| thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ |  104.21.12.33 | 301 Moved Permanently | 0 B |
URL HTTP/1.1thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ IP104.21.12.33:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 20:49:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 28 Jan 2023 21:49:05 GMT
Location: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiXXrey3002526BgJ3xa7CtXTO4Az9J6Cc3AurFCt92YGXlzPjOvP26QYPa%2B%2BzQyJNU2ia%2BAwQJRM3g5XW%2F06N%2F02BTFF4RrpEaemHibqfNUa8dqA0hDb95uWkVox6G%2BX3APVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c97b82cf80b69-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4611
Expires: Sat, 28 Jan 2023 22:05:56 GMT
Date: Sat, 28 Jan 2023 20:49:05 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash81dd5c5cc5b3278876cb44dcb520a60f c0511a59e9eccdcdda98717b87c89c5d59974808 41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11079
Expires: Sat, 28 Jan 2023 23:53:44 GMT
Date: Sat, 28 Jan 2023 20:49:05 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 20:43:06 GMT
content-type: application/json
age: 359
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13575
Expires: Sun, 29 Jan 2023 00:35:20 GMT
Date: Sat, 28 Jan 2023 20:49:05 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RChlqzyUFHDYdWggqLQhVRMun5LJux9PIOvGk+a7hxje5ypdRwTTYkaY3gDYVOWolrzVVBod45I=
x-amz-request-id: VPV01BA8DEM7NJ2K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 20:21:06 GMT
age: 1679
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash054c584968c98feda46e76ad7d7611f6 1de311587c4688f56c269e818286633a321da352 ed8a2aea810b33e0e3409ca81d3d40940790516520b97656735d875dd75283bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 293
Cache-Control: max-age=129192
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:05 GMT
Etag: "63d4dec5-117"
Expires: Mon, 30 Jan 2023 08:42:17 GMT
Last-Modified: Sat, 28 Jan 2023 08:37:25 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 279
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:05 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/static/images/logo.png | 104.21.12.33 | 200 OK | 5.3 kB |
URL HTTP/2thebussybandit.com/static/images/logo.png IP104.21.12.33:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash158eceeffc15ac2f528fb48e600c64ba 8b9e90bd4f1fa6c8e6b8fd55648bc083f8dcc49a e12b2b146fc0a39233caf71c02fe5569a3be6c42b89ffa7760fb87db9c1b7e74
GET /static/images/logo.png HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: image/webp
content-length: 5304
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=8382
content-disposition: inline; filename="logo.webp"
etag: "60ef6bd3-20be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 14 Jul 2021 22:57:23 GMT
vary: Accept
cf-cache-status: HIT
age: 244967
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jROe%2BiIZWSW55EfgePdDw03Egpz5xmagx1ofE6ObZnaRC3Yf48LQAQk3drJisolATnzfHHuyZkko3fgFqy8S07gZ5wqXMuVBsmLlONhQ3kzq0RrTkvd3TBLENYBHvN9SiipaGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd1c6db511-OSL
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/contents/avatars/0/3.png | 104.21.12.33 | 200 OK | 2.3 kB |
URL HTTP/2thebussybandit.com/contents/avatars/0/3.png IP104.21.12.33:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash405189c237411d09fdd9e1bd6c9eeaae c0ebb16220d159d15ad23fc216908f690a60d10d 085b64fea9c56c83ab9f49732ace4d2ab23246b14ca81d10ebd5593673e03d5a
GET /contents/avatars/0/3.png HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: image/webp
content-length: 2266
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5259
content-disposition: inline; filename="3.webp"
etag: "5f0e6e6f-148b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 15 Jul 2020 02:48:15 GMT
vary: Accept
cf-cache-status: HIT
age: 243384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBZwmVJ1iSBMUxNZLliA6MfVw24r5s5D%2BnG7ZmhHe%2FqVM05modgaoOHzPJe1zY%2FgNaH2rZuW4bonVMEdL9gKPJuWTCvkBgW%2BN8iRWMAcqCdvKuGjzVcAEykyEPfSCYbPL8lFcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd1c76b511-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash86352d15c37831cf9bf1e41325029224 ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21 154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11136
Expires: Sat, 28 Jan 2023 23:54:42 GMT
Date: Sat, 28 Jan 2023 20:49:06 GMT
Connection: keep-alive
|
|
| thebussybandit.com/static/styles/jquery.fancybox-metal.css?v=7.5 | 104.21.12.33 | 200 OK | 1.8 kB |
URL HTTP/2thebussybandit.com/static/styles/jquery.fancybox-metal.css?v=7.5 IP104.21.12.33:0
File typeASCII text, with very long lines (4110), with no line terminators Hashf262796a47ec64a9c2c77f650e2b5662 39ff0f2ba26eff82ab276a3251ae33e8dfd56113 71ab366236d5572db9a5d8f2bc2e777ee99ed827a719dfd944747bcf1cc12356
GET /static/styles/jquery.fancybox-metal.css?v=7.5 HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=5382
etag: W/"5ee0b350-1506"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 10 Jun 2020 10:17:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20378510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txpjpIoX1k0y6GjNsUFZ8FwRShzhTEDXlqax3RwwwQGUFbcUIL6Z0253LdgiuW9%2Fketw61K1oa3pWNfb9NQp4EVdHrg12lg%2BL7PbL%2FwSYrmFfbBEJK2kzk062QkZkHNTr6s0WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd1c67b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashbab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| thebussybandit.com/static/js/main.min.js?v=7.5 | 104.21.12.33 | 200 OK | 84 kB |
URL HTTP/2thebussybandit.com/static/js/main.min.js?v=7.5 IP104.21.12.33:0
File typeASCII text, with very long lines (32089), with CRLF line terminators Hashce1e41547cd75aeb568ae17063a144d0 dc96bb628409502a638395b480f436325e1a5b75 eac5b5195740c32027f21b75314bda48f04542e6af7bedf36b471fd1ce04d7f0
