xlovegayblog.blogspot.com.au/
302 Moved Temporarily 177 B URL HTTP/1.1 xlovegayblog.blogspot.com.au/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0001173accc87117e40fdb22e54af2b9
68d0101bcae44dd20de81174bdbb48129fe26bd7
08aaecf030116f20a17b07a2205d3b69978824e4ea0b9d4112e993fbddd69668
GET / HTTP/1.1
Host: xlovegayblog.blogspot.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://xlovegayblog.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 18:43:36 GMT
Expires: Wed, 05 Oct 2022 18:43:36 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 177
Server: GSE
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fbk8hSrKMJHVdJ0LTKan7k7iIrI1QPx156tXx2zYQbDOhKnLQs338A==
Age: 10578
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6113
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 18:43:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T4wC2k6WPQYjLuPKHgjU5CQYq8AfdujlC2zt1c0EONIr94nls6JoPg==
age: 52864
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 18:46:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OVAJmyGcpCUmR3F_duEWysJPpZ_DKgWZMHO2eoK_22YFDelNtdBYUA==
Age: 844
ocsp.digicert.com/
200 OK 471 B IP
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1485
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Last-Modified: Wed, 05 Oct 2022 18:18:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
xlovegayblog.blogspot.com/
301 Moved Permanently 177 B URL HTTP/1.1 xlovegayblog.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f10a77337d7449e27c67f4089df6f7e
1a15798b3a5b9e524ac367e3b11742df2af8b1a8
96e0e71365e1fa2ee587e027a341020958cabe27020ba646364367b73f047559
GET / HTTP/1.1
Host: xlovegayblog.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://xlovegayblog.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 05 Oct 2022 18:43:37 GMT
Expires: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 177
Server: GSE
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dupqltER4yZZwJhPr//zwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fwhZ687bI0+G8XQqDFbAwogJXdM=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 36b1ec1ebfdbe3367fc1fde546d47281
a12333d6fdf5f29a25fcac13b21e4a4f45ca5ba6
c95cde94d5b12b299aecb89ed8b9a8ad30e46e4704a30ab8329742a396e00090
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
xlovegayblog.blogspot.com/
200 OK 34 kB URL HTTP/2 xlovegayblog.blogspot.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1490)
Hash cf8528bb04dc1605e481640984875f51
e5dfaa129f9976d6ef1cad3bd93c5061b62056d0
2a4a8ec124f65fa0032d3bf60e147e6dfdc0bb2faf4c4f9085b250f2673f7254
GET / HTTP/1.1
Host: xlovegayblog.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-robots-tag: all,noodp
content-type: text/html; charset=UTF-8
expires: Wed, 05 Oct 2022 18:43:37 GMT
date: Wed, 05 Oct 2022 18:43:37 GMT
cache-control: private, max-age=0
last-modified: Wed, 05 Oct 2022 02:17:23 GMT
etag: W/"858b7a5399efe6d844a9a29c93ed4a72117a72903018f87a8ff1fc9568206148"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 33854
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 047374e90c9a1e02eb7294c0a9a316a2
3d043355314c0c408f547f1faafd3acd6d481f63
e01b0fb379931c35fd707f8cc75e2d6079f77fd5174c30b75934e130d68ed2a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
roomimg.stream.highwebmedia.com/ri/moeblick.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/moeblick.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/moeblick.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47wdlUbA%2Bgq425jcwg9DagOPDbrt6ACPcxVkqSPdSttKauL2WSYxlTWwr7gMiHSxxu%2FKoBtrwBtgmkeRq7FbFlxabFtWydwJv3bq3tRGAcACfhuzbSCitKw%2F2mO81tysTG3pdSu%2BU2pi9NSvpmFxt7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ZPjOExMRGXXOss243O3zp2oJBVCnM17LHZ9AhOj.gGM-1664995417767-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cabf0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/w0lfland.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/w0lfland.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/w0lfland.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ossm%2FwoOb8kp1NoWb6rUXm1OBOvQkTT0NU9hrqCyrd5LibUf8a2CzIyqhiE7cIsEyBUgbgFnit7VNMXMBvVNVbp7UN6ShX5M1M6iYbR8BMXyb4Jld7QAD9xoaJWTKeqQNdBnJ%2F76Kh0ceBgikiZRk6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=VbX1UE3uuNUqDuN2jgALB_uIxQrthjEJT9GZqbxoHEU-1664995417772-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0dae00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 16:35:40 GMT
