dc0dd8e2
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 3.4 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (7519), with no line terminators
Hash e84d0f9ab8922ea1f7b6ddcc72338909
06ecdd350c9f478f03dca62ffe54b46e4778d3a8
499787c6e1a6e6d0b7d7378f00b064b51930dfc7a0e5352b7bf0834c528815c3
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 3.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (6531), with no line terminators
Hash 14ac1e789c2827ced6cf35107e6783c2
4e5098845a284960bc5df78e1b54ec4208260b83
3a59a45d363cb1ec18673351391a758987eb66e482fff4a9233fd87a341540fc
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/v1/api.php
200 OK 1.2 kB IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type JSON data\012- , ASCII text, with very long lines (1669), with no line terminators
Hash 9b445aa3ffe6345753e7314b6e69aa81
0499d393f998171b41fa2b5052617f2165fd0abb
dd59327ce80da0f58cc5fee3e11668e3612641b43eb73127b325504323b9b538
POST /v1/api.php HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google.com/s2/favicons?domain=https://porndude.me/
301 Moved Permanently 333 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://porndude.me/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash af8993dae0ed9952aad5ef38100d4f9d
0ddcd9e3cd635561781e5d34be233a271500fa99
b273d77dd078822dfae5ebc9e5d2ca991aee50f10291b60f9a86fe2d8840a4bc
GET /s2/favicons?domain=https://porndude.me/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://porndude.me/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:54 GMT
expires: Tue, 05 Dec 2023 06:05:54 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://cutt.ly/5uh3NlD
301 Moved Permanently 336 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://cutt.ly/5uh3NlD
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash fedd84e1833605fb40d37cd8b7976f37
060d252a9d59ba96d23eca4c414c447bfee60e98
d5aaf37a80c52dffca23fcd984c2578c6bccc2a80f2e158b699a5e7efdabf506
GET /s2/favicons?domain=https://cutt.ly/5uh3NlD HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/5uh3NlD&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://loland.topz.mobi/in/97914
345 B URL www.google.com/s2/favicons?domain=http://loland.topz.mobi/in/97914
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 64b80c71c008f884897deb37226bbb10
3f423ab46084df98632fe6507c80d1c700f8975e
e12b989c78b37eb703fad7175cad7c8d1d9fe72d4d433e0c1c76468ffbdd2d4c
GET /s2/favicons?domain=http://loland.topz.mobi/in/97914 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
x-content-type-options: nosniff
server: sffe
content-length: 345
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:32:26 GMT
expires: Tue, 05 Dec 2023 06:02:26 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf
361 B URL www.google.com/s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 355b024a0a13f132e574fff39621a9a0
f76f0fffcfb8f0e7dae6e2fc76ba51e248b88017
c2a66aed625146ce7daf7d59dbbb3c5d1e9e8bb97d92d6986bd236258577231f
GET /s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
x-content-type-options: nosniff
server: sffe
content-length: 361
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:57 GMT
expires: Tue, 05 Dec 2023 06:05:57 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://migirls.tk/
331 B URL www.google.com/s2/favicons?domain=http://migirls.tk/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ae68582bf1559a6d00d3e2568be30c32
b0f934299792a1c90dd7129759785e6749fb2030
40c03b6fe4f3bfb7c60d2a829d4b87830e3f588e024ab25cee25c3fd82f4da5e
GET /s2/favicons?domain=http://migirls.tk/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://cutt.ly/nuh8uMX
301 Moved Permanently 336 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://cutt.ly/nuh8uMX
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7c4da302d8f4e1ef9d369c1874219831
37f14060d8c92f891724a810176214af3f98a93f
f8d377e1c41281f0fd2f6faa31e8ac3ecb9884b2a6a7ace403db13378c08ce2c
GET /s2/favicons?domain=https://cutt.ly/nuh8uMX HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/nuh8uMX&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://redporn.tv/
301 Moved Permanently 332 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://redporn.tv/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash dde847f46c23306cee00a57269674887
45b68f792c6937c658f800af302834a86a8d5627
41bbc99493a14ac540e1cddc314f1cf35127242e48bb1e391eb917a221864ebc
GET /s2/favicons?domain=https://redporn.tv/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://redporn.tv/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 332
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.js?idzone=4143642&size=900x250
200 OK 1.4 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4143642&size=900x250
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 7335ee6965dfb9190a79a137b043b3a7
6c46882b38325ec2fd426aecee151216fd205f7a
b2b4b1af132ad02220e497f39953291ecf5a30250fd6e6c0b4a0f6d3cde48f03
GET /iframe.js?idzone=4143642&size=900x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"39ccf7043190be88b6eafddc435"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKAQH3WwoAAAwB1GY4EQH3DAAAAA
x-77-nzt-ray: c0a4cc283631dd5012bb6e65ea85a90a
x-accel-expires: @1701759166
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://mofosex.net/
301 Moved Permanently 333 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://mofosex.net/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a65f019c7c5747ad6a4a5b81f24bc282
48e94e785f8126a8b42f0d8ca8f86d47b3488bb4
c469349f2fa332ca655ec8f7befd84120eb60fa6326c4416a6ff2c23b8893867
GET /s2/favicons?domain=https://mofosex.net/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mofosex.net/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:57 GMT
expires: Tue, 05 Dec 2023 06:05:57 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://celebmonster.buzz/
338 B URL www.google.com/s2/favicons?domain=http://celebmonster.buzz/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5f734fb61b0e403bbd368340c896538a
7ebfd2802190b510b2f5644533e7266a20b1a3de
80126d19c6e6b793fc0f932d9cd87a6bdee8d9918514dfbff67cf7194f6ff4c0
GET /s2/favicons?domain=http://celebmonster.buzz/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 338
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://bravotube.tv/
301 Moved Permanently 334 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://bravotube.tv/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bc00881abe3d4c129a82d178ed66c20f
0200766e148da27bb92f5841228d98f7d50792a3
46021b736494ac322788832a23599ac2b6016cad23bb2e6ce57c656bc30b780d
GET /s2/favicons?domain=https://bravotube.tv/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bravotube.tv/&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:26 GMT
expires: Tue, 05 Dec 2023 06:24:26 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://cutt.ly/wyKvCnJ
301 Moved Permanently 336 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://cutt.ly/wyKvCnJ
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 897616f992f00c7fdb9421d7986a36de
95297e247b24a36b8ff066594200d1b02cb2ba11
0b5e2ce68c340da5d93e026ad4e2df0e7c2be96f473ed94f1e4db7f60fc84163
GET /s2/favicons?domain=https://cutt.ly/wyKvCnJ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/wyKvCnJ&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:51 GMT
expires: Tue, 05 Dec 2023 06:05:51 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/
362 B URL www.google.com/s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e961f0a11b2e64c8e784ed3f052446ea
aed6bc7a43da7883ce616793ac95dea96e000bfa
5de7790302d60caccdf18312c5dd9f34a63f1369d7a36378b96719e5d79603d3
GET /s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 362
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:43 GMT
expires: Tue, 05 Dec 2023 06:04:43 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMQz8lf7AGr1t5dxzCy39AO+uHXoILQk0Oejjay8U6sEwlkaaMQHxgrSAPgGcVE5k4ZgcklBClXh5fQvBuLf13NP3PUSKKIZQYeYobiVDSNaM2UKhhJK5oUURFzAaTQgOGCBlkckSAMYY+3h/Pi5ODBXAAwHGY5rGHB0cHhCm1tYVsdNad0/uVMwQiQ1QKIsHm++7w9Zko0rsPrzQmjqZat37XBQ1Xer5dv1J29flSHRkQZk29FcYWKaYUZhGaxyIo/zZr/XSIv4pJ/KxGyXIDxYztsj8R7RVqWYCE2EvVh3RADpjrdDXsv8Ch8CD9n8BAAA=
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMQz8lf7AGr1t5dxzCy39AO+uHXoILQk0Oejjay8U6sEwlkaaMQHxgrSAPgGcVE5k4ZgcklBClXh5fQvBuLf13NP3PUSKKIZQYeYobiVDSNaM2UKhhJK5oUURFzAaTQgOGCBlkckSAMYY+3h/Pi5ODBXAAwHGY5rGHB0cHhCm1tYVsdNad0/uVMwQiQ1QKIsHm++7w9Zko0rsPrzQmjqZat37XBQ1Xer5dv1J29flSHRkQZk29FcYWKaYUZhGaxyIo/zZr/XSIv4pJ/KxGyXIDxYztsj8R7RVqWYCE2EvVh3RADpjrdDXsv8Ch8CD9n8BAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Py2oDMQz8lf7AGr1t5dxzCy39AO+uHXoILQk0Oejjay8U6sEwlkaaMQHxgrSAPgGcVE5k4ZgcklBClXh5fQvBuLf13NP3PUSKKIZQYeYobiVDSNaM2UKhhJK5oUURFzAaTQgOGCBlkckSAMYY+3h/Pi5ODBXAAwHGY5rGHB0cHhCm1tYVsdNad0/uVMwQiQ1QKIsHm++7w9Zko0rsPrzQmjqZat37XBQ1Xer5dv1J29flSHRkQZk29FcYWKaYUZhGaxyIo/zZr/XSIv4pJ/KxGyXIDxYztsj8R7RVqWYCE2EvVh3RADpjrdDXsv8Ch8CD9n8BAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google.com/s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph
356 B URL www.google.com/s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 38a1ba4bca988659c8190dbb229447f8
3270d86e9bcd724a45be3f81f1c04a7b2968c80f
c5699aea8c747948281983481adafcd3bcaef928a7f2cc532f616358d15c2f57
GET /s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
x-content-type-options: nosniff
server: sffe
content-length: 356
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:51 GMT