GET /static/js/main.min.js?v=7.5 HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript
last-modified: Wed, 10 Jun 2020 10:17:52 GMT
vary: Accept-Encoding
etag: W/"5ee0b350-3fb18"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 54584716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImesQJaSVWNCodDNgyX44n1J9BQIXOLjpD4V2Ucy8mZxeDleJ8zXXMFLOtQr80OlmEBwIKObSzIenFbkH82D3ZGTDWBAvFQGwXhxFOYsxR6kRSlImpGhLFCIo83evwkovS4A5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd9d65b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/static/images/fonts/icomoon.ttf?nddhpi | 104.21.12.33 | 200 OK | 10 kB |
URL HTTP/2thebussybandit.com/static/images/fonts/icomoon.ttf?nddhpi IP104.21.12.33:0
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data Hashfd0058f5082235e827e8815f9e0c360b a070dae3322004469f383580800084cf24600748 b205c930ee97be0d7c8b3fb5d04868ab7ddee188701699c4446d11e2a758169d
GET /static/images/fonts/icomoon.ttf?nddhpi HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/static/styles/all-responsive-metal.css?v=7.5
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/font-sfnt
last-modified: Wed, 10 Jun 2020 10:17:52 GMT
etag: W/"2560-5a7b828177400"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuQsyeR1e%2BdcjwyH%2FPfVFzMjtLgLC90df4r%2BQwIvTxrrFi2gbSSgSOOFV4QVn1ergSFeZ75xNGp%2BYS2mDW7vdoAGUcZM6YnqKrZqyrrLYiGtHhmQs1whTd4%2BTCeJSoCo4bD9ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97bdedfcb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3Z955CVMD5 | 172.217.21.168 | 200 OK | 82 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-3Z955CVMD5 IP172.217.21.168:0
File typeASCII text, with very long lines (29535) Hash687dfb2b2b7d5182e38e0e97a79f44e6 a7238c68e6b520623305bcaadb6b8c9478a265ec 8688076ea75d92765d87caadc0891f35de3509e8061c6e39b28e6545cc796644
GET /gtag/js?id=G-3Z955CVMD5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:49:06 GMT
expires: Sat, 28 Jan 2023 20:49:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashbab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s4.sb89347.com/api/click/17235381317325095?c=90 |  135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/click/17235381317325095?c=90 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/17235381317325095?c=90 HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw=
Cookie: nauid=cMyMhmwcXJSnx9cYqBDE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/click/9416049804614697095?c=90 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/click/9416049804614697095?c=90 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/9416049804614697095?c=90 HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw=
Cookie: nauid=cMyMhmwcXJSnx9cYqBDE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/click/7455976824323401095?c=90 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/click/7455976824323401095?c=90 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/click/7455976824323401095?c=90 HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw=
Cookie: nauid=cMyMhmwcXJSnx9cYqBDE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.160.69.117 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.160.69.117:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6G73pPGJ5PWyStOh6nC54w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d6XMq0klTU0AZhkaN9KzgkAIsYM=
|
|
| syndication.realsrv.com/v1/api.php |  95.211.229.248 | 200 OK | 1.2 kB |
URL HTTP/1.1syndication.realsrv.com/v1/api.php IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1582), with no line terminators Hashb21f2e015f4e41f242c39fee79212868 d575a15555bf7c5c4a1527488bd449bfddcf1fe9 e439bb4fa4ce45095648dc0b601c2657b5b4ca8549985de465cf15613e3017c8
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://s4.sb89347.com
Connection: keep-alive
Referer: https://s4.sb89347.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://s4.sb89347.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2263d58a42a8b2a2.817396123153902592%22%3B%7D; expires=Mon, 27-Jan-2025 20:49:06 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| syndication.realsrv.com/v1/api.php | 95.211.229.248 | 200 OK | 1.2 kB |
URL HTTP/1.1syndication.realsrv.com/v1/api.php IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1577), with no line terminators Hash9b7796f7760db88df019bff287475f01 f5276e3e8d90fdc2b4b85efb823e2e467ad79ea5 5e3db96689a38e5fe557f01242dbd46207620bbcd9c1d1f050a5eb562840fefc
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 323
Origin: https://s4.sb89347.com
Connection: keep-alive
Referer: https://s4.sb89347.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://s4.sb89347.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A30%3A%2263d58a42ad1aa8.302741706724346%22%3B%7D; expires=Mon, 27-Jan-2025 20:49:06 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.24.14 | 200 OK | 5.1 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (17660) Hashabe1df98b6ab4644bd567e6669d0da03 27e3bf22ef08b7ca0090721ed31b4f921d278e7c cd40ba7dbf63d67511c0fd56b7e5327dbedb43d15c439d79a8aacb6377059540
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3808098
expires: Thu, 18 Jan 2024 20:49:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hvql0XXrjXvdTvfXSpctZ%2BNZz%2BQg9NihaHq2A9Mp8pXJQFrUW71HYm96tywLXUOTRb%2FBdNA7V45Oz0zLW8ACU0G6HdsT9H402UuUYeXIL3JJvagQ5nR1KjZ4BzCEP2PxG9fhzGS3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 790c97c26c880b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://thebussybandit.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97c27d82b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/?video_id=250982&mode=async&action=js_stats&rand=1674938951022 | 104.21.12.33 | 200 OK | 43 B |