expires: Thu, 05 Oct 2023 16:35:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 04 Oct 2022 18:55:46 GMT
content-type: text/css
age: 7677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/peterjack7.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/peterjack7.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/peterjack7.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciCvgdmRK27aZTxUR%2FeyNV2dHec2ojQDnFEV6nwIlxOhIzjdfLfHFNVT7WfZOck032z1nmiYuyUk4YfhJrdp3MvMrxTFOWrluAgnt%2BMjYgFsSzj0XHbegXyCFTxDeEC0LzN3nrxd5G0pijZMGduBV70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=9OWgDDJInpRodMED.hPrODVo6fk9_WnqGdrHKozBiOs-1664995417773-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0dadb0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/yourgasme.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/yourgasme.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/yourgasme.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG8Z3QR9ULZP%2BYxovjwdbrfiW31oeBvRKOm%2BIDn8%2BORM8bsczcm%2BTBDCU03wesGnFKL%2BpB5UtkoNKpcoUv8Vz%2BIUcx9Rd0df%2F1SiSFRl9PuE%2BFc0Ucb6WWlfPmAFzwbVjZBcledtoEY6MiuoiNNPVGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=PEJG8ExqyEM94mwRf3pNiu.gUfyOgUP7kcSF.g0oFYw-1664995417774-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0babb0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 19:52:13 GMT
expires: Sat, 08 Oct 2022 19:52:13 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/gif
age: 341484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/luv2luv0k.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/luv2luv0k.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/luv2luv0k.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCMm0KL7fOz4ppe76R%2FSFDt6%2FYRS6JP6vYNItrHYFfd%2BsGIs6Dx1bqBPh7sN3WlfuH%2Bam6bQnH0ucSUCqVzOIxZvYGnJt9S9gSCc9wuiSKHHmJrRRrTRVCbIgrHC1YcMFyyKCZlJd6dqNQhyIz%2BGQBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=gXTOn1ltTEqEANcW73hpbUAWrKvpAG_RKs_nPsQSRWU-1664995417775-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cac00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-yahoo.png
200 OK 580 B URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-yahoo.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash 79f602b6ac18bee79b4e2353a6674010
28accf82263aa1a11bb821439d4d185865662530
bbf9b924cc32bff4738bb54d86905476349f90c8b20f748633e56f64379d553e
GET /img/widgets/subscribe-yahoo.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 02:21:47 GMT
expires: Wed, 12 Oct 2022 02:21:47 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 12:57:07 GMT
content-type: image/png
age: 58910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/skeet_shooter_.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/skeet_shooter_.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/skeet_shooter_.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHHouBvT9dMvs4F5ZHAFAvtVmjl6oAgr3TA0SKq3viH%2Bzqf%2FS616gJipx%2B%2BUO1cVXCyrhdnumlOPPSrmi3WXvfuyj4j82pwvE5KifEIDDs6BNdwtT6fI%2BUdLrE9SnqnMGEC0fKJyvTS19vFysAgiSw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=gXTOn1ltTEqEANcW73hpbUAWrKvpAG_RKs_nPsQSRWU-1664995417775-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0dadd0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/arrow_dropdown.gif
200 OK 141 B URL HTTP/2 resources.blogblog.com/img/widgets/arrow_dropdown.gif
IP
File type GIF image data, version 89a, 13 x 10\012- data
Hash 2964a07d60a4e76b299130fb1b4115f6
3b72dcc19f3ad685513eaba612e07e0ed495f2e1
28ab89f0285c48d2faed701905c185c302f2b389584a52ceaa76a91ea64dc3a7