expires: Tue, 05 Dec 2023 06:05:51 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P0UoEMQz8FX/gyiRN0sZnnxUUP6C72z18OJQTvHvIx9suCHYoTNJJZsrgfCI+QR+AR5VHtnBKjiScSCWeX15DKG59Oe/p6xYiVZRCuOaco7rVgpCihYqFooayuZFFFRcYj0dEDgywZpHJEkAxxt7fno5LE0MF3AkYxTSNOTo47ghT68tCtPPSNk/uXM2IOBtIuIhHNt82x9pl5cbZfXiRdXU21bbtc1G0dGnn7+tPWj8vR6IjC8n057/GwGmKM0nmkXccxNH+2K/t0iP+KSfKsZsk2A8WM7bI/EfYumjvMEUvq/SSFbxgW3ffzZuVX+o8oeh/AQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01P0UoEMQz8FX/gyiRN0sZnnxUUP6C72z18OJQTvHvIx9suCHYoTNJJZsrgfCI+QR+AR5VHtnBKjiScSCWeX15DKG59Oe/p6xYiVZRCuOaco7rVgpCihYqFooayuZFFFRcYj0dEDgywZpHJEkAxxt7fno5LE0MF3AkYxTSNOTo47ghT68tCtPPSNk/uXM2IOBtIuIhHNt82x9pl5cbZfXiRdXU21bbtc1G0dGnn7+tPWj8vR6IjC8n057/GwGmKM0nmkXccxNH+2K/t0iP+KSfKsZsk2A8WM7bI/EfYumjvMEUvq/SSFbxgW3ffzZuVX+o8oeh/AQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01P0UoEMQz8FX/gyiRN0sZnnxUUP6C72z18OJQTvHvIx9suCHYoTNJJZsrgfCI+QR+AR5VHtnBKjiScSCWeX15DKG59Oe/p6xYiVZRCuOaco7rVgpCihYqFooayuZFFFRcYj0dEDgywZpHJEkAxxt7fno5LE0MF3AkYxTSNOTo47ghT68tCtPPSNk/uXM2IOBtIuIhHNt82x9pl5cbZfXiRdXU21bbtc1G0dGnn7+tPWj8vR6IjC8n057/GwGmKM0nmkXccxNH+2K/t0iP+KSfKsZsk2A8WM7bI/EfYumjvMEUvq/SSFbxgW3ffzZuVX+o8oeh/AQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
200 OK 9.6 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 070a232d0b0e025bfc65d90c1f5ece91
b69b0ad953e27d2318d3b7783f89b2f03cac130e
bd774d7c7edcc81fd3f49a59ed1ef48868b2531bba2ee9762213e2b023f4c5de
GET /library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/webp
content-length: 9562
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-255a"
expires: Sat, 16 Mar 2024 14:06:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH37xqvAA
x-77-nzt-ray: c1fb98192df0565512bb6e65a7b9f424
x-accel-expires: @1721815971
x-accel-date: 1690279971
x-cache-lb: HIT
x-age-lb: 11475695
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475695
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
206 Partial Content 12 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 96ad52c24f7c0e4db3bf8e6c12b35a4d
b55663983b553c9f9adb0e1ada3af807a55715ec
f31922b7651e0582b68857a63239cc02dc53c0e30565fa5d11b74bf43e85527a
GET /library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: video/mp4
content-length: 12161
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-2f81"
expires: Tue, 24 Oct 2023 17:25:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH34Q6vAA
x-77-nzt-ray: c1fb98192df0565512bb6e655836f824
x-accel-expires: @1721819057
x-accel-date: 1690283057
x-cache-lb: HIT
x-age-lb: 11472609
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11472609
content-range: bytes 0-12160/12161
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
200 OK 6.7 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78a7cbaae199b27d8af5b88403bc3f06
0e7c601e717fc34755f1c990b46d2cf2c1cd4815
0adbb817827c467266b3dfec5d0b2c04826be1ce16cf4165195f2137b47ef47a
GET /library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/webp
content-length: 6702
last-modified: Wed, 27 Oct 2021 16:35:58 GMT
etag: "61797fee-1a2e"
expires: Wed, 25 Oct 2023 19:33:31 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH39BqvAA
x-77-nzt-ray: c1fb98192df0565512bb6e65bedcfa24
x-accel-expires: @1721815966
x-accel-date: 1690279966
x-cache-lb: HIT
x-age-lb: 11475700
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475700
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/140058/1772b0cdb068043cc6cc493f19a8b304ecf0e0ad.webp
200 OK 17 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/140058/1772b0cdb068043cc6cc493f19a8b304ecf0e0ad.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 900x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d4ce224b7a1319ba26a55600063a58c1
1772b0cdb068043cc6cc493f19a8b304ecf0e0ad
3e80d30e414a1ab3167429dc0b1b5182cfa7d0633252bfb598e1103364e2415c
GET /library/140058/1772b0cdb068043cc6cc493f19a8b304ecf0e0ad.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/webp
content-length: 16814
last-modified: Wed, 03 Nov 2021 11:51:27 GMT
etag: "618277bf-41ae"
accept-ch:
expires: Thu, 14 Nov 2024 07:41:22 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: Anl/LVA3Nzf/uzsaANRmOJw3Nzf/NQkAAA
x-77-nzt-ray: c1fb98192df0565512bb6e6591fffe24
x-accel-expires: @1731570082
x-accel-date: 1700036439
x-77-cache: HIT
x-77-age: 1721584
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 1719227
x-77-pop: copenhagenDK
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://777.freshteens.site/
340 B URL www.google.com/s2/favicons?domain=http://777.freshteens.site/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2f57252ff4b1fa01d360606f07b2664f
c0372b36334010914e11bc2aa4f56af8e9d4beca
d4137d12722e5ba9846d454e9913adfb433a39846e065be0292c772497f01c6b
GET /s2/favicons?domain=http://777.freshteens.site/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 340
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/cafe07f9d4ea27b868664b96f150fcfc3bd0eaeb.gif
200 OK 14 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/cafe07f9d4ea27b868664b96f150fcfc3bd0eaeb.gif
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type GIF image data, version 89a, 300 x 100\012- data
Hash 7fc87d029f61aad3bb77e35074806941
cafe07f9d4ea27b868664b96f150fcfc3bd0eaeb
5712c8f53f2910ff3fb7a94d87c03aabd026063014f41dce8c3e9a642c743f2e
GET /library/448451/cafe07f9d4ea27b868664b96f150fcfc3bd0eaeb.gif HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/gif
content-length: 13684
last-modified: Sat, 20 Aug 2022 08:14:13 GMT
etag: "630097d5-3574"
accept-ch:
expires: Mon, 18 Nov 2024 13:16:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: Anl/LVA3Nzf/GLAUANRmOAk3Nzf/XQAAAA
x-77-nzt-ray: c1fb98192df0565512bb6e65f7730125
x-accel-expires: @1731935773
x-accel-date: 1700399866
x-77-cache: HIT
x-77-age: 1355893
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 1355800
x-77-pop: copenhagenDK
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4
206 Partial Content 27 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 765f32ac2ca3b8394763f6053a3dbb91
acef643f4825b0cf2e2631871dfe10a1ba727b03
7a2683c06ff2079cba7f9438036257cd984213c6590bf924f4b20fb7de690dce
GET /library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: video/mp4
content-length: 26964
last-modified: Thu, 27 Jul 2023 20:28:57 GMT
etag: "64c2d389-6954"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Fri, 26 Jul 2024 21:05:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH32Z+kAA
x-77-nzt-ray: c1fb98192df0565512bb6e6548e10525
x-accel-expires: @1722502841
x-accel-date: 1690966841
x-cache-lb: HIT
x-age-lb: 10788825
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 10788825
content-range: bytes 0-26963/26964
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4
206 Partial Content 27 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 765f32ac2ca3b8394763f6053a3dbb91
acef643f4825b0cf2e2631871dfe10a1ba727b03
7a2683c06ff2079cba7f9438036257cd984213c6590bf924f4b20fb7de690dce
GET /library/448451/acef643f4825b0cf2e2631871dfe10a1ba727b03.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: video/mp4
content-length: 26964
last-modified: Thu, 27 Jul 2023 20:28:57 GMT
etag: "64c2d389-6954"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Fri, 26 Jul 2024 21:05:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH32Z+kAA
x-77-nzt-ray: c1fb98192df0565512bb6e65c0392a25
x-accel-expires: @1722502841
x-accel-date: 1690966841
x-cache-lb: HIT
x-age-lb: 10788825
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 10788825
content-range: bytes 0-26963/26964
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/0df70fe6561d21e0af0948443da3a5ee687fd63a.webp
200 OK 5.6 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/0df70fe6561d21e0af0948443da3a5ee687fd63a.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x100, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b0fca623b9fe0dc764dadea41e836ad
0df70fe6561d21e0af0948443da3a5ee687fd63a
73f34bc7a54ce9f621e6f967987efe775f233cfbdf50b07f98bc9f8c3118ae50
GET /library/448451/0df70fe6561d21e0af0948443da3a5ee687fd63a.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/webp
content-length: 5596
last-modified: Sat, 20 Aug 2022 08:14:12 GMT
etag: "630097d4-15dc"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 18 Nov 2024 13:16:12 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: Anl/LVA3Nzf/F6oUANRmOAk3Nzf/XwYAAA
x-77-nzt-ray: c1fb98192df0565512bb6e6526e20325
x-accel-expires: @1731935772
x-accel-date: 1700401403
x-77-cache: HIT
x-77-age: 1355894
server: CDN77-Turbo
x-cache-lb: HIT
x-age-lb: 1354263
x-77-pop: copenhagenDK
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
200 OK 6.7 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78a7cbaae199b27d8af5b88403bc3f06
0e7c601e717fc34755f1c990b46d2cf2c1cd4815
0adbb817827c467266b3dfec5d0b2c04826be1ce16cf4165195f2137b47ef47a
GET /library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: image/webp
content-length: 6702
last-modified: Wed, 27 Oct 2021 16:35:58 GMT
etag: "61797fee-1a2e"
expires: Wed, 25 Oct 2023 19:33:31 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH39BqvAA
x-77-nzt-ray: c1fb98192df0565512bb6e65ec150525
x-accel-expires: @1721815966
x-accel-date: 1690279966
x-cache-lb: HIT
x-age-lb: 11475700
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475700
accept-ranges: bytes
X-Firefox-Spdy: h2
jimperial.top/data/logo.png
200 OK 13 kB URL GET HTTP/1.1 jimperial.top/data/logo.png
IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 386 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e2a7f006096efa8d1c8df7762666129
5f90310545f94dd6813332aeb1db5f4180c40f0d
745d21cfc2484f4d727f39b803adace20ce6c3f13c1a7bf7648564ae0a3c977f