URL HTTP/2thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/?video_id=250982&mode=async&action=js_stats&rand=1674938951022 IP104.21.12.33:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/?video_id=250982&mode=async&action=js_stats&rand=1674938951022 HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: image/gif
content-length: 43
x-powered-by: PHP/7.3.19
set-cookie: kt_is_visited=1; expires=Sun, 29-Jan-2023 20:49:06 GMT; Max-Age=86400; path=/; domain=.thebussybandit.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5X1uvwOB%2FU2%2Fkf1vV3V4X7RjJfKSVQe7UJfJVJnqELgT93pZLo%2F22Z2OGKSX1gZxxy3oZPhTs5VHVxGUijORoc9VC%2BY1Otf%2FNlqbjdgpQSdu7u5iECJwWIExRk5DO%2FTx2CzSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97c1ac6db511-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashe517537aac970652caf496177313c20b ef5b281b9e4d8a39eeaa6c3fb331d4b28d081ab7 ac56e1b45c26e17634c41651b75da3d66e752cf51dfb536a6f258261f1e8ed61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC56E1B45C26E17634C41651B75DA3D66E752CF51DFB536A6F258261F1E8ED61"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10713
Expires: Sat, 28 Jan 2023 23:47:40 GMT
Date: Sat, 28 Jan 2023 20:49:07 GMT
Connection: keep-alive
|
|
| 4.adsco.re/ | 162.252.214.5 | 200 OK | 62 B |
IP162.252.214.5:0
File typeASCII text, with no line terminators Hashadde5febc7b5b6c2c759ec735cce83a0 77ec17be8a9970ff04663294d41c590d0d24fde4 ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://thebussybandit.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| thebussybandit.com/static/images/search.svg | 104.21.12.33 | 200 OK | 1.8 kB |
URL HTTP/2thebussybandit.com/static/images/search.svg IP104.21.12.33:0
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (545) Hash455a16399d2406cca3f46e373bc0e742 11b07c430ffe0270851d1a5077f69d375a223546 e2d6db54080071246435efcc0e1b513deae23760d6beb8b6bb67cbaa5cfdc030
GET /static/images/search.svg HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/static/styles/all-responsive-metal.css?v=7.5
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: image/svg+xml
last-modified: Wed, 10 Jun 2020 10:17:52 GMT
vary: Accept-Encoding
etag: W/"5ee0b350-c43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20381687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9UZ808jAX%2BtbwMpOuZQpjFXU1vmiV2Yy8kYAaGnbbVLWkp2YNs7r%2FvXRfMiMx8J2E%2FC2nl5WRM3zF8OUh7fAH9YTWYOiyTpVI8SIuiydi4sUpbY%2FVFNg5k1ZM1tViykaopJrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd9d79b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 5wlluci36ehg.l4.adsco.re/ | 185.200.118.90 | 200 OK | 0 B |
URL HTTP/1.15wlluci36ehg.l4.adsco.re/ IP185.200.118.90:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5wlluci36ehg.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PSWoDQQz8Sj4wjfaWfE6uCTj4AdOzQA5xDpOADXp8picYojpUoaUoERAPgAP5E+pJ4gSWgSWgCBVUyde3cwpm+9m2exuv88d3mb4+U8hAI0mFXNKFCCO5qrlFInpK9arVsrqEmlIKJCfsIGWRrgqgVVYnCg33yEp5eX/Ol8s5sYCLPoiSAW6kkHgE6maya7h1w7H5GIsYtUAmMF7ZmiCz1TnGlftiblK25sFSj/zwh7I/4fucHo0dAx60F+Shxu1+nTL/rXTocWQp3lOlrG1ts8i0tEUCeoI2VViAXFfT+gtbsXs6aQEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01PSWoDQQz8Sj4wjfaWfE6uCTj4AdOzQA5xDpOADXp8picYojpUoaUoERAPgAP5E+pJ4gSWgSWgCBVUyde3cwpm+9m2exuv88d3mb4+U8hAI0mFXNKFCCO5qrlFInpK9arVsrqEmlIKJCfsIGWRrgqgVVYnCg33yEp5eX/Ol8s5sYCLPoiSAW6kkHgE6maya7h1w7H5GIsYtUAmMF7ZmiCz1TnGlftiblK25sFSj/zwh7I/4fucHo0dAx60F+Shxu1+nTL/rXTocWQp3lOlrG1ts8i0tEUCeoI2VViAXFfT+gtbsXs6aQEAAA== IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01PSWoDQQz8Sj4wjfaWfE6uCTj4AdOzQA5xDpOADXp8picYojpUoaUoERAPgAP5E+pJ4gSWgSWgCBVUyde3cwpm+9m2exuv88d3mb4+U8hAI0mFXNKFCCO5qrlFInpK9arVsrqEmlIKJCfsIGWRrgqgVVYnCg33yEp5eX/Ol8s5sYCLPoiSAW6kkHgE6maya7h1w7H5GIsYtUAmMF7ZmiCz1TnGlftiblK25sFSj/zwh7I/4fucHo0dAx60F+Shxu1+nTL/rXTocWQp3lOlrG1ts8i0tEUCeoI2VViAXFfT+gtbsXs6aQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s4.sb89347.com
Connection: keep-alive
Referer: https://s4.sb89347.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A30%3A%2263d58a42ad1aa8.302741706724346%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://s4.sb89347.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.0199%22%7D; expires=Mon, 27 Jan 2025 20:49:07 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Qy2rDQAz8lf6AF71Xyrm9tpCSD9i1E+ih6cEtJKCP79olUM1hBmkkBhEQT4AT+RPqQeIAloEloAgVVMnXt2MKZv9Z13tv1+Xju8xfnylkoJGkQi7pQoSRXNXcIhE9pXrValldQk0pBZITBkhZZFMF0EQDo9axFZGV8vT+nC+nY2IBF30QJQPcSCFxD7Qdk6Hhth1s3VucxagHMoHxha0LMltdol14M+YqZe0eLHXPD38ooI5jTo/GwIQ7jYLcVVvv1znzn2WD7kuW4luqFGMNV2Jr4UtwqyHtfJ476Xhj1V/4MYczaQEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Qy2rDQAz8lf6AF71Xyrm9tpCSD9i1E+ih6cEtJKCP79olUM1hBmkkBhEQT4AT+RPqQeIAloEloAgVVMnXt2MKZv9Z13tv1+Xju8xfnylkoJGkQi7pQoSRXNXcIhE9pXrValldQk0pBZITBkhZZFMF0EQDo9axFZGV8vT+nC+nY2IBF30QJQPcSCFxD7Qdk6Hhth1s3VucxagHMoHxha0LMltdol14M+YqZe0eLHXPD38ooI5jTo/GwIQ7jYLcVVvv1znzn2WD7kuW4luqFGMNV2Jr4UtwqyHtfJ476Xhj1V/4MYczaQEAAA== IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Qy2rDQAz8lf6AF71Xyrm9tpCSD9i1E+ih6cEtJKCP79olUM1hBmkkBhEQT4AT+RPqQeIAloEloAgVVMnXt2MKZv9Z13tv1+Xju8xfnylkoJGkQi7pQoSRXNXcIhE9pXrValldQk0pBZITBkhZZFMF0EQDo9axFZGV8vT+nC+nY2IBF30QJQPcSCFxD7Qdk6Hhth1s3VucxagHMoHxha0LMltdol14M+YqZe0eLHXPD38ooI5jTo/GwIQ7jYLcVVvv1znzn2WD7kuW4luqFGMNV2Jr4UtwqyHtfJ476Xhj1V/4MYczaQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s4.sb89347.com
Connection: keep-alive