GET /img/widgets/arrow_dropdown.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 10:36:43 GMT
expires: Wed, 12 Oct 2022 10:36:43 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 04:51:44 GMT
content-type: image/gif
age: 29214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/sexxy_man69.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/sexxy_man69.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/sexxy_man69.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxZGFQ5kDlLYT32axSFu3d3Hymc2XVfgEq%2FH8GmQiZB6w%2B%2BNyMBIw6s7KsGR3PLMJ%2FxA3DELcmXYiuRXAwHg5gmNQgcW8tkNG9cU57rLW2%2BTRJfalHB44ACIaA3UaWSOpKGa05n9rO7ttiG0VZ4KNE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=8yeQKbxinMFpKSxyemuHVlS_MCKDnib8lqKtGUQ_css-1664995417778-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0dada0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon_feed12.png
200 OK 500 B URL HTTP/2 resources.blogblog.com/img/icon_feed12.png
IP
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 44e7355a788fd1082deff0018883758e
50e3a28a44978e85d13c30522e0c71c8d0b24675
3cd341f37642f8a58b0fe14c2645913449c0ffe10be6ba0986275bfef29bc319
GET /img/icon_feed12.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 06:40:02 GMT
expires: Wed, 12 Oct 2022 06:40:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 22:52:56 GMT
content-type: image/png
age: 43415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/oliver_beck.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/oliver_beck.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/oliver_beck.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTTK4CggwBXNRbIX6lSu74U%2B5UXvsMTsnw4f0p4uXljkkyRWoDhzYTfev0GrIYqf1qYFyPWWcQmVRFY1160WM1cMkU4lBqQRVul3aWRqfQBiXtqpHp7CN%2BPRDLTEug8HZ9ny3tewl3eWI5VvOkKEWCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=wGW4v.znyC9bKOIv_6zNTknhJo7nAYlLFTbTtEvAwEA-1664995417779-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cad10b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/yusti_mann.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/yusti_mann.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/yusti_mann.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poHFR0Zh3twXZm%2BQgwjFRCfbm1yRC8ep6LvxgB9Ga%2FUYZcgal%2FUhYwfcCWxdcWBSeJoiYizxqrZy9khhCqvS7lGwwdkOvyPjCsmzBspc1EvS8ElZeMBvMqjTy8HIJZSeEyF4eEeV5hJ7mW0s9K100xo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=noiHf5.XFQJRxqOrSPQScS73zBNzEN7517KP.l9wXfM-1664995417787-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0fb120b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/randy_xavier.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/randy_xavier.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/randy_xavier.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AktW9FnzoRwIBCQmWr7mPkRUjJYx2PdI6K5%2FxtgdREC2Bd%2FdtUAaZXlir7VgADqOJVb43Bb8818y5fRHNrCjdu6qXE%2Fcdjt%2BNp4EOOOKof%2FZhHpsYxUsts9pzvpOIDk3p22VFoIvB5OyBrkwUbF%2BQFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=qUn0FDEP8iwOIOOZO62t6iLC0D1rG2aLOlD77hh0QMM-1664995417789-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0eb080b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/mateuszz196.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/mateuszz196.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/mateuszz196.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfP%2FgeGwy9MI750Ve3nf8oqp7LGozm62JgjBb55C8ZDYIGDReoOv57BoEthAK0xqt7Ukmvcqxwm0cA%2F3q50p%2FY%2FfYZy%2B6seJJo0IIvTg3KyH%2FoYRFb4VYg0Q0LEGPt7Bo9nMUCMQoT%2BqqMkHVsYfH7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=OTUuekiB7oDsQypMQx8oNweIhuzHLRG0GtGziQIlSVg-1664995417791-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0fb1c0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/oneleggedguy.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/oneleggedguy.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/oneleggedguy.