GET /data/logo.png HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:26 GMT
Server: Apache
Last-Modified: Sun, 25 Jun 2023 12:25:59 GMT
Accept-Ranges: bytes
Content-Length: 13263
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QwU4EMQj9FX9gGqBAy549a6LxA9qZ6cbDRrMm7h74eOkYE/vShNLH4wEB5QVpAXkAOAmfSN0wGSSmhML+9PzijH7b+3mkz5szVxZ0pppz9mpaCzgXKVjUBaoLqSmqF0FmyuoMnh0CJJl5RgkAPcreXh+PixPBArgjQDxmU6fQjRju4Cq69444qLfNkhlVVcRQB2QqbJ7Vts1g3XmlRtkseqHuYqQibRtTyFu6tPPX9TutH5fD0a8X0/ilv0RgmeSMnCn8xgE/0u/j2i67+z/mRDm0kZ3siHzaZp5zeK9NcVjuhdrYYx045hKgAsRAoD+TqyUufwEAAA==
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01QwU4EMQj9FX9gGqBAy549a6LxA9qZ6cbDRrMm7h74eOkYE/vShNLH4wEB5QVpAXkAOAmfSN0wGSSmhML+9PzijH7b+3mkz5szVxZ0pppz9mpaCzgXKVjUBaoLqSmqF0FmyuoMnh0CJJl5RgkAPcreXh+PixPBArgjQDxmU6fQjRju4Cq69444qLfNkhlVVcRQB2QqbJ7Vts1g3XmlRtkseqHuYqQibRtTyFu6tPPX9TutH5fD0a8X0/ilv0RgmeSMnCn8xgE/0u/j2i67+z/mRDm0kZ3siHzaZp5zeK9NcVjuhdrYYx045hKgAsRAoD+TqyUufwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01QwU4EMQj9FX9gGqBAy549a6LxA9qZ6cbDRrMm7h74eOkYE/vShNLH4wEB5QVpAXkAOAmfSN0wGSSmhML+9PzijH7b+3mkz5szVxZ0pppz9mpaCzgXKVjUBaoLqSmqF0FmyuoMnh0CJJl5RgkAPcreXh+PixPBArgjQDxmU6fQjRju4Cq69444qLfNkhlVVcRQB2QqbJ7Vts1g3XmlRtkseqHuYqQibRtTyFu6tPPX9TutH5fD0a8X0/ilv0RgmeSMnCn8xgE/0u/j2i67+z/mRDm0kZ3siHzaZp5zeK9NcVjuhdrYYx045hKgAsRAoD+TqyUufwEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.03940399%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
206 Partial Content 12 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 96ad52c24f7c0e4db3bf8e6c12b35a4d
b55663983b553c9f9adb0e1ada3af807a55715ec
f31922b7651e0582b68857a63239cc02dc53c0e30565fa5d11b74bf43e85527a
GET /library/448451/b55663983b553c9f9adb0e1ada3af807a55715ec.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: video/mp4
content-length: 12161
last-modified: Tue, 09 Aug 2022 11:14:51 GMT
etag: "62f241ab-2f81"
expires: Tue, 24 Oct 2023 17:25:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH34Q6vAA
x-77-nzt-ray: c1fb98192df0565512bb6e650714f038
x-accel-expires: @1721819057
x-accel-date: 1690283057
x-cache-lb: HIT
x-age-lb: 11472609
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11472609
content-range: bytes 0-12160/12161
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://10chan.top
200 OK 469 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://10chan.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7a348b9679ccbe626b0f3a258601b8b0
ce22be974226e23e22e4d05296df74f6ae5e85a1
efbb6418689a6bc49d968bbb611e3aed7e51dff77e5e9bf1492f6bef9626a628
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://10chan.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://10chan.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 469
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:19 GMT
expires: Tue, 12 Dec 2023 04:34:19 GMT
cache-control: public, max-age=604800
last-modified: Fri, 18 Aug 2023 18:18:30 GMT
content-type: image/png
age: 4808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jviral.buzz
200 OK 619 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jviral.buzz
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b5a48b1b5808db152f35ad74f08f9955
2622523118cea80b8c365de583845041dc77e42e
98a0d32a3e6790ac04097c4cf91eee64a15d077d6eeb2213ca7cf2e168e4f4c1
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jviral.buzz HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://jviral.buzz/images/icons/rainbow.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:45:41 GMT
expires: Mon, 11 Dec 2023 23:45:41 GMT
cache-control: public, max-age=604800
age: 22126
last-modified: Thu, 20 Apr 2023 16:44:28 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.js?idzone=4143654&size=300x250
200 OK 1.6 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 46e8ea0840b5e30cea079ed82daff26f
47fa19a489e96df917ab79b8146994f6c47b669d
212a413d2434b2a1edd5524c2fb140852b72ff3e3710741baeb8907151b97c63
GET /iframe.js?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11d8a8e9.948794593891472628%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"baf34067838988000040af98390"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH3WwoAAAwB1GY4AQH3DAAAAA
x-77-nzt-ray: c0a4cc283631dd5012bb6e6505a7e702
x-accel-expires: @1701759165
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://vipcontent.sbs
200 OK 404 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://vipcontent.sbs
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 15x16, components 3\012- data
Hash 5d8e8fe006572a339d8942def0ef4967
cb936081efaf8c2590dc280c9628badbab61db51
24ed69f4de6e94058b8c90d855d34e67f2cfb8863e6542b23ff9268b4c0b42bb
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://vipcontent.sbs HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://img88.pixhost.to/images/114/365727450_u-https-3a-2f-2ftse4-mm-bing-net-2fth-3fid-3doip.jpg
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:34:49 GMT
expires: Mon, 11 Dec 2023 20:34:49 GMT
cache-control: public, max-age=604800
last-modified: Sun, 08 Oct 2023 12:51:04 GMT
content-type: image/jpeg
age: 33578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.js?idzone=4757176&size=300x100
200 OK 2.1 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash b9ec17456430d485a919efdaf9207161
55f0854764ed751e3f560ab8cef0652f90dac4c7
0a74f8b8d98ac09a40aab8ebcc09b7dc49555f5dd775dbb43aa499ebf36363c0
GET /iframe.js?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"93d55bda36ddbba329cc7a797c3"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:06 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IhsAAAwBuUwKAQH3WwoAAAwB1GY4mQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e65219aeb24
x-accel-expires: @1701759166
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9608
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6946
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://funnycam.buzz
200 OK 603 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://funnycam.buzz
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 052021fa9280b4df616dd4de89e1b98b
86b9f73c6780347e37092bc9d653967a74190e4d
08f214c6f2dcc85d5012636dc991030a2cf7ff0b39dd61dcae1b035c9effbfc1
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://funnycam.buzz HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://funnycam.buzz/images/icons/video.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 603
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:21:24 GMT
expires: Thu, 07 Dec 2023 05:21:24 GMT
cache-control: public, max-age=604800
age: 433983
last-modified: Thu, 20 Apr 2023 17:36:10 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://photofun.sbs
200 OK 676 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://photofun.sbs
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 665f0bbb71adcc7ecb63069c09b87e23
74d20f52fdf1286a321743597cd5743fc6fe13ca
150c22fbb743bb4424d56f75a173dead410c4832dbb83b2e9347afb30bbccc0b
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://photofun.sbs HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://photofun.sbs/images/icons/bell.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 19:47:44 GMT
expires: Mon, 11 Dec 2023 19:47:44 GMT
cache-control: public, max-age=604800
last-modified: Thu, 23 Nov 2023 17:13:58 GMT
content-type: image/png
age: 36403
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jlove.pw
200 OK 816 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jlove.pw
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b23fe357724ec7a6ffd316059ede47b0
125ae1cd9c967dd3e58155efbb1a95354b5b0a13
db02a63eacdb8108d3cd56013d518ac0ade850a845e9dc4b27fda54245204a85
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jlove.pw HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://jlove.pw/images/icons/wink.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 21:19:09 GMT
expires: Tue, 05 Dec 2023 21:19:09 GMT
cache-control: public, max-age=604800
age: 549318
last-modified: Fri, 21 Apr 2023 16:08:40 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://viralcam.sbs
200 OK 581 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://viralcam.sbs
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7ce9d40823eb29aeb387f7fb3cc2ed40
1ad9838299528b777707b3e3be1a6a7543b4df13
48d8ec21e5266308c3012073ed533f43993bb4905a933590d5584fc845a8fe14
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://viralcam.sbs HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://viralcam.sbs/images/smilies/rolleyes.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 581
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:08:06 GMT
expires: Thu, 07 Dec 2023 05:08:06 GMT
cache-control: public, max-age=604800
age: 434781
last-modified: Tue, 18 Apr 2023 17:13:05 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.js?idzone=4143654&size=300x250
200 OK 2.2 kB URL GET HTTP/2 a.magsrv.com/iframe.js?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash 50b40e2805356b4d21669ee3d3e70757
9603833f3fea0427ced97a2fcc6f02fb943a4fc3
fba54e330b6beae153a5efa6049b5f82f41c7dd02df2fdb81aa4aa0252da4285
GET /iframe.js?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"baf34067838988000040af98390"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IhsAAAwBuUwKCQH3WwoAAAwB1GY4AQH3DAAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e650e07f01b
x-accel-expires: @1701759165
x-accel-date: 1701748719
x-77-cache: HIT
x-77-age: 9609
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2651, 6946
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candy-girlz.top