Referer: https://s4.sb89347.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A30%3A%2263d58a42ad1aa8.302741706724346%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://s4.sb89347.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.0199%22%7D; expires=Mon, 27 Jan 2025 20:49:07 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s3t3d2y8.afcdn.net/library/426059/84f8dd393f551520a3cd45a137f1970e85013934.webp |  185.76.9.15 | 200 OK | 11 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/426059/84f8dd393f551520a3cd45a137f1970e85013934.webp IP185.76.9.15:0 ASN#60068 Datacamp Limited
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash781e132fad60d2980890b7e4a6831085 84f8dd393f551520a3cd45a137f1970e85013934 f97debd21b71487faa01ea7b2e321a3db2d10cb02bf6623d470f202ff664b1e1
GET /library/426059/84f8dd393f551520a3cd45a137f1970e85013934.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.sb89347.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/webp
content-length: 11058
last-modified: Mon, 16 Jan 2023 17:01:22 GMT
etag: "63c582e2-2b32"
expires: Tue, 16 Jan 2024 17:03:42 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1705437068
server: CDN77-Turbo
x-77-nzt: AblMCQ3yH7//N9YPAA
x-77-nzt-ray: c0a4cc28bd4ebe6d438ad563cd1d750a
x-cache: HIT
x-age: 1037879
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js | 142.250.74.35 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (771) Size164 kB (163774 bytes) Hash57c909ab73fc27ec24f737bbf1cb1de8 89b2c02e9e7a9a764518fca545d3eec2044fd6d9 7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 445173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8df27b7a601d90962a00b17e8fdd5ccb ffe1dd64e769cdf09bd86ce6318604b278af8a41 7d2cad32154d5fafced5b5b9dd83420ae4d6dd04006f0b08957139aeaee0b8b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D2CAD32154D5FAFCED5B5B9DD83420AE4D6DD04006F0B08957139AEAEE0B8B2"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3946
Expires: Sat, 28 Jan 2023 21:54:53 GMT
Date: Sat, 28 Jan 2023 20:49:07 GMT
Connection: keep-alive
|
|
| thebussybandit.com/player/skin/img/play_white.png | 104.21.12.33 | 200 OK | 3.4 kB |
URL HTTP/2thebussybandit.com/player/skin/img/play_white.png IP104.21.12.33:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashebb7d5e6cbace35b6f6fc4c7aa65d2b0 66e5f05bae107b1164bee4f89ca7128aff9eb1ef 9f9c691dfefa260ca56bd319ca3a50736023a2f6584a7697bd6b7f742678d2b6
GET /player/skin/img/play_white.png HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/player/skin/youtube.css
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951; kt_tcookie=1; kt_is_visited=1; a=SEsb1ZJNhpOyzLADES52IJz8h9qPcqIk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/webp
content-length: 3414
cache-control: max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3679
content-disposition: inline; filename="play_white.webp"
etag: "5ee0b356-e5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 10 Jun 2020 10:17:58 GMT
vary: Accept
cf-cache-status: HIT
age: 749931
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6NPKHJ4cA4GCGEg1VmvRgnsQfQptFgeApVKl2Z4uciv%2FGAChtXTbuLpVIbQ8PsEMprNFZeKgdm%2BidvKdn8z%2Btbsd0RkyrGqeaRbDjDqILk4Kf2MnyyRFIB8mxoOIDbOz29IOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97c468cab511-OSL
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmrw72bNeFVb2A3pe4MH1MAq7kI93emTB1KGKpFIUAfEAOJA/oZ4kTlAzsAQUoYIq+fp2TsEcf7btPrbr/PFdpq/PFDLQSFIhl3Qhwkiuam6RiJ5SvWq1rC6hppQCyQk7SFmkqwJoID0JqJpxVsrL+3O+XM6JBVz0QZQMcCOFxKNQD5Ndw60HttFbLGI0BjKB8co2CjJbnaOt3I25SdlGD5Z69Ic/FCb2/U6PxY4BD9oH8lBtu1+nzH+WDj2eLMV7q6ytTTNKMM+Toy6NlirUqLWQea7rL0l4B0dpAQAA | 95.211.229.248 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmrw72bNeFVb2A3pe4MH1MAq7kI93emTB1KGKpFIUAfEAOJA/oZ4kTlAzsAQUoYIq+fp2TsEcf7btPrbr/PFdpq/PFDLQSFIhl3Qhwkiuam6RiJ5SvWq1rC6hppQCyQk7SFmkqwJoID0JqJpxVsrL+3O+XM6JBVz0QZQMcCOFxKNQD5Ndw60HttFbLGI0BjKB8co2CjJbnaOt3I25SdlGD5Z69Ic/FCb2/U6PxY4BD9oH8lBtu1+nzH+WDj2eLMV7q6ytTTNKMM+Toy6NlirUqLWQea7rL0l4B0dpAQAA IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmrw72bNeFVb2A3pe4MH1MAq7kI93emTB1KGKpFIUAfEAOJA/oZ4kTlAzsAQUoYIq+fp2TsEcf7btPrbr/PFdpq/PFDLQSFIhl3Qhwkiuam6RiJ5SvWq1rC6hppQCyQk7SFmkqwJoID0JqJpxVsrL+3O+XM6JBVz0QZQMcCOFxKNQD5Ndw60HttFbLGI0BjKB8co2CjJbnaOt3I25SdlGD5Z69Ic/FCb2/U6PxY4BD9oH8lBtu1+nzH+WDj2eLMV7q6ytTTNKMM+Toy6NlirUqLWQea7rL0l4B0dpAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s4.sb89347.com
Connection: keep-alive
Referer: https://s4.sb89347.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d58a42acfe78.85807373725871727%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://s4.sb89347.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.029701%22%7D; expires=Mon, 27 Jan 2025 20:49:07 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-3Z955CVMD5>m=2oe1p0&_p=1557300858&cid=1063989089.1674938951&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674938950&sct=1&seg=0&dl=https%3A%2F%2Fthebussybandit.com%2Fvideos%2F250982%2Fgay-porn-video-gaymerjax-jaximus-201-seebussy-com%2F&dt=Gay%20porn%20video%20-%20gaymerjax%20(Jaximus)%20(201)%20-%20SeeBussy.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-3Z955CVMD5>m=2oe1p0&_p=1557300858&cid=1063989089.1674938951&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674938950&sct=1&seg=0&dl=https%3A%2F%2Fthebussybandit.com%2Fvideos%2F250982%2Fgay-porn-video-gaymerjax-jaximus-201-seebussy-com%2F&dt=Gay%20porn%20video%20-%20gaymerjax%20(Jaximus)%20(201)%20-%20SeeBussy.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-3Z955CVMD5>m=2oe1p0&_p=1557300858&cid=1063989089.1674938951&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674938950&sct=1&seg=0&dl=https%3A%2F%2Fthebussybandit.com%2Fvideos%2F250982%2Fgay-porn-video-gaymerjax-jaximus-201-seebussy-com%2F&dt=Gay%20porn%20video%20-%20gaymerjax%20(Jaximus)%20(201)%20-%20SeeBussy.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://thebussybandit.com