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgaYl5ofcELvccUSALsi1qyS8tQzhRJSU%2FuU%2F2qKsMIKmOjb07IKV%2FbIDf4z5T56PQJi2BVjqvnnhVSUUZF%2FCDFr9kAG8rtvHjAUGVTnglVLUGjGqVTvknGY0QPFFrFtzHxMw2g6H%2BUPMoV6uon6HVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=wdhh9nmUehvCeQr_WV1IItxSRO3UbsXTdIa1Vpne9Ps-1664995417792-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0eaf40b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/mike_berlin1.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/mike_berlin1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/mike_berlin1.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr3PmqNSzVwRa0iU7Ihwv3BSLhf4Ujj6H0lwro6g%2FJMuj235W3P31hprHYbkZrv0kgabxN%2FaFWk8TGBTE1mgQ8%2Fg3x6U0Qj4g1pzOM0K2BUVscwiTSxELVKStuFqgo8DeiFHoijcWcNQsnAxSzx0QzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=wdhh9nmUehvCeQr_WV1IItxSRO3UbsXTdIa1Vpne9Ps-1664995417792-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cacd0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/kingmassimo.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/kingmassimo.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/kingmassimo.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RrFxTRQCZn0CMSqmD3Aim3OmHXYxiOI%2BIT1Giefu%2Fed%2BZ9UD4LJyU7HCA3KBemgMGQAQylaiOKDta2Uizv2M%2BBLle9pRRn%2Bzfey0Ru4qSzRfjQSL6Dm4zCmXIm6kEU8QsUaJhDJq7gunEuXCEC9WKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=.Pc9ySo8a4dDEeo69T3XYkpnxpl9Ri0b30Oygw9Keic-1664995417793-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cac10b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
content-type: text/javascript
age: 232097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/tornne.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/tornne.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/tornne.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjFRsJMjvgYSU%2BH3DeFfh%2B2iDdBhSwC6S9pbmEy%2BEy4JeeB%2BXQ5j9TvC5hEVXXRhCihY1eNnEK7xmbdw3bSsZdIfFykXazgAYcDId6wJq90ki9KTf4JosXna6G6hOZ03senWxzB7K87vgacdZQ9v45o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=xpA4R9KepI.lNao2_SmxtCigIJFVwwZKt2ADCKOxaZw-1664995417795-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0fb1d0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Wed, 05 Oct 2022 18:43:37 GMT
expires: Wed, 05 Oct 2022 18:43:37 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/charts/loader.js
200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 17:47:02 GMT
expires: Wed, 05 Oct 2022 18:47:02 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 3395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/starapanda.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/starapanda.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/starapanda.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVGdCUJXu74XD1yZzGks%2Ftv92oq5VMMY70euFA%2FjodCbOEE9c2WsfQU8oN1CXg95yfLYuBKabsGR2mGo0BCVS9SddXi0Agou89IXbflWbZbqCrpjK%2FAw8Ds1m%2BtNPiC1PcZenfACz4B1R4MBGW38Bck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=Wq7CrB_AuH5MS17td6QS_8WF8JcjCItwK2H0bADwd6o-1664995417805-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0dadc0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/santi_brown1.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/santi_brown1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/santi_brown1.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1ZrkUQOOBRqW0jhnJJJlN6Mj6HsUYogEi%2BsO7G37Pj5n37pEUkHE2BBUfkEo8eDuptsmom%2Fa%2FQbgRJPwl%2F%2BnQIhF0EIq%2BWVmmF0%2BiNNFjPljRI%2BdDg5%2Fi%2BcI46IQW5Y78YBqBdzaby02oaVfwJB2GE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=R33OClCvuoEfwxpt9GaNyqDiu0.OIjedM0L.VoAkRC4-1664995417815-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd11b3e0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0340/1537340/153734001644766753.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2
200 OK 858 B URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0340/1537340/153734001644766753.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2
IP
File type JPEG image data, baseline, precision 8, 300x2, components 3\012- data
Hash 5f86ad666b0049e18c499685c11bd40f
3398837932d8080fb40d92485d29d6b8deeeaf38