200 OK 519 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candy-girlz.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6614eeaac96e0de5ff2818ec96feb4be
8be8682bbbba01493bd9653bed7588da31598904
789f2aa285a01ffeb2437900b89e43dcb977e3c24add71d793f78a2e0504fd8a
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candy-girlz.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://candy-girlz.top/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 22:32:58 GMT
expires: Mon, 11 Dec 2023 22:32:58 GMT
cache-control: public, max-age=604800
last-modified: Fri, 14 Aug 2020 03:18:15 GMT
content-type: image/png
age: 26489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexycandidgirls.com
200 OK 292 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexycandidgirls.com
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 3ce07fb5b4c1b7b3b3df76c74e69b36a
715ab548ddb7cdfea1f5e712baf50f146ba4397f
93f6bad77f4ab54caaff86d587f435bacaca14bc5ee2f1e54df760b1de921784
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexycandidgirls.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://sexycandidgirls.com/wp-content/uploads/2022/03/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:19 GMT
expires: Tue, 12 Dec 2023 04:34:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 19 Mar 2022 00:58:05 GMT
content-type: image/png
age: 4808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://dolcemodz.site
200 OK 362 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://dolcemodz.site
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 8c6e878ec8bfec2661fe516e4d0cb17c
535599765331ba9f49bcadfbb28c58361e1dc3b6
c0a3afa104cf3af9f201c2f9f6dce260fd41950c991df2f4fc7cdfa27b02ec1f
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://dolcemodz.site HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://dolcemodz.site/uploads/monthly_2023_11/favorite.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 362
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 20:34:49 GMT
expires: Mon, 11 Dec 2023 20:34:49 GMT
cache-control: public, max-age=604800
last-modified: Thu, 15 Feb 2024 12:48:07 GMT
content-type: image/png
age: 33578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexyfox.cc
200 OK 293 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexyfox.cc
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash cf9d4ffc7dec49272190ab9aec34e19f
063ed5a19325ea258c6c6762e33ac724e0af5b01
d70467d46e2d922dcc425b5ecab2219425d2a93d31dd4744bb52c4a212743171
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://sexyfox.cc HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://sexyfox.cc/images/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 293
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 03:16:15 GMT
expires: Sun, 10 Dec 2023 03:16:15 GMT
cache-control: public, max-age=604800
last-modified: Sat, 24 Feb 2024 22:50:28 GMT
content-type: image/png
age: 182292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://thecams.top
200 OK 443 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://thecams.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6336cde5a7b910fd4cbfe0e37f99232e
af7148ad0790e7c2b93f985cedd4374ff82709f1
53cef3db37ebbaae376fb8e3bbd584eec2fe720158e28530f03c6e82362c1c82
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://thecams.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://thecams.top/data/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:53:16 GMT
expires: Wed, 06 Dec 2023 21:53:16 GMT
cache-control: public, max-age=604800
age: 460871
last-modified: Sat, 20 Feb 2021 07:16:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://kittyland.ws
200 OK 801 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://kittyland.ws
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b7f2dffaa88cad48dde72cd70b61b82b
04a8b696763c6d0186aca72fd7c48cd51b4d9e97
62151b674703a300dd668ccad9550335d2b687b12a9cda00a53581c3c83c2868
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://kittyland.ws HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: http://kittyland.ws/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 801
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:34:19 GMT
expires: Tue, 12 Dec 2023 04:34:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 24 Apr 2019 07:41:00 GMT
content-type: image/png
age: 4808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alinablogs.top
200 OK 228 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alinablogs.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash cf4161a1be4149481fbd2fa7cefaf715
d2656fd008a9d5baa9d29a6fc6bb0e44f008affa
0a853e18d12067375fdd5dbf6dd6197e9ebb88e9f714cfee82214c52fb280ffb
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alinablogs.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://alinablogs.top/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 21:19:10 GMT
expires: Tue, 05 Dec 2023 21:19:10 GMT
cache-control: public, max-age=604800
age: 549317
last-modified: Tue, 08 Feb 2022 18:51:47 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://pinkgirls.top
200 OK 314 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://pinkgirls.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 72062fa4f8582cc6da49addc4ea986b9
68fe044bbdb03cda67ba42ff998b5245dd348c74
8fc90501d1570aae9f93ac14b483281471f438fc3d96963f21daea19bc7e4da7
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://pinkgirls.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://pinkgirls.top/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 314
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:44:29 GMT
expires: Mon, 11 Dec 2023 23:44:29 GMT
cache-control: public, max-age=604800
age: 22198
last-modified: Sat, 30 Oct 2021 07:42:19 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alljb.am.in
200 OK 470 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alljb.am.in
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f20da0ed3f74f25b1fd3fbb78f20814d
3f7685cb2602d6f123767842881b5903d57d71ac
232c35d64764c39deb8545bf9a4419276d48b47ddf56ba867a09c63af6c44174
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://alljb.am.in HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://alljb.am.in/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 470
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 06:28:51 GMT
expires: Mon, 11 Dec 2023 06:28:51 GMT
cache-control: public, max-age=604800
last-modified: Sun, 03 Sep 2023 20:17:19 GMT
content-type: image/png
age: 84336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://teenleaksforum.tv
200 OK 362 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://teenleaksforum.tv
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f495ecaa9b4c324baaca21bedef79061
51595be7f0ef85c5fbe32dcec3299c3f0f46afee
a3102274526a60c8ede25806d54e5e4804c39108fbfef07891828188b2c401f1
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://teenleaksforum.tv HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://teenleaksforum.tv/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 362
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 05:37:19 GMT
expires: Sun, 10 Dec 2023 05:37:19 GMT
cache-control: public, max-age=604800
last-modified: Sat, 10 Feb 2024 17:51:17 GMT
content-type: image/png
age: 173828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://hotsecret.top
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://hotsecret.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://hotsecret.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://bigboxxxx.top
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://bigboxxxx.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://bigboxxxx.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/ad-provider.js
200 OK 34 kB URL GET HTTP/2 a.magsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, from Unix\012- data
Hash ec75e624d5fa457bab3ec635d8ea18f6
e62482805294694db304746f99f5a5da200bf68d
04f2d95228ce8ead2c499e7fab5cda8c993fef5e8c2dba7800800b287bec0923
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4757176&size=300x100
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"696d2ce3a3c19a72349927d5a6c"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:44:40 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH30RwAAAwBuUwKCQH3CgAAAAwB1GY4mQH3jAEAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e652ec6b22b
x-accel-expires: @1701759088
x-accel-date: 1701748288
x-77-cache: HIT
x-77-age: 7783
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 10, 7377
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://galeryfantasix.top
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://galeryfantasix.top
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://galeryfantasix.top HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://webgf.pw
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://webgf.pw
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://webgf.pw HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candyhub.ga
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candyhub.ga
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://candyhub.ga HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://transsexuals.sbs
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://transsexuals.sbs
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://transsexuals.sbs HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://nng.life
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://nng.life
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://nng.life HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://cam.mybb.online