date: Sat, 28 Jan 2023 20:49:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| syndication.realsrv.com/v1/api.php | 95.211.229.248 | 200 OK | 1.4 kB |
URL HTTP/1.1syndication.realsrv.com/v1/api.php IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeJSON data\012- , ASCII text, with very long lines (1903), with no line terminators Hash8013593fdb29c8dbc404405d4945457b 1f888a74faa56345a5655a978839700ca8b49208 c4ef4ce7596adcc974ab0f2d18b6edd8f8cad66b1868ae1bbd72d5357f242f41
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 341
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d58a42acfe78.85807373725871727%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://thebussybandit.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| thebussybandit.com/player/stats.php?embed=0&device_type=1&event=PlayerLoad, | 104.21.12.33 | 200 OK | 43 B |
URL HTTP/2thebussybandit.com/player/stats.php?embed=0&device_type=1&event=PlayerLoad, IP104.21.12.33:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /player/stats.php?embed=0&device_type=1&event=PlayerLoad, HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951; kt_tcookie=1; kt_is_visited=1; a=SEsb1ZJNhpOyzLADES52IJz8h9qPcqIk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/gif
content-length: 43
x-powered-by: PHP/7.3.19
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wkl2LaX4ZyM7TAf5%2BnlzaY%2BGOadTrb9iU0Dj3J8Tosb0rJ5bttm1EuuX76i9mwRMEIaGJ32P%2BmAt2tdLQwgu0MaqdG4%2F2dxaW%2F5iCs3c23AK4zqMXi%2BVUGcb2VUxOo6Xn1EPNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97c478e4b511-OSL
X-Firefox-Spdy: h2
|
|
| s3t3d2y8.afcdn.net/library/754674/570ca8097d9a9db31ab70383eda1e403e03abe19.webp | 185.76.9.15 | 200 OK | 4.8 kB |
URL HTTP/2s3t3d2y8.afcdn.net/library/754674/570ca8097d9a9db31ab70383eda1e403e03abe19.webp IP185.76.9.15:0 ASN#60068 Datacamp Limited
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash7f54534886fbc952ca10c6da1997f289 570ca8097d9a9db31ab70383eda1e403e03abe19 4663c2398b5f6f99bde3c951fbb86d69d8c9fe0a791e7f8e4e2bb1584b155623
GET /library/754674/570ca8097d9a9db31ab70383eda1e403e03abe19.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/webp
content-length: 4778
last-modified: Thu, 04 Nov 2021 11:55:22 GMT
etag: "6183ca2a-12aa"
expires: Tue, 24 Oct 2023 13:43:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1701702835
server: CDN77-Turbo
x-77-nzt: AblMCQ3ngR7/ENFIAA
x-77-nzt-ray: c0a4cc28bd4ebe6d438ad563a8a6bf19
x-cache: HIT
x-age: 4772112
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PXU4EMQjHr+IFZgIUCt1nnzXReIDOdEZ9cMfsR7KbcHiZGhP7C4EC/0IJKA2AA9kDyoHLAdQLjgVGphGF/en5xRn9vl1P39vp+L61cd6+XIWzspMwGbuhJC3OktCAHNFcIm+Fo5GULJszeHIISBJzj5T87fWxGwYcykK3sLjsc52gF+AGnlMTq0x1Xhe10cRAU0BiikqxtTZVQkqcccKVy0pLsyqlYWlLbBTv+OVjma7n832qx/Z56T+BX0aAss+iv0QwYHdxwHtUz/fj7P6vZUe6KMTMu/O11YS5roWZsqY117LAUrPYlCFr/QEagzPGdAEAAA== | 95.211.229.248 | 200 OK | 20 B |
URL HTTP/1.1syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PXU4EMQjHr+IFZgIUCt1nnzXReIDOdEZ9cMfsR7KbcHiZGhP7C4EC/0IJKA2AA9kDyoHLAdQLjgVGphGF/en5xRn9vl1P39vp+L61cd6+XIWzspMwGbuhJC3OktCAHNFcIm+Fo5GULJszeHIISBJzj5T87fWxGwYcykK3sLjsc52gF+AGnlMTq0x1Xhe10cRAU0BiikqxtTZVQkqcccKVy0pLsyqlYWlLbBTv+OVjma7n832qx/Z56T+BX0aAss+iv0QwYHdxwHtUz/fj7P6vZUe6KMTMu/O11YS5roWZsqY117LAUrPYlCFr/QEagzPGdAEAAA== IP95.211.229.248:0 ASN#60781 LeaseWeb Netherlands B.V.
Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PXU4EMQjHr+IFZgIUCt1nnzXReIDOdEZ9cMfsR7KbcHiZGhP7C4EC/0IJKA2AA9kDyoHLAdQLjgVGphGF/en5xRn9vl1P39vp+L61cd6+XIWzspMwGbuhJC3OktCAHNFcIm+Fo5GULJszeHIISBJzj5T87fWxGwYcykK3sLjsc52gF+AGnlMTq0x1Xhe10cRAU0BiikqxtTZVQkqcccKVy0pLsyqlYWlLbBTv+OVjma7n832qx/Z56T+BX0aAss+iv0QwYHdxwHtUz/fj7P6vZUe6KMTMu/O11YS5roWZsqY117LAUrPYlCFr/QEagzPGdAEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d58a42acfe78.85807373725871727%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://thebussybandit.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%2263d58a42acfe78.85807373725871727%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22118.03940399%22%7D; expires=Mon, 27 Jan 2025 20:49:07 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| 5wlluci36ehg.n4.adsco.re/ | 38.132.109.186 | 200 OK | 0 B |
URL HTTP/1.15wlluci36ehg.n4.adsco.re/ IP38.132.109.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5wlluci36ehg.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 412 B |
IP162.252.214.5:0
File typeASCII text, with very long lines (487), with no line terminators Hash9a78fdddb6c7d97751ea3d789180cf7b 1a42c19a5e4b99b5e8a38ee580dcacb70be0d6d8 e00a3ac629b7175246a6973a07a8a45c68a009c09de107bf03ea657ef09337bc
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2019
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://thebussybandit.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf32a7006b8b40885116dbfb75f96ccb8 cb015cec60fb4bc33aa7a3750fbb1ddf41ae3bc7 9c3d0bf41e413722c40827d8f7762e70ff324bee00e3f2e6049666b13cfab328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C3D0BF41E413722C40827D8F7762E70FF324BEE00E3F2E6049666B13CFAB328"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10809
Expires: Sat, 28 Jan 2023 23:49:16 GMT
Date: Sat, 28 Jan 2023 20:49:07 GMT
Connection: keep-alive
|
|
| thebussybandit.com/contents/videos_screenshots/250000/250982/preview.mp4.jpg | 104.21.12.33 | 200 OK | 111 kB |
URL HTTP/2thebussybandit.com/contents/videos_screenshots/250000/250982/preview.mp4.jpg IP104.21.12.33:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 1080x1920, components 3\012- data Size111 kB (111124 bytes) Hashd75fcf7f6afb03bb15b1c97508a69f1e 1d2c3ac8b9944249f7d98dc9c53a4889cc8f7089 74296784346e99696cb18adeb26d83279d66ae39122c57032dda6ee442d99d4c