10d764e8c07dcabf0e6912ca91f71548b215f20acc7291d181681cbabc31e8ca
GET /imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0340/1537340/153734001644766753.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 858
access-control-allow-origin: *
awssrv: 01
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 11:26:23 GMT
etag: 5F86AD666B0049E18C499685C11BD40F
id: 9708
last-modified: Tue, 04 Oct 2022 11:26:24 GMT
requestparameters: imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0340/1537340/153734001644766753.jpg&cctrl=public,max-age=2592000&wi=300&hi=2
requestuid: 11246297-f146-4626-b670-8535474cbd0e
responsecode: 200
responseserver: INFIMGADR00
responsetime: 125
responsetimeex: 125
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HuoGxpICfViWy9ezG2pfPVIGdBCBoVmxHo8CHDmNgjUbKcEkTtW4bg==
age: 112612
X-Firefox-Spdy: h2
www.blogger.com/blogin.g?blogspotURL=https://xlovegayblog.blogspot.com/&type=blog
302 Found 280 B URL HTTP/2 www.blogger.com/blogin.g?blogspotURL=https://xlovegayblog.blogspot.com/&type=blog
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (348)
Hash e48402c542786f783180c3b8b040a796
375bc3ab8105998db72c84ab9087f5224fb79ab6
3e4d4a5324677b2b3b427dccbb2a8a31fc651256a4f711c855fa50e2a778ae97
GET /blogin.g?blogspotURL=https://xlovegayblog.blogspot.com/&type=blog HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Wed, 05 Oct 2022 18:43:37 GMT
expires: Wed, 05 Oct 2022 18:43:37 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 280
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/crank500.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/crank500.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/crank500.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udq53PTzKNTVpUcey6Xx7nLWGebM0xqjde6w9AVe%2FuN%2Bu20Z6XQcJLTRv37tN5PTAVGlvZ1UpKePluAUAfQfI1SW9AVRzQS2p4FjcD%2B4cA2TItfXjEuXYsZXp9xBA1jwpS7e02MTMOfsUumYyFYnDXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=W7U_4JNJpKTTD8ucZQpOyxUGj4We5uK_wCIGtWVnfTI-1664995417828-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd0cad00b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash d70fcc84d705c565b31a5835c0938d5b
d28e5dc9fcc6239d67986df3205468072023d2d7
1d558c94793446aa6a7832dde0c39ed7d9c77fd963ffb738c460e4f7369a7f4e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57995
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 07:25:42 GMT
expires: Mon, 02 Oct 2023 07:25:42 GMT
cache-control: public, max-age=31536000
age: 299876
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0461/1573461/8defc5b456d04b56abf665a68cff98f6.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
200 OK 11 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0461/1573461/8defc5b456d04b56abf665a68cff98f6.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x225, components 3\012- data
Hash caec3892781637a8d66681e3dd37afa5
71edda7f17d66e08ed6274c8f2e6c04e29f95817
44e7b7756a4fac7bd9348940ca00b44b214a566898cc4effa2edfb4bade5881d
GET /imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0461/1573461/8defc5b456d04b56abf665a68cff98f6.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10750
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 11:26:20 GMT
etag: CAEC3892781637A8D66681E3DD37AFA5
id: 4332
last-modified: Tue, 04 Oct 2022 11:26:20 GMT
requestparameters: imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0461/1573461/8defc5b456d04b56abf665a68cff98f6.jpg&cctrl=public,max-age=2592000&wi=300&hi=225
requestuid: ed5e4a57-637a-4edd-8c8a-471b6b5f5779
responsecode: 200
responseserver: INFIMGADR00
responsetime: 265
responsetimeex: 265
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hdTjM2RRfGYOFTOlyLTPmV78ldv6LHJ6DXP9O5-Nt2CiA_YN5cPalw==
age: 112612
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0983/1427983/142798301663045850.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
200 OK 12 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0983/1427983/142798301663045850.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x225, components 3\012- data