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://cam.mybb.online
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://cam.mybb.online HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jblovehub.lol
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jblovehub.lol
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jblovehub.lol HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
304 B URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f1fb9c6e831d74d4b66565ffe16d6b0f
c3f1468c3d63765020a630ca01dc9b14bcd7f412
39f94fa337922fb84f95023be65e7c4eab841d56f158b286591b83f09445c56e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://hardpornx.com/assets/d9920/favicon-16x16.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:40:57 GMT
expires: Tue, 12 Dec 2023 03:40:57 GMT
cache-control: public, max-age=604800
last-modified: Sun, 01 May 2022 10:19:54 GMT
content-type: image/png
age: 8010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
726 B URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
726 B URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/nuh8uMX&size=16
200 OK 261 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/nuh8uMX&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1e86fecbae9c1ea0159204fee8bf22d4
efa7c090d2239cd8a1ada26b47a7d7f1b370725d
fe0dbaec14f687a6ea0bdab337af19eac762311b133be226a3b539bc291b89e7
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/nuh8uMX&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://cutt.ly/img/favicon-32x32.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 19:26:21 GMT
expires: Mon, 11 Dec 2023 19:26:21 GMT
cache-control: public, max-age=604800
last-modified: Thu, 30 Mar 2023 18:04:47 GMT
content-type: image/png
age: 37686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bravotube.tv/&size=16
200 OK 350 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bravotube.tv/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ac6597858db257b47d42066f43163835
c0a8077f5248ad9747d8eba56fbbe361d32c0a72
450945cf9b40a89dc2b0b2017ad3f53014707c1be19a865c58409e516d74498c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bravotube.tv/&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://bravotube.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 350
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 00:53:53 GMT
expires: Thu, 07 Dec 2023 00:53:53 GMT
cache-control: public, max-age=604800
age: 450034
last-modified: Wed, 30 Oct 2019 07:40:44 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://redporn.tv/&size=16
200 OK 283 B URL GET HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://redporn.tv/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 572b540d3f5957f286dda63f04482fe8
84ca44273bfc7af52ba050f51d8699351c184532
38ea2d6e4d2304779e48356f49d8e6c7f137ee8415a7a926b167744b1329fa1e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://redporn.tv/&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn.redporn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:26:57 GMT
expires: Mon, 11 Dec 2023 23:26:57 GMT
cache-control: public, max-age=604800
last-modified: Wed, 06 Nov 2019 10:05:49 GMT
content-type: image/png
age: 23250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/wyKvCnJ&size=16
200 OK 226 B URL GET HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/wyKvCnJ&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ef189d665cc5d81be4706b0462f13040
8a333ee3e9c068a3885f242ba65fcf1612de8d64
149da4301a666900ab3fcea4f109427a139f6a5f1cb6a1468b2fd36fbf0a1cf0
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/wyKvCnJ&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cutt.ly/img/icon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 226
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:57 GMT
expires: Tue, 12 Dec 2023 05:35:57 GMT
cache-control: public, max-age=604800
last-modified: Tue, 10 Apr 2018 14:46:59 GMT
content-type: image/png
age: 1110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://porndude.me/&size=16
200 OK 582 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://porndude.me/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6c2b6f705eaa161bc1efbf243191fd52
9016ee875d8b7b141ba7301a3821618e0b59a5a2
abe23bdf200881c304243c87416d8de28b48a1c3f336d698a4935ee5497eb6f0
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://porndude.me/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://porndude.me/i/favicon/apple-icon-60x60.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 582
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:28:05 GMT
expires: Mon, 11 Dec 2023 23:28:05 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Dec 2019 15:51:54 GMT
content-type: image/png
age: 23182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
webgf.pw/favicon.ico
404 Not Found 809 B IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 05:54:26 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyWRhCs%2BBwG035dceTlIgQzn0j2lgw2OJl%2Brfa7mOg4KoGxFnTeG%2FgjRjk8TmDHk1EeDmBWtktouYMQj38FRl4z4LilcdYsz9p1eljjM3xbAp5vFssIjo7S7KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a08d2bfee56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/5uh3NlD&size=16
200 OK 265 B URL GET HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/5uh3NlD&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f1aab9179f67212f69e8432b1de6d76b
a54c26c12a0ac6d532bfc467b6c1f20171f19c53
ec7c1b35a24c124dfe2e632f06004da0c27ba53667b36d4c1723dbbf29c90ffb
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cutt.ly/5uh3NlD&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://gigaporn.org/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 265
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:38:20 GMT
expires: Mon, 11 Dec 2023 23:38:20 GMT
cache-control: public, max-age=604800
last-modified: Wed, 19 Jun 2019 20:59:52 GMT
content-type: image/png
age: 22567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mofosex.net/&size=16
200 OK 282 B URL GET HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mofosex.net/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d65174ef4dbdf3da15a9093f2f4ca194
6554bbd777a56b551cfd127060b4ef4d49a0e7ae
d4e2fa3081185811923a0e1bf9f574d296a5a7d16f1c2f42c2056c762cce3bd7
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mofosex.net/&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://cdn.mofosex.net/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:10:04 GMT
expires: Tue, 12 Dec 2023 04:10:04 GMT
cache-control: public, max-age=604800
last-modified: Sun, 27 Oct 2019 02:09:11 GMT
content-type: image/png
age: 6263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
726 B URL t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
200 OK 6.7 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 78a7cbaae199b27d8af5b88403bc3f06
0e7c601e717fc34755f1c990b46d2cf2c1cd4815
0adbb817827c467266b3dfec5d0b2c04826be1ce16cf4165195f2137b47ef47a
GET /library/240298/0e7c601e717fc34755f1c990b46d2cf2c1cd4815.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:27 GMT
content-type: image/webp
content-length: 6702
last-modified: Wed, 27 Oct 2021 16:35:58 GMT
etag: "61797fee-1a2e"
expires: Wed, 25 Oct 2023 19:33:31 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH39RqvAA
x-77-nzt-ray: c1fb98192df0565513bb6e652c38d709
x-accel-expires: @1721815966
x-accel-date: 1690279966
x-cache-lb: HIT
x-age-lb: 11475701
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475701
accept-ranges: bytes
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PS05DMQy8Chdo5H8S1qxBAnGAJO+9ikUFKhLtwofHyQKRUaRJPLZnCIhPSCfQB4BHlUcyr5gqJKGEKv788uqCftv7+UhfNycBqsWFCjN7qVYyhEDYQqxQXK0yF/ICqjnKLuDsECBlkcWi5f3taV0MkDPAnRSCz32OMWcW4A5uanvviAf1ttVUKxUzRGIDFMpSfTRUUNhtq2KZMEPTZj1YOUbWYw7yli7t/H39SePzMh1kNvNpO4elBAS2jMAfTrOLQ0FhOg74+v44ru2yu/9TrkRrSWSsi3hERpEZyMeOROGOdRu9t1FGOXqNR822Hfv4Bd/bH7+DAQAA
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PS05DMQy8Chdo5H8S1qxBAnGAJO+9ikUFKhLtwofHyQKRUaRJPLZnCIhPSCfQB4BHlUcyr5gqJKGEKv788uqCftv7+UhfNycBqsWFCjN7qVYyhEDYQqxQXK0yF/ICqjnKLuDsECBlkcWi5f3taV0MkDPAnRSCz32OMWcW4A5uanvviAf1ttVUKxUzRGIDFMpSfTRUUNhtq2KZMEPTZj1YOUbWYw7yli7t/H39SePzMh1kNvNpO4elBAS2jMAfTrOLQ0FhOg74+v44ru2yu/9TrkRrSWSsi3hERpEZyMeOROGOdRu9t1FGOXqNR822Hfv4Bd/bH7+DAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PS05DMQy8Chdo5H8S1qxBAnGAJO+9ikUFKhLtwofHyQKRUaRJPLZnCIhPSCfQB4BHlUcyr5gqJKGEKv788uqCftv7+UhfNycBqsWFCjN7qVYyhEDYQqxQXK0yF/ICqjnKLuDsECBlkcWi5f3taV0MkDPAnRSCz32OMWcW4A5uanvviAf1ttVUKxUzRGIDFMpSfTRUUNhtq2KZMEPTZj1YOUbWYw7yli7t/H39SePzMh1kNvNpO4elBAS2jMAfTrOLQ0FhOg74+v44ru2yu/9TrkRrSWSsi3hERpEZyMeOROGOdRu9t1FGOXqNR822Hfv4Bd/bH7+DAQAA HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.058519850599%22%7D; expires=Thu, 04 Dec 2025 05:54:27 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
jimperial.top/data/sites/sexyfox.png
200 OK 50 kB URL GET HTTP/1.1 jimperial.top/data/sites/sexyfox.png
IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 472 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash b987b5607685a02bf60b602ecd8ba106
a7b15d5092b6b58561166bdbd792f859a995d30d
f20ad61d704aff5294c68a7380adc4937c43d6659a36cbbc17c33d46c7e5ce4f
GET /data/sites/sexyfox.png HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:26 GMT
Server: Apache
Last-Modified: Sun, 26 Nov 2023 21:59:25 GMT
Accept-Ranges: bytes
Content-Length: 50301
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
jimperial.top/data/back.png
200 OK 91 kB URL GET HTTP/1.1 jimperial.top/data/back.png
IP
ASN #206264 Amarutu Technology Ltd
Certificate IssuercPanel, Inc.