GET /contents/videos_screenshots/250000/250982/preview.mp4.jpg HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951; kt_tcookie=1; kt_is_visited=1; a=SEsb1ZJNhpOyzLADES52IJz8h9qPcqIk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/jpeg
content-length: 111124
last-modified: Wed, 27 Jul 2022 11:54:04 GMT
etag: "62e1275c-1b214"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhzoTdaItaSiXCVxHTXhoznqxC87eRQqZc17tK4DYOwcY6ciq9GOBbU4%2FXS4CHQlGNDVAHQ2JL5DTB5lLEAHUnmnniew2Fjq5M5k1kRQq%2Ber110Sc0N84udhTnrUGhVSnhI7iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97c468c9b511-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash18f687f84d0a801ba5bcbd4c72bea410 2decf195d4e2a89bf1c09a3ad769209a1bf6d136 2486be9abd22185a12c8dc3aa6d2fb98a9ac1e92a672fd628fc73e82de87f30b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 03:58:25 GMT
Expires: Fri, 03 Feb 2023 03:58:24 GMT
Etag: "2decf195d4e2a89bf1c09a3ad769209a1bf6d136"
Cache-Control: max-age=457155,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790c97c82d68b51b-OSL
|
|
| 5wlluci36ehg.s4.adsco.re/ |  185.200.116.90 | 200 OK | 0 B |
URL HTTP/1.15wlluci36ehg.s4.adsco.re/ IP185.200.116.90:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5wlluci36ehg.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://thebussybandit.com
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:08 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
|
|
| displayvertising.com/Q.htm?_=BQFiAAAAAAAACZUAAvB3h8Iz0zJl86gs84cTzuf9XoD_yPeNihXFaqqQ6MBnobjcDTx8tP3Va5vhL8_h0HAK-Ix8cnMOVjzESHEFTPXTuRwBb523gIGwode7rFIh27Pxn63rPFjchPEELHEDr40mSrJYwN9lJBt1h4ytRoK7zXJpoH_n1nbUWa1EOnOCjjOalenkBmFGHPplb2L05R_bxwrKX5Vw8uUSUcJgTijbDbN9m-P6htG6f7MEfRaX8zQ58GlwVoxZuk6dpXpZ82oP4jb0xiYTR91Nwln7mwgCQEgGX0j5AWZLo-nKokCeFm-ua7mLwfhqPa_KcMrVHGi1VINh_4IXTs1VsIjSABlu0SpR70KuWI4idV1y41fKLah5EddVZM_UCpWHe1K8t1sxC7N9V6-OdyLYTkeiCNlupXEbr32Qn5RBN1uItRlkbzVhFt_fJdREtLnFucsB18zWm-SzFuWQ0qqXS0wBsmg&v=4&CnWpwYQL=4125317&minBid=0.001&bvVgDFWl=0:1,0&nLxuGoJY=&hzQKkryp=&s=1280,1024,1,1280,1024,0 | 216.59.56.9 | 200 OK | 44 B |
URL HTTP/2displayvertising.com/Q.htm?_=BQFiAAAAAAAACZUAAvB3h8Iz0zJl86gs84cTzuf9XoD_yPeNihXFaqqQ6MBnobjcDTx8tP3Va5vhL8_h0HAK-Ix8cnMOVjzESHEFTPXTuRwBb523gIGwode7rFIh27Pxn63rPFjchPEELHEDr40mSrJYwN9lJBt1h4ytRoK7zXJpoH_n1nbUWa1EOnOCjjOalenkBmFGHPplb2L05R_bxwrKX5Vw8uUSUcJgTijbDbN9m-P6htG6f7MEfRaX8zQ58GlwVoxZuk6dpXpZ82oP4jb0xiYTR91Nwln7mwgCQEgGX0j5AWZLo-nKokCeFm-ua7mLwfhqPa_KcMrVHGi1VINh_4IXTs1VsIjSABlu0SpR70KuWI4idV1y41fKLah5EddVZM_UCpWHe1K8t1sxC7N9V6-OdyLYTkeiCNlupXEbr32Qn5RBN1uItRlkbzVhFt_fJdREtLnFucsB18zWm-SzFuWQ0qqXS0wBsmg&v=4&CnWpwYQL=4125317&minBid=0.001&bvVgDFWl=0:1,0&nLxuGoJY=&hzQKkryp=&s=1280,1024,1,1280,1024,0 IP216.59.56.9:0
File typeASCII text, with no line terminators Hashd5f0a25e4d3522d56d48ce7bc3e518fb 86794caff58f7fee6e684c2ba7195f970a8d6f4c 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /Q.htm?_=BQFiAAAAAAAACZUAAvB3h8Iz0zJl86gs84cTzuf9XoD_yPeNihXFaqqQ6MBnobjcDTx8tP3Va5vhL8_h0HAK-Ix8cnMOVjzESHEFTPXTuRwBb523gIGwode7rFIh27Pxn63rPFjchPEELHEDr40mSrJYwN9lJBt1h4ytRoK7zXJpoH_n1nbUWa1EOnOCjjOalenkBmFGHPplb2L05R_bxwrKX5Vw8uUSUcJgTijbDbN9m-P6htG6f7MEfRaX8zQ58GlwVoxZuk6dpXpZ82oP4jb0xiYTR91Nwln7mwgCQEgGX0j5AWZLo-nKokCeFm-ua7mLwfhqPa_KcMrVHGi1VINh_4IXTs1VsIjSABlu0SpR70KuWI4idV1y41fKLah5EddVZM_UCpWHe1K8t1sxC7N9V6-OdyLYTkeiCNlupXEbr32Qn5RBN1uItRlkbzVhFt_fJdREtLnFucsB18zWm-SzFuWQ0qqXS0wBsmg&v=4&CnWpwYQL=4125317&minBid=0.001&bvVgDFWl=0:1,0&nLxuGoJY=&hzQKkryp=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 28 Jan 2023 20:49:08 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Sat, 28 Jan 2023 23:53:17 GMT
Date: Sat, 28 Jan 2023 20:49:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Sat, 28 Jan 2023 23:53:17 GMT
Date: Sat, 28 Jan 2023 20:49:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Sat, 28 Jan 2023 23:53:17 GMT
Date: Sat, 28 Jan 2023 20:49:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Sat, 28 Jan 2023 23:53:17 GMT
Date: Sat, 28 Jan 2023 20:49:08 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashf2a0c2c0f25bdd19baf87cbb3a87dcdb bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11049
Expires: Sat, 28 Jan 2023 23:53:17 GMT
Date: Sat, 28 Jan 2023 20:49:08 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash57b73886cbbb719eda5f733c018eedfb b84ed40973f8a0d3c10529e34f9466746cfdaf0c 4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 35sWCIsACAhQvXkJvBn0LGf2m9OTklgDprONw5CDUoXD97TUpJ9j5Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 82413
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg | 34.120.237.76 | 200 OK | 4.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 82342
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/player/skin/youtube.css | 104.21.12.33 | 200 OK | 16 kB |
URL HTTP/2thebussybandit.com/player/skin/youtube.css IP104.21.12.33:0
File typeASCII text, with very long lines (24223), with no line terminators Hash801c6306cb278e5f915d450908c15b63 eafe9aa065e469ca6aac04c8d4f1d7593674e28e b9720725bab159d0f5f46480054de6834933e3fa572b575dc994c24eea1dbcfe
GET /player/skin/youtube.css HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=27766
etag: W/"5efc2930-6c76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Jul 2020 06:12:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20378565