Hash b964235087b6c75fdb04a79e74447ebc
3d529dddd48fbd18692446c60e6fa4d42a310bc2
56790f5831442ba50217afe2b66310cd8c21c98fa6fae9ffb5b65b9e9b7878a4
GET /imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0983/1427983/142798301663045850.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12128
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 11:26:19 GMT
etag: B964235087B6C75FDB04A79E74447EBC
id: 3372
last-modified: Tue, 04 Oct 2022 11:26:20 GMT
requestparameters: imp_getimage?is=IMLFOH&qu=77&wm=0&fn=0983/1427983/142798301663045850.jpg&cctrl=public,max-age=2592000&wi=300&hi=225
requestuid: f3e9a0a7-9131-40ed-b837-80b388d4ae00
responsecode: 200
responseserver: INFIMGADR00
responsetime: 78
responsetimeex: 78
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZF2Ui6vVoZxP39FrZp3Z-0sKqw_Lxqbls2-Xj4AC91GNuUOYJwbxqw==
age: 112613
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/subscribe-netvibes.png
200 OK 1.4 kB URL HTTP/2 resources.blogblog.com/img/widgets/subscribe-netvibes.png
IP
File type PNG image data, 91 x 17, 8-bit colormap, non-interlaced\012- data
Hash c52a5f4ecb6be5d7e93b23ef4122ee4e
4e698a5f455daf3a8ea1e219b1998079f0546716
71b8ad79c680b3e5d452a792c3b418b23f739a0a34005e0f37ec674f4c78cb5d
GET /img/widgets/subscribe-netvibes.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 1445
date: Wed, 05 Oct 2022 18:43:38 GMT
expires: Wed, 12 Oct 2022 18:43:38 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 12:00:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/yaboi6911.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/yaboi6911.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/yaboi6911.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO4nISWByugn0Uys3I0rOFUJx1d5YAU1EAX8CfaMyMA4SJcC9nuoi0%2BygVuE8tV5QAnlzTBWLvRFVcaQGZmlW15XtrB9flEpO5DhVkCJAtRohF3gNj86svlzNz%2BZmenxFAXBkD5HNiqAoQT58kYyhv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=pZO6Uh.lUXa5N8twfEc8sELWKixThLOQA1OpaA_thQw-1664995417838-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd12b580b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0118/1571118/933d086f2ee94067afbc35ac3dfc920f.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2
200 OK 1.1 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0118/1571118/933d086f2ee94067afbc35ac3dfc920f.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x2, components 3\012- data
Hash de011a4742e41a84fda0c4c7208a543a
8a67073c2b9f8cc46e9f824d81fffeebe493c859
ae1f510fa3b73624a31cb9bc78d5c524804526382244714902514365031c3b0c
GET /imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0118/1571118/933d086f2ee94067afbc35ac3dfc920f.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=2 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1139
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 11:26:20 GMT
etag: DE011A4742E41A84FDA0C4C7208A543A
id: 5388
last-modified: Tue, 04 Oct 2022 11:26:20 GMT
requestparameters: imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0118/1571118/933d086f2ee94067afbc35ac3dfc920f.jpg&cctrl=public,max-age=2592000&wi=300&hi=2
requestuid: fdce0abc-efd1-4932-b6b6-c5372c5aa3ad
responsecode: 200
responseserver: INFIMGADR00
responsetime: 343
responsetimeex: 343
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NXavRiWmoUfPGItwlyy60UR3OqX6o2eRFjGU1mg2Lafo3dU-Uwi6DQ==
age: 112611
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/hotbigcockky.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/hotbigcockky.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/hotbigcockky.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NN5BZbSXWTLCguaaerc9t7hdHSl8ICEKFm%2FQTOenVrSFoaSOyezImOsGHyjJLv3rEg2Q7la2wGQ%2FwXcmFFdekP3cBmp2Oxm6Rkgv1X2MxprIskfTp1CygIrkCiS%2F23i34w6LjfLiaBhwwSWmVQfAcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=ehvhKwcM73jFcWYgZAino5knXDIJj0D3c3Td.BC6OGE-1664995417936-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd1dc7c0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0235/1459235/1740c40f94a54ed392ab8b3feb3dd579.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