Subjectjimperial.top
Fingerprint3F:DE:72:9A:9E:CE:54:09:B4:07:C8:26:86:28:8C:F6:2C:D4:2F:FF
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 9b257709ff9f48b90b72611808fc24e0
351ab29e310503a69a1d667019b0bd10fe21a3ab
d008c7174e8d43695b6c8630b53289e88cac61036674c4e16e11827b0b43f9d5
GET /data/back.png HTTP/1.1
Host: jimperial.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/data/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 05:54:26 GMT
Server: Apache
Last-Modified: Sun, 24 Apr 2022 18:19:20 GMT
Accept-Ranges: bytes
Content-Length: 91076
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
200 OK 9.6 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 070a232d0b0e025bfc65d90c1f5ece91
b69b0ad953e27d2318d3b7783f89b2f03cac130e
bd774d7c7edcc81fd3f49a59ed1ef48868b2531bba2ee9762213e2b023f4c5de
GET /library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:30 GMT
content-type: image/webp
content-length: 9562
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-255a"
expires: Sat, 16 Mar 2024 14:06:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH38xqvAA
x-77-nzt-ray: c1fb98192df0565516bb6e65f75bc804
x-accel-expires: @1721815971
x-accel-date: 1690279971
x-cache-lb: HIT
x-age-lb: 11475699
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475699
accept-ranges: bytes
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2rEMAy9Si8Qo69tzbrrFlp6ANtxhi5CyxQ6XejwdRwYPfRBPOlJBMQL0gL6BHBRuVB0w2AQhAKq+Mvrmwv6vdfrFr7vjgKg2YUyM3u2mBMMgnAUcoXsxElZj2xJMScXcHYYIGWRWY2Rj/fn6ThAPsIh5ASzAX/gUWOvFXGjWlYLZpRjRCSOgEJJzM1qgbhqkbR1TNkoWdtaTAi0ak/HIi9hL9ef229oX/vUHgjAUxUeWA4qjy9oXDgMfLY/t1vZu/uDJ2c6VxM52axOArpztSS5tLbBaiIr8lpap0i5ax+3/gOtpFt6bwEAAA==
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2rEMAy9Si8Qo69tzbrrFlp6ANtxhi5CyxQ6XejwdRwYPfRBPOlJBMQL0gL6BHBRuVB0w2AQhAKq+Mvrmwv6vdfrFr7vjgKg2YUyM3u2mBMMgnAUcoXsxElZj2xJMScXcHYYIGWRWY2Rj/fn6ThAPsIh5ASzAX/gUWOvFXGjWlYLZpRjRCSOgEJJzM1qgbhqkbR1TNkoWdtaTAi0ak/HIi9hL9ef229oX/vUHgjAUxUeWA4qjy9oXDgMfLY/t1vZu/uDJ2c6VxM52axOArpztSS5tLbBaiIr8lpap0i5ax+3/gOtpFt6bwEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2rEMAy9Si8Qo69tzbrrFlp6ANtxhi5CyxQ6XejwdRwYPfRBPOlJBMQL0gL6BHBRuVB0w2AQhAKq+Mvrmwv6vdfrFr7vjgKg2YUyM3u2mBMMgnAUcoXsxElZj2xJMScXcHYYIGWRWY2Rj/fn6ThAPsIh5ASzAX/gUWOvFXGjWlYLZpRjRCSOgEJJzM1qgbhqkbR1TNkoWdtaTAi0ak/HIi9hL9ef229oX/vUHgjAUxUeWA4qjy9oXDgMfLY/t1vZu/uDJ2c6VxM52axOArpztSS5tLbBaiIr8lpap0i5ax+3/gOtpFt6bwEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.058519850599%22%7D; expires=Thu, 04 Dec 2025 05:54:30 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
726 B URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
200 OK 9.6 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 070a232d0b0e025bfc65d90c1f5ece91
b69b0ad953e27d2318d3b7783f89b2f03cac130e
bd774d7c7edcc81fd3f49a59ed1ef48868b2531bba2ee9762213e2b023f4c5de
GET /library/140058/b69b0ad953e27d2318d3b7783f89b2f03cac130e.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:30 GMT
content-type: image/webp
content-length: 9562
last-modified: Wed, 03 Nov 2021 11:53:34 GMT
etag: "6182783e-255a"
expires: Sat, 16 Mar 2024 14:06:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH38xqvAA
x-77-nzt-ray: c1fb98192df0565516bb6e65e09b5a05
x-accel-expires: @1721815971
x-accel-date: 1690279971
x-cache-lb: HIT
x-age-lb: 11475699
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475699
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/240298/7d62e13df6c49544e813aaa596001be4ccbe5fd7.webp
200 OK 8.9 kB URL GET HTTP/2 s3t3d2y8.afcdn.net/library/240298/7d62e13df6c49544e813aaa596001be4ccbe5fd7.webp
IP
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint23:5D:B4:21:E2:4A:BC:A2:81:F9:7D:F8:B1:5C:6C:1D:7D:F3:FC:C8
ValidityThu, 05 Oct 2023 14:56:57 GMT - Wed, 03 Jan 2024 14:56:56 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fd9e67d8755d6a71fae8fcd88730baf4
7d62e13df6c49544e813aaa596001be4ccbe5fd7
a7f179abdddf9e5ef647e14543dfa3837023218b45eee4be3a0a92ae4161ad2e
GET /library/240298/7d62e13df6c49544e813aaa596001be4ccbe5fd7.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:30 GMT
content-type: image/webp
content-length: 8932
last-modified: Wed, 27 Oct 2021 16:36:18 GMT
etag: "61798002-22e4"
expires: Wed, 25 Oct 2023 01:14:46 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: EQwBeX8tUAH3zhqvAA
x-77-nzt-ray: c1fb98192df0565516bb6e6534946b05
x-accel-expires: @1721816008
x-accel-date: 1690280008
x-cache-lb: HIT
x-age-lb: 11475662
x-77-pop: copenhagenDK
x-77-cache: HIT
x-77-age: 11475662
accept-ranges: bytes
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy04DMQz8FX5gI7+T9MwZJBAfkGR3Kw4VqEiUgz8ebxDNKPHImnhsExAvSAvoA8BJ5UTmFVOFJJRQxZ+eX1zQb1s/7+nz5igAWlyoMLOXaiVDCIQtxArFibOyHrFmxZJdwNkhQMoik8WXt9fHeTFAHs9h5AQzAT/gprb1jrhTb2tNtVIxQyQ2QKEs1UdDBYXN1iqWCTM0bdaDlX1k3Y9C3tKlnb+u32l8XKZ3IEGhMn3hjuUQc8xB0WMc8Jl+36/tsrnfdf8TzOJETnWyPwF6LE/rjqW1nsewaKz2rQ9AEl7RBv8Ctnrf3nEBAAA=
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy04DMQz8FX5gI7+T9MwZJBAfkGR3Kw4VqEiUgz8ebxDNKPHImnhsExAvSAvoA8BJ5UTmFVOFJJRQxZ+eX1zQb1s/7+nz5igAWlyoMLOXaiVDCIQtxArFibOyHrFmxZJdwNkhQMoik8WXt9fHeTFAHs9h5AQzAT/gprb1jrhTb2tNtVIxQyQ2QKEs1UdDBYXN1iqWCTM0bdaDlX1k3Y9C3tKlnb+u32l8XKZ3IEGhMn3hjuUQc8xB0WMc8Jl+36/tsrnfdf8TzOJETnWyPwF6LE/rjqW1nsewaKz2rQ9AEl7RBv8Ctnrf3nEBAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Qy04DMQz8FX5gI7+T9MwZJBAfkGR3Kw4VqEiUgz8ebxDNKPHImnhsExAvSAvoA8BJ5UTmFVOFJJRQxZ+eX1zQb1s/7+nz5igAWlyoMLOXaiVDCIQtxArFibOyHrFmxZJdwNkhQMoik8WXt9fHeTFAHs9h5AQzAT/gprb1jrhTb2tNtVIxQyQ2QKEs1UdDBYXN1iqWCTM0bdaDlX1k3Y9C3tKlnb+u32l8XKZ3IEGhMn3hjuUQc8xB0WMc8Jl+36/tsrnfdf8TzOJETnWyPwF6LE/rjqW1nsewaKz2rQ9AEl7RBv8Ctnrf3nEBAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.058519850599%22%7D; expires=Thu, 04 Dec 2025 05:54:30 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PzUpEMQyFX8UXmJL/trN2raD4AO2ddnAxKCM4s8jDm1tBbCg9NCfJFwLiA9IB9AHgqHIk84qpQhJKqOJPzy8u6LfRzzN93pwEqBYXKszspVrJEAZhC7NCcc0KmcQLMjFgWMHZIYKURZaKkrfXx3UxgpwB7qQQep/nGH32BNzBTW30jjipt1NNtVIxQyQ2QKEs1beGCgrDTlUsE2Zo2qyHKnPLOvdG3tKlnb+u32n7uOwEmc18x86BlCDeBQJ/cdirOBwU0HHA1/f7vLbLcP/nXButIbFjXeI3je4lj0y9bCMXzW0bla0XmRMrlsA8/QDPjHf9gAEAAA==
200 OK 20 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PzUpEMQyFX8UXmJL/trN2raD4AO2ddnAxKCM4s8jDm1tBbCg9NCfJFwLiA9IB9AHgqHIk84qpQhJKqOJPzy8u6LfRzzN93pwEqBYXKszspVrJEAZhC7NCcc0KmcQLMjFgWMHZIYKURZaKkrfXx3UxgpwB7qQQep/nGH32BNzBTW30jjipt1NNtVIxQyQ2QKEs1beGCgrDTlUsE2Zo2qyHKnPLOvdG3tKlnb+u32n7uOwEmc18x86BlCDeBQJ/cdirOBwU0HHA1/f7vLbLcP/nXButIbFjXeI3je4lj0y9bCMXzW0bla0XmRMrlsA8/QDPjHf9gAEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143654&size=300x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PzUpEMQyFX8UXmJL/trN2raD4AO2ddnAxKCM4s8jDm1tBbCg9NCfJFwLiA9IB9AHgqHIk84qpQhJKqOJPzy8u6LfRzzN93pwEqBYXKszspVrJEAZhC7NCcc0KmcQLMjFgWMHZIYKURZaKkrfXx3UxgpwB7qQQep/nGH32BNzBTW30jjipt1NNtVIxQyQ2QKEs1beGCgrDTlUsE2Zo2qyHKnPLOvdG3tKlnb+u32n7uOwEmc18x86BlCDeBQJ/cdirOBwU0HHA1/f7vLbLcP/nXButIbFjXeI3je4lj0y9bCMXzW0bla0XmRMrlsA8/QDPjHf9gAEAAA== HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0490099501%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%22656ebb11f2bad9.992866112360142749%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.058519850599%22%7D; expires=Thu, 04 Dec 2025 05:54:30 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
726 B URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:31 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
726 B URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:31 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/s2/favicons?domain=http://migirls.tk/
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://migirls.tk/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://migirls.tk/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e65ba693e17
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7233
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e6522de0717
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7299
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://starsgf.pw
200 OK 601 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://starsgf.pw
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c4bec1c3228622aee0de5a4b3f66bb9
94f2ffd7c2c18bd134fd4e7f1ef55a6aad166657
49f471c65e8a8a6820222b4616cd0fb0d0aa4b01285d26a8805bbdd659a30faf
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://starsgf.pw HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://starsgf.pw/images/star.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 601
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:37:19 GMT
expires: Tue, 12 Dec 2023 02:37:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 11828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jarea.pw
200 OK 511 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jarea.pw
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 5e9d23077fd07cd7e3a3cf2b963dc58e
56d3a36a2694702b1e82ab1b504aa962b3c87dbb
0d73451ebd70c517be0aa0af27ac4b217cfc04bd7887c838889f2f3e654f82ca
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://jarea.pw HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://jarea.pw/images/smilies/my.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 511
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:53:16 GMT
expires: Wed, 06 Dec 2023 21:53:16 GMT
cache-control: public, max-age=604800
age: 460871
last-modified: Wed, 26 Apr 2023 11:14:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://teen-clips.xxxtop.biz/index.php?u=celebph/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 362
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:43 GMT
expires: Tue, 05 Dec 2023 06:04:43 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4143642&size=900x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143642&size=900x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash aa5fa2a050aa3de25c4d6b1efa8a930c
9b0c83092a48a29e2d9a1df3f5a3af4e2bc0551e
0c4b7161fb0addc76048b6b4ebb6ac5888fc6baf4b6605f75346b0f5c269d412
GET /iframe.php?idzone=4143642&size=900x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKAQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e657ab71c17
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7299
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
404 Not Found 726 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
webgf.pw/cache/themes/theme1/css3.css
200 OK 3.1 kB URL GET HTTP/3 webgf.pw/cache/themes/theme1/css3.css
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type ASCII text, with very long lines (3320), with no line terminators
Hash 284f2691f8138048b6e0cc84ae1f6ba8