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ftpJcpZ1tl906mK6FcPtodbf%2Bg8yF%2FbA04cZ6azt14RIojIe1CgM8oia9TSY3WsxR2uPXsIZv7icB4QGmoyajXJrpjaL10QWoxKHAU8WFFLPL4r1Kw0ZJ%2B%2FGxYwlD5NVW%2BJFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97c18c20b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf185f0b4f90d06dbb397b44ed9c73dbe a48e2c369a048447e0e25e4791eb603859391c1c b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: 1e581631-b99e-4d2d-9ae4-dfb9e740b6d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_ekGLJIAMF54A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f6-25b17a8d181dfcb251bd4ea6;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QWZHzwxoalbYlpl8-hYeqO_waF45AvOUNMkSniT8CbDVBj3V7f38cg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:01:46 GMT
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
age: 17242
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashea24bcba583bd8bd139559448a343e68 b9d37c2b14f890d41983a59f352e8f7caa9c94bb e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 81188
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc982569d070f24dba1259603091c22e3 0f93acb5bee53670cc4ef486922f7333d96a2f4e 9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XRAeWdoEkbnzXKOs_EdgQ1r9BGOeDNh4FRXm-fv0KiCz4juqk8UKIw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:35 GMT
age: 82173
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash195316042e7f798eeeb7993fecb3a383 4aeca24ad4702f87feaf9674ea0c1ff6d71826a3 b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 82413
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/favicon.ico | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/favicon.ico IP104.21.12.33:0
GET /favicon.ico HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: image/x-icon
last-modified: Sat, 04 Jul 2020 17:56:54 GMT
etag: W/"5f00c2e6-3c2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20378508
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8yNkFQbXF5L9QgSGzgN%2BSif7%2B%2FUt7osKkOgG575PfWCn0KJUzhHZgl2ONHXEB0EmqTwV84JL%2FYHF5trSR5Pm3F%2Bet7VhvB27qPWynNADuS2C2OeLSglixPC58Uq0YVyiM%2BRGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97bf894ab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/cdn-cgi/apps/head/3Z9_bHuZfArCl42eY0OY6dKgrjk.js | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/cdn-cgi/apps/head/3Z9_bHuZfArCl42eY0OY6dKgrjk.js IP104.21.12.33:0
GET /cdn-cgi/apps/head/3Z9_bHuZfArCl42eY0OY6dKgrjk.js HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: feW9rEXByrYLJ/FXXbyJAU4aqRyQJoknPPO/J95Sh6NetPVcIdOKE6M18XfPybhaKMF9Z5PYlW4=
x-amz-request-id: GWR4YBN97QCW4798
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 19:25:41 GMT
x-amz-version-id: JVXgxY93rDARMhM5L9Qu815xYFMTvf1V
etag: W/"a56e723bb1bd6403dab2a31457f62b47"
cf-cache-status: HIT
age: 1473503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjZxHL%2BmzQrNLLeFl%2FvjoHqJD2BI%2FfW%2BqlIYojPbkXACP409Y3EQRwa%2BQ6xfHHhf6nP8Ez4ZahXFvwejhSzRYGfkNHiGkDawUSUTvY7rthqNrgRGll%2Bq%2FHiOtqs8OIo1Jgmt9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97bd1c5ab511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/static/styles/all-responsive-metal.css?v=7.5 | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/static/styles/all-responsive-metal.css?v=7.5 IP104.21.12.33:0
GET /static/styles/all-responsive-metal.css?v=7.5 HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/css
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=162405
etag: W/"5ee0b350-27a65"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 10 Jun 2020 10:17:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20378510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKW22AsQjHJbtjWW8SwK0TBGlYwqbj7qjmcNGxeVFtDqz2W2eI2KOuEeXazfSELMs4DAIgMv23zeb%2BoxuTNIgZHY5WO3xHFapPIObxeNfGGNHnPF3D8FTccqNjF9BduxS6r8Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd1c64b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/settings/374186 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/settings/374186 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/settings/374186 HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thebussybandit.com/
Origin: https://thebussybandit.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.zenno.services/release/ZennoPosterDemo-EN-v7.7.3.0.exe | 172.67.71.59 | 200 OK | 0 B |
URL HTTP/1.1static.zenno.services/release/ZennoPosterDemo-EN-v7.7.3.0.exe IP172.67.71.59:0
| NIDS | Severity | Alert |
|---|
| suricata | high | ET POLICY PE EXE or DLL Windows file download HTTP |
GET /release/ZennoPosterDemo-EN-v7.7.3.0.exe HTTP/1.1
Host: static.zenno.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:49:07 GMT
Content-Type: application/octet-stream
Content-Length: 872863608
Connection: keep-alive
Last-Modified: Thu, 15 Dec 2022 13:30:03 GMT
ETag: "639b215b-3406d778"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RK8fpAvczOWHD%2FEuaVeMWT2D3QCgoeAQ4xBxhkNkjwWeVhMBAIzb64rLD%2BVaJKQZqBvSltKQ23UUywMHw53JRYcdaC1PflhCBUb1ETCtnBTowbDARM7f%2FD44Paar9dqKdLjkBrRo2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790c97c2bd33b512-OSL
alt-svc: h2=":443"; ma=60
|
|
| s3t3d2y8.afcdn.net/images/close-icon.svg | 185.76.9.15 | 200 OK | 0 B |
URL HTTP/2s3t3d2y8.afcdn.net/images/close-icon.svg IP185.76.9.15:0 ASN#60068 Datacamp Limited
GET /images/close-icon.svg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: image/svg+xml
last-modified: Wed, 29 Jun 2022 13:13:10 GMT
etag: W/"62bc4fe6-109"
expires: Fri, 30 Jun 2023 18:46:40 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195206
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ0w8xP/Pe0WAQ
x-77-nzt-ray: c0a4cc28bd4ebe6d438ad5638383ce19
x-cache: HIT
x-age: 18279741
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.21.12.33:0