200 OK 14 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0235/1459235/1740c40f94a54ed392ab8b3feb3dd579.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x225, components 3\012- data
Hash b72076a559ed11b4043a62833cebfbb7
4e49daeff6fa31d5b78a5d1e7ee034a28ea30a14
d61cb3c2c95a8b8853a758ba20372f6bd899ce8c1580ab85702f7de3b6db199f
GET /imagesrv/imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0235/1459235/1740c40f94a54ed392ab8b3feb3dd579.jpg&cctrl=public,max-age%3d2592000&wi=300&hi=225 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 14012
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 11:26:20 GMT
etag: B72076A559ED11B4043A62833CEBFBB7
id: 3372
last-modified: Tue, 04 Oct 2022 11:26:20 GMT
requestparameters: imp_getimage?is=IMLFOH&qu=77&wm=0&fn=ahip/0235/1459235/1740c40f94a54ed392ab8b3feb3dd579.jpg&cctrl=public,max-age=2592000&wi=300&hi=225
requestuid: bb2f78e7-f8d1-49cf-b99a-9b142bcfa4aa
responsecode: 200
responseserver: INFIMGADR00
responsetime: 375
responsetimeex: 375
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W0QTKHTN-QiDflgiefApg4_cm7M0iyHZ9FZhstbKm73TO2Kyr5NE6w==
age: 112612
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/1kt/watermark/post_background_navigator.png
200 OK 95 B URL HTTP/2 resources.blogblog.com/blogblog/data/1kt/watermark/post_background_navigator.png
IP
File type PNG image data, 10 x 10, 1-bit colormap, non-interlaced\012- data
Hash 66d45032dbfe7d61c7a806e1345ea901
4b78e823052e351015003a492e5266d838b429d9
b54e5dbada85482b03a9528702cabb111230561e31e3aff510f94598f194e45d
GET /blogblog/data/1kt/watermark/post_background_navigator.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 95
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:41:04 GMT
expires: Wed, 12 Oct 2022 18:41:04 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 08:35:45 GMT
content-type: image/png
age: 154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/shred95.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/shred95.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/shred95.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:37 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijM46QLJcqm%2BIudK8PNKyq%2BpcsV9KMcqCFPZpe98UWQCN1%2BwMS9xLGLjOdTQr5l%2BUCZGbRycXRCW%2Fp8Q6EOKaMTLUhQue7stujYcdL1i8yPx%2FfTLvtXwecciik%2FOVr49pNpt1i3KKobJQoE76LP1twY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=mHKcozJnXE_MwkjE1zkRcqpk3achgtJZ9shQJdNmzTU-1664995417977-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd21cbc0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/img/share_buttons_20_3.png
200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:14:19 GMT
expires: Sat, 08 Oct 2022 07:14:19 GMT
cache-control: public, max-age=604800
last-modified: Fri, 30 Sep 2022 19:52:35 GMT
content-type: image/png
age: 386959
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e2d5ecbd4e677e1dd22e5c4dfc6a9297
9d43b5a434c078719c02594140ee69dd5c173aac
96850f48eef2347a027f83ddfee57493b65eef1bb27b8423e1a45b5a76c918fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96850F48EEF2347A027F83DDFEE57493B65EEF1BB27B8423E1A45B5A76C918FE"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7190
Expires: Wed, 05 Oct 2022 20:43:28 GMT
Date: Wed, 05 Oct 2022 18:43:38 GMT
Connection: keep-alive
resources.blogblog.com/img/widgets/s_top.png
200 OK 335 B URL HTTP/2 resources.blogblog.com/img/widgets/s_top.png
IP
File type PNG image data, 144 x 400, 4-bit colormap, non-interlaced\012- data
Hash c4908f4189f7698dc8afdd67df8ce041
b6f7cd64ff84e7cedb4b8b92ceb8b9800ad7624a
cfe1d5dd45c7f0897d769e6c95ae9036fbdc7dad76ac9ed6ce6b21a785ecd6de
GET /img/widgets/s_top.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 335
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 11:54:51 GMT
expires: Wed, 12 Oct 2022 11:54:51 GMT
cache-control: public, max-age=604800
last-modified: Wed, 05 Oct 2022 07:18:22 GMT
content-type: image/png
age: 24527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roomimg.stream.highwebmedia.com/ri/bluejj1313.jpg