75f8b1d2603da254bb3d626b7276b34db60a148b
844826e3c77a8cc5ba28e9e377b13c383b02d625b59920065f2a18bc8fd8ae5a
GET /cache/themes/theme1/css3.css HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 09 Dec 2023 10:24:01 GMT
last-modified: Sun, 09 Aug 2020 13:14:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 243026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wWULf3qsq9k8OMFwPYLHWe4um%2FEt%2Fp4VzTSuYjnyOdNYXpZpCPSQ5YM%2B5OdejTK9CgTGPvN%2FlMcaJd4mgkovmNo8%2FJINJj6JQrpku44c4YRChvwEF8UZR90%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c419bc56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/s2/favicons?domain=http://777.freshteens.site/
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://777.freshteens.site/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://777.freshteens.site/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 340
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://777.freshteens.site/&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:31 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://celebmodel.cfd
404 Not Found 726 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://celebmodel.cfd
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://celebmodel.cfd HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e654f25a607
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7300
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://teen2.xxxtop.biz/index.php?u=celebph HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
x-content-type-options: nosniff
server: sffe
content-length: 356
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:51 GMT
expires: Tue, 05 Dec 2023 06:05:51 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e6510b83018
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7299
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e65e9f30e08
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7234
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
webgf.pw/jscripts/general.js?ver=1821
200 OK 16 kB URL GET HTTP/3 webgf.pw/jscripts/general.js?ver=1821
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type ASCII text, with very long lines (322)
Hash 2156f4769004c2e3c7a3f054bed89db2
7627a74876803709ef9fa372b2e8a997e2d628ae
b68ab79be655fb27de0a4b69d012fad0fc6742dad87b88673b9d530e57d07694
GET /jscripts/general.js?ver=1821 HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 09 Dec 2023 10:24:01 GMT
last-modified: Wed, 08 Jul 2020 00:00:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 243026
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUL4cDxlsZa13jdSoTZs1MkG2frxwKIBS5y9dQNKiKZ1IYavJ1xkNO84W4zaMrpP7PfeeDLMj0nTFHo4fUI7zfqW5gC8z3jzQlQlhRpTef1mhWwPhKKqjr0Nbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c409b456ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
webgf.pw/jscripts/myadvertisements.js
200 OK 1.5 kB URL GET HTTP/3 webgf.pw/jscripts/myadvertisements.js
IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
File type Unicode text, UTF-8 text, with very long lines (1548), with no line terminators
Hash 1c18ee19e5d31ffdd1e64594546c7a7c
2e2dec891af614b638cbedd6be49e0939c3b3e3a
c62bc162e462bf1c1a1ba4305e413b48890d8dd343af7078753f506fe9a5965d
GET /jscripts/myadvertisements.js HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Cookie: mybb[lastvisit]=1701755663; mybb[lastactive]=1701755663; sid=aadf620df08710428c07c42740dc3795
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sun, 10 Dec 2023 04:17:18 GMT
last-modified: Mon, 17 Aug 2020 06:56:27 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 178626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3KKofq5%2FhhwSUzHzlAcJBZd67SvNwjVXtpypCv%2F%2F3TlwnCvRSW2Qg65kwcegkyYYDgu7amxmVZ64FAYSYq8YHzRzGVNJMDsL%2FzpohlmKl8s6rwaCNnZdcP8AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c409b656ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
404 Not Found 726 B URL GET HTTP/3 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen-clips.xxxtop.biz/index.php?u=celebph/&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/build-iframe-js-url.js?idzone=4143642
200 OK 759 B URL GET HTTP/2 a.magsrv.com/build-iframe-js-url.js?idzone=4143642
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type ASCII text, with very long lines (784), with no line terminators
Hash 761c8c2ff1fa5adb0b19b929b34bf16a
f09d536f1a3dd5af86151b6624bb1abf9135b5f0
75c0473ea440586bd118d7ff28473612172cc28b015f8bd6d5f147dd737cb6a5
GET /build-iframe-js-url.js?idzone=4143642 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"f493bfd983ca8e2bca5c19cfdf5"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH3XAoAAAwB1GY4EQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e655df5c02e
x-accel-expires: @1701759165
x-accel-date: 1701748718
x-77-cache: HIT
x-77-age: 9610
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2652, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2oDMQz8lf7AGlkP28q55xZa+gHeXTv0sLQk0OSgj6/sQKkHwyCNZgYBaYm4gDwBnIRPKKYxKATGEIXt5fXNONqtrecevm8WGUCKMRYisqKpZHABU2I0Ad9QFC1orJiAMRmDkYEDhZgHCwAQze8+3p/njw40BbijgPMRaui+zuE+blXXCmmXyrm3mIti1q1vKUfAXVoeQqvhqOfr5SdsX8dMfGQpTnv4wzLE5J3R+/gDm+PPfqlHM/unHHh4k/fXyWzUZR49LWovO5V1Lz21pEhr44oquOJelfkXSf9Ltl8BAAA=
200 OK 0 B URL GET HTTP/1.1 s.magsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2oDMQz8lf7AGlkP28q55xZa+gHeXTv0sLQk0OSgj6/sQKkHwyCNZgYBaYm4gDwBnIRPKKYxKATGEIXt5fXNONqtrecevm8WGUCKMRYisqKpZHABU2I0Ad9QFC1orJiAMRmDkYEDhZgHCwAQze8+3p/njw40BbijgPMRaui+zuE+blXXCmmXyrm3mIti1q1vKUfAXVoeQqvhqOfr5SdsX8dMfGQpTnv4wzLE5J3R+/gDm+PPfqlHM/unHHh4k/fXyWzUZR49LWovO5V1Lz21pEhr44oquOJelfkXSf9Ltl8BAAA=
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy2oDMQz8lf7AGlkP28q55xZa+gHeXTv0sLQk0OSgj6/sQKkHwyCNZgYBaYm4gDwBnIRPKKYxKATGEIXt5fXNONqtrecevm8WGUCKMRYisqKpZHABU2I0Ad9QFC1orJiAMRmDkYEDhZgHCwAQze8+3p/njw40BbijgPMRaui+zuE+blXXCmmXyrm3mIti1q1vKUfAXVoeQqvhqOfr5SdsX8dMfGQpTnv4wzLE5J3R+/gDm+PPfqlHM/unHHh4k/fXyWzUZR49LWovO5V1Lz21pEhr44oquOJelfkXSf9Ltl8BAAA= HTTP/1.1
Host: s.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.magsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656ebb11f2bad9.992866112360142749%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 05:54:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.magsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 04 Dec 2025 05:54:26 GMT; path=/; domain=.magsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google.com/s2/favicons?domain=http://loland.topz.mobi/in/97914
301 Moved Permanently 304 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://loland.topz.mobi/in/97914
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://loland.topz.mobi/in/97914 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
x-content-type-options: nosniff
server: sffe
content-length: 345
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:32:26 GMT
expires: Tue, 05 Dec 2023 06:02:26 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e659bde9607
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7300
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
200 OK 65 kB URL User Request GET HTTP/2 IP
Certificate IssuerLet's Encrypt
Subjectwebgf.pw
Fingerprint98:42:65:F9:C3:C0:7D:FD:2C:DF:B6:D4:80:FA:7E:0E:7C:6D:AA:65
ValidityMon, 04 Dec 2023 00:27:46 GMT - Sun, 03 Mar 2024 00:27:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: webgf.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:23 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: mybb[lastvisit]=1701755663; expires=Wed, 04-Dec-2024 05:54:23 GMT; path=/; domain=.webgf.pw; secure
mybb[lastactive]=1701755663; expires=Wed, 04-Dec-2024 05:54:23 GMT; path=/; domain=.webgf.pw; secure
sid=aadf620df08710428c07c42740dc3795; path=/; domain=.webgf.pw; HttpOnly; secure
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Bf4yBsASWYagHab6JZnG6cheA9d5%2BXXtwn8vEctcWMnMCqyakrxwW6kU8wKDNYrRqILoF7ci%2FTfi%2FOIcfOKQs31FTCZTAolWRpBnSyV1Ea26W9ugqBHrHrvNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830a08c07b68b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://camfun.pw
200 OK 659 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://camfun.pw
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1465a3f27f8a3553a3f395c4309ee5fa
544a16245884735a16b546de7fc588956d60a28b
0739def2843597bf298f95289700aa20099e65b729e99cc1bfd1151f84373ede
GET /faviconV2?client=SOCIAL&fallback_opts=TYPE,&url=https://camfun.pw HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jimperial.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://camfun.pw/images/icons/exclamation.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 659
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 22:32:56 GMT
expires: Mon, 11 Dec 2023 22:32:56 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Apr 2023 17:37:13 GMT
content-type: image/png
age: 26491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
200 OK 304 B URL GET HTTP/3 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash f1fb9c6e831d74d4b66565ffe16d6b0f
c3f1468c3d63765020a630ca01dc9b14bcd7f412
39f94fa337922fb84f95023be65e7c4eab841d56f158b286591b83f09445c56e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://loland.topz.mobi/in/97914&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://hardpornx.com/assets/d9920/favicon-16x16.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:40:57 GMT
expires: Tue, 12 Dec 2023 03:40:57 GMT
cache-control: public, max-age=604800
last-modified: Sun, 01 May 2022 10:19:54 GMT
content-type: image/png
age: 8010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e65babeb017
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7233
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4143642&size=900x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143642&size=900x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash aa5fa2a050aa3de25c4d6b1efa8a930c
9b0c83092a48a29e2d9a1df3f5a3af4e2bc0551e
0c4b7161fb0addc76048b6b4ebb6ac5888fc6baf4b6605f75346b0f5c269d412
GET /iframe.php?idzone=4143642&size=900x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKAQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e659f10d907
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7300
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e65f08d0208
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7234
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
img90.pixhost.to/images/748/397219203_3fb7925b257b08bf3efe854fe8190ed824eb796d.gif
200 OK 3.5 kB URL GET HTTP/1.1 img90.pixhost.to/images/748/397219203_3fb7925b257b08bf3efe854fe8190ed824eb796d.gif
IP
ASN #48326 DataNetworks s.r.o.