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjSIVCO%2FcN02CXlDlor%2BA7vQnBER27YiHhKFOQZlPXzWL9BKNQgDz2NaK8A%2FzPnsr4wSMOtRLIaO7sikFw6hrZrs3KhpYvTXVT3mP9MEe6iy7lEJDsD1PVq9z7QRnw%2FGaNfQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97bd1c78b511-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 30 Jan 2023 20:49:06 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw= | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw= IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/spots/399547?p=1&s1=%subid1%&kw= HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=cMyMhmwcXJSnx9cYqBDE; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| c.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 28 Feb 2023 20:49:06 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2328907
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97c0d948b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/spots/393702?kw=SeeBussy%2CALL%20GAY%20PORN%2CGay%20Porn%2C-%2CGay%2Cporn%2Cvideo&s1=%25subid1%25 | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/spots/393702?kw=SeeBussy%2CALL%20GAY%20PORN%2CGay%20Porn%2C-%2CGay%2Cporn%2Cvideo&s1=%25subid1%25 IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/spots/393702?kw=SeeBussy%2CALL%20GAY%20PORN%2CGay%20Porn%2C-%2CGay%2Cporn%2Cvideo&s1=%25subid1%25 HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Cookie: nauid=cMyMhmwcXJSnx9cYqBDE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/player/kt_player.js?v=5.2.0 | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/player/kt_player.js?v=5.2.0 IP104.21.12.33:0
GET /player/kt_player.js?v=5.2.0 HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=162806
etag: W/"5efc292c-27bf6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 01 Jul 2020 06:11:56 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 54585186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kW3vzORQO6nbU%2FExs02RERBz71PZNjDiXWaOrs8eFla7I6mFOCQVSKzWIX19E2RJKsP2YTpe%2F%2BnQXVIMwhlbp5%2B6qXz1JBnHtyg2nZ5bzKNqWvIlO804fYoyVmAddgqQQOSMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97bd9d6cb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| a.realsrv.com/ad-provider.js | 185.76.9.19 | 200 OK | 0 B |
URL HTTP/2a.realsrv.com/ad-provider.js IP185.76.9.19:0 ASN#60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s4.sb89347.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript
etag: W/"c86623937323852b5fe82a29fcb"
expires: Tue, 24 Jan 2023 13:18:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1674944420
server: CDN77-Turbo
x-77-nzt: AblMCQ1Yh2f/zhQAAA
x-77-nzt-ray: c0a4cc28583f5e66428ad56315c6b41a
x-cache: HIT
x-age: 5326
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/player/skin/fonts/ktplayeryt.ttf?wqseia | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/player/skin/fonts/ktplayeryt.ttf?wqseia IP104.21.12.33:0
GET /player/skin/fonts/ktplayeryt.ttf?wqseia HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/player/skin/youtube.css
Cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; kt_ips=91.90.42.154; _ga_3Z955CVMD5=GS1.1.1674938950.1.0.1674938950.0.0.0; _ga=GA1.1.1063989089.1674938951; kt_tcookie=1; kt_is_visited=1; a=SEsb1ZJNhpOyzLADES52IJz8h9qPcqIk
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:07 GMT
content-type: application/font-sfnt
last-modified: Wed, 10 Jun 2020 10:17:58 GMT
etag: W/"8d8-5a7b828730180"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 6595
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJsJVyl5f550Riv7Q5r%2BOxbWovvcLXRYmhm4qAsGTohY9R7F34ugEwXlx2JtCuLsixb6Rcy%2FDgyt3XYmIU584r%2BBO2cBixeHwhULsFfpGATvVc6aeErG7EAm2UD4l9i2NxwDUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c97c468c8b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/VajGpA3.js | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/VajGpA3.js IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /VajGpA3.js HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 09:50:49 GMT
etag: W/"63984af9-29f99"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
vary: Accept-Encoding, Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 660625642e0df86c41275db1ce1ac922.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fIpQXV0mrj37uvYG8p2zW0lHqjgSgRXReWpsGeb_zQfCjvSQmMY23w==
age: 3072472
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw= | 135.181.208.216 | 200 OK | 0 B |
URL HTTP/2s4.sb89347.com/api/spots/399547?p=1&s1=%subid1%&kw= IP135.181.208.216:0 ASN#24940 Hetzner Online GmbH
GET /api/spots/399547?p=1&s1=%subid1%&kw= HTTP/1.1
Host: s4.sb89347.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thebussybandit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:49:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: nauid=fIKMIpHvnzsFDqCdIB0S; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ | 104.21.12.33 | 200 OK | 0 B |
URL HTTP/2thebussybandit.com/videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ IP104.21.12.33:0
GET /videos/250982/gay-porn-video-gaymerjax-jaximus-201-seebussy-com/ HTTP/1.1
Host: thebussybandit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:49:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.19
set-cookie: PHPSESSID=34fg41v3m6qf5fkiob07p7oc8u; path=/; domain=.thebussybandit.com
kt_qparams=id%3D250982%26dir%3Dgay-porn-video-gaymerjax-jaximus-201-seebussy-com; expires=Sun, 29-Jan-2023 20:49:05 GMT; Max-Age=86400; path=/; domain=.thebussybandit.com
kt_ips=91.90.42.154; expires=Sun, 29-Jan-2023 20:49:05 GMT; Max-Age=86400; path=/; domain=.thebussybandit.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlkKzdJLCpI5yEzbAnLJqYGGTQ%2BfGyqlYwzwULR4XRwN5uFVf9%2B7SfsdQWJcvwY25SNENmWaVbsXj5scAMWv6ANTAOM1h9cwrQENAXePlXpDfs3VxVVKgozLRSw353nM203hVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c97ba785db511-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|