Certificate IssuerLet's Encrypt
Subjectpixhost.to
FingerprintB0:B6:D4:33:92:18:0E:B3:78:E5:26:C5:B8:29:59:C7:9F:FB:F3:FC
ValidityFri, 17 Nov 2023 09:27:11 GMT - Thu, 15 Feb 2024 09:27:10 GMT
File type GIF image data, version 89a, 468 x 60\012- data
Hash 904e4d3feea8c70aee16f6b45e2ae22d
3fb7925b257b08bf3efe854fe8190ed824eb796d
4cc72496774282b6d553283d6781bdfe25c9bb1059527f1b658afb00fc2389d7
GET /images/748/397219203_3fb7925b257b08bf3efe854fe8190ed824eb796d.gif HTTP/1.1
Host: img90.pixhost.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 05 Dec 2023 05:54:24 GMT
Content-Type: image/gif
Content-Length: 3541
Last-Modified: Thu, 09 Nov 2023 13:04:32 GMT
Connection: keep-alive
ETag: "654cd8e0-dd5"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes
www.google.com/s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://sweetpussies.xxxbit.com/index.php?u=webgf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
x-content-type-options: nosniff
server: sffe
content-length: 361
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:57 GMT
expires: Tue, 05 Dec 2023 06:05:57 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
404 Not Found 726 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetpussies.xxxbit.com/index.php?u=webgf&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:27 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e655095fa16
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7233
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://babe8.net/&size=16
200 OK 197 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://babe8.net/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1225c90c77926fe83f4c19715554e92d
6515d2468dcb0cd43ee830cf9cc15625a209636e
ef061beac221771987de6ae5c7b8cbef207162591210456a5012416af5c24d68
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://babe8.net/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-location: https://static.mp4.center/skin/babe8.net/asset/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 04:04:13 GMT
expires: Tue, 12 Dec 2023 04:04:13 GMT
cache-control: public, max-age=604800
last-modified: Thu, 20 Jun 2019 05:21:18 GMT
content-type: image/png
age: 6614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/s2/favicons?domain=http://celebmonster.buzz/
301 Moved Permanently 726 B URL GET HTTP/2 www.google.com/s2/favicons?domain=http://celebmonster.buzz/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=http://celebmonster.buzz/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmonster.buzz/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 338
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:34:44 GMT
expires: Tue, 05 Dec 2023 06:04:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IxsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e657ef4cd17
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7299
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6947
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
404 Not Found 726 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk/&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:31 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.magsrv.com/iframe.php?idzone=4143654&size=300x250
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4143654&size=300x250
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c1d13c4136e2dbde6c8b24a3bc585a9e
06e8f4e54b6a28119d3c8974c63a6dda60da982f
8305fc9d4c93fc6315473f0fb34308ebccab1999c5735ae4198d562f747274fd
GET /iframe.php?idzone=4143654&size=300x250 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:53:51 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwBJRPCKAH3JwAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e650d2d1f08
x-accel-expires: @1701759231
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7234
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
404 Not Found 726 B URL GET HTTP/3 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teen2.xxxtop.biz/index.php?u=celebph&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webgf.pw/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 05:54:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i.imgur.com/barf70E.jpg
200 OK 21 kB IP
Certificate IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 728x90, components 3\012- data
Hash db8a06c001eec4fd8a9787315cd129d9
14880c2dd6db8a208f713cd14954eb13be6b1bb6
3dd3580df50c246c41e1208c8e3faa41c1e0da0918703870f3fe6bf273b81d80
GET /barf70E.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 07 Aug 2020 19:25:56 GMT
etag: "db8a06c001eec4fd8a9787315cd129d9"
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: jzYWTc4Bjm4jzT9TM520a5Yxx_YRlKxZnuAvGjG6aJxRdfx1XMoJGA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 05 Dec 2023 05:54:24 GMT
age: 4461450
x-served-by: cache-iad-kjyo7100107-IAD, cache-bma1624-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3388, 6
x-timer: S1701755664.303401,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 20967
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=https://babe8.net/
301 Moved Permanently 197 B URL GET HTTP/2 www.google.com/s2/favicons?domain=https://babe8.net/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=https://babe8.net/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://babe8.net/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 05 Dec 2023 05:35:57 GMT
expires: Tue, 05 Dec 2023 06:05:57 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
livezombymil.com/get/1809942?zoneid=1809942&jp=_cljayxgb18tnvvdk57bnsf&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1&frq=0
200 OK 4.7 kB URL GET HTTP/2 livezombymil.com/get/1809942?zoneid=1809942&jp=_cljayxgb18tnvvdk57bnsf&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1&frq=0
IP
Certificate IssuerBuypass AS-983163327
Subject
FingerprintD6:92:EF:54:61:0C:3A:E3:F7:6C:D8:B0:CB:2B:07:BC:72:09:5F:8B
ValiditySat, 28 Oct 2023 13:53:09 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (5065), with no line terminators
Hash 0195359b1634508c500039beeb4b3ecd
7937b6fbacc6a024f605cc30bc802f0dc01c539b
b81a8fdc4e09f13dfe47de6bc5878fe270f81a6899714fc9a8db13c44ea39155
GET /get/1809942?zoneid=1809942&jp=_cljayxgb18tnvvdk57bnsf&nojs=0&abvar=428&febuild=0b10927d5d9639b773994e360a0ef769d8d93687&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&afid=4333650910273024&eclog=0&sp=1&im=1&frq=0 HTTP/1.1
Host: livezombymil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Tue, 07 Jan 2025 05:54:25 GMT; Secure; SameSite=None
UID=2312050054a4d0c7b75deb464781e4998cb1; Path=/; Expires=Tue, 07 Jan 2025 05:54:25 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
a.magsrv.com/build-iframe-js-url.js?idzone=4143642
200 OK 759 B URL GET HTTP/2 a.magsrv.com/build-iframe-js-url.js?idzone=4143642
IP
ASN #60068 Datacamp Limited
Requested by https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type ASCII text, with very long lines (784), with no line terminators
Hash 761c8c2ff1fa5adb0b19b929b34bf16a
f09d536f1a3dd5af86151b6624bb1abf9135b5f0
75c0473ea440586bd118d7ff28473612172cc28b015f8bd6d5f147dd737cb6a5
GET /build-iframe-js-url.js?idzone=4143642 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.magsrv.com/iframe.php?idzone=4143642&size=900x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:24 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"f493bfd983ca8e2bca5c19cfdf5"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Mon, 04 Dec 2023 18:52:05 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3IhsAAAwBuUwKCQH3XAoAAAwB1GY4EQH3CwAAAA
x-77-nzt-ray: c0a4cc283631dd5010bb6e65fc28d73a
x-accel-expires: @1701759165
x-accel-date: 1701748718
x-77-cache: HIT
x-77-age: 9609
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 2652, 6946
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.magsrv.com/iframe.php?idzone=4757176&size=300x100
200 OK 275 B URL GET HTTP/2 a.magsrv.com/iframe.php?idzone=4757176&size=300x100
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectmagsrv.com
FingerprintC5:BC:C0:62:0C:DC:A9:D2:61:A6:77:A9:6C:31:19:AD:CD:2E:00:67
ValidityThu, 05 Oct 2023 15:26:28 GMT - Wed, 03 Jan 2024 15:26:27 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 75892cb96777d8d166d005643cbe3f28
4a68e45605f0ca5321b6087753ce913f408bcd80
7de036e50e5ca305ea568aa6545c7f2af0214ce70c9457c6544d9ffa82d17728
GET /iframe.php?idzone=4757176&size=300x100 HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://webgf.pw/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 05:54:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Tue, 05 Dec 2023 06:52:45 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBuUwJDQH3JBsAAAwBuUwKCQH39wAAAAwB1GY4EQH3aQAAAA
x-77-nzt-ray: c0a4cc283631dd5011bb6e6556fc3e07
x-accel-expires: @1701759165
x-accel-date: 1701748717
x-77-cache: HIT
x-77-age: 7300
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 247, 6948
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
172.67.147.84
104.21.95.194
212.117.190.201
103.109.101.94
185.76.9.15
94.229.45.2
95.211.229.247
121.127.45.82