200 OK 22 kB URL HTTP/2 roomimg.stream.highwebmedia.com/ri/bluejj1313.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2016:06:03 17:53:12], progressive, precision 8, 360x270, components 3\012- data
Hash 8fee6ec02f81aa6bb1c06562cb2c5dd6
cf2238933e2efa0f1e175cc6c0d6c7cc0fa0d9f5
faeb9cfa44221602b4b0d670b5cebd94019678b9d5b727e4319cff43cedbebd2
GET /ri/bluejj1313.jpg HTTP/1.1
Host: roomimg.stream.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:38 GMT
content-type: image/jpeg
content-length: 21971
cache-control: public, max-age=30
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-frame-options: DENY
cf-cache-status: EXPIRED
last-modified: Wed, 05 Oct 2022 18:41:20 GMT
expires: Wed, 05 Oct 2022 18:44:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPMRpOfd1COVNZvtji3WxPlFVhnds4fcmM3UjYOUUuar73pH0c1JY%2BH0zQoZF132NrJ7Z4QXBMX7kkGqar6xx%2BDpH%2BpjdfZQFEDq%2BMEqV%2BDNiN6WzolL5x%2B43xu2n2zew0eyNGQFhInap3Pn8V20JkM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75584dd1dc7d0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
resources.blogblog.com/img/widgets/s_bottom.png
200 OK 172 B URL HTTP/2 resources.blogblog.com/img/widgets/s_bottom.png
IP
File type PNG image data, 144 x 3, 4-bit colormap, non-interlaced\012- data
Hash a9bbd1bf495055e06e61aec7f8c1b6c4
491c1a006da8a9eea4f3d1bb27e5815ab66a9f45
91fe35689444e53c1bf3e04f24c154fa0468be9edd3c84344f9f64c2eff89eeb
GET /img/widgets/s_bottom.png HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 00:24:32 GMT
expires: Wed, 12 Oct 2022 00:24:32 GMT
cache-control: public, max-age=604800
last-modified: Tue, 04 Oct 2022 09:10:01 GMT
content-type: image/png
age: 65946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29305d430d4a98929d99f493c8fa0e09
37e64cc35bce4869f3573c565fdd177dc4e128c0
0557db8eed6f9f794247c44d8b7a8cd99caf6716cc48932ce3b3c1d907493869
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a160d6a877f62ebad87c8289ae304fb5
fe09e0399c67c7cbb04854c195c6eed5789cb39b
b8a1c773c80d5d7e29a3e95bb95b4678b930d9532552d690e2f1dea06fe9b23d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:38 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ObEchDjpk1_u2NSxovoGvsBf29CoszierOp4yW2NRsTMi-LQXxAn4w==
cloud.secure.nexpectation.com/assets/banners/ebx/001/ebx_gif_1.gif
200 OK 5.0 MB URL HTTP/2 cloud.secure.nexpectation.com/assets/banners/ebx/001/ebx_gif_1.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 5.0 MB (4998615 bytes)
Hash 039717b3b77aeb710f0c5b4193b7f52d
2ce4e24cc3f799174cc7dd2e8af55e6a7a3b8d2a
5368b06529bff971b1703f888f8c707c2da8a692229044b2e4ff13482a6af051
GET /assets/banners/ebx/001/ebx_gif_1.gif HTTP/1.1
Host: cloud.secure.nexpectation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:38 GMT
etag: "1522094956"
cache-control: max-age=86400
content-length: 4998615
content-type: image/gif
last-modified: Mon, 26 Mar 2018 20:09:16 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1664995418.dop072.sk1.t,1664995418.cds026.sk1.hn,1664995418.cds239.sk1.c
X-Firefox-Spdy: h2
cloud.secure.nexpectation.com/assets/banners/ebx/002/ebx_gif_2.gif
200 OK 4.4 MB URL HTTP/2 cloud.secure.nexpectation.com/assets/banners/ebx/002/ebx_gif_2.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 4.4 MB (4399618 bytes)
Hash 66a2fc195045b3b6d29865db851830a7
d27ca31fbd77b1de75296d25d095aedb84b05c77
ace1583b3367bf954ba912ea64b40b629013c132fc066e8de47289d31ddcaf0a
GET /assets/banners/ebx/002/ebx_gif_2.gif HTTP/1.1
Host: cloud.secure.nexpectation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:38 GMT
etag: "1522095100"
cache-control: max-age=86400
content-length: 4399618
content-type: image/gif
last-modified: Mon, 26 Mar 2018 20:11:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1664995418.dop072.sk1.t,1664995418.cds026.sk1.hn,1664995418.cds241.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 17dcf5b5b9fbb39ff5862ec3c6bf2977
115d58376f2be90ae0d60d59c492deb9aee620cc
19660ab433b876a783e938a6542e712a5d2ac1e404eaeb05db58070472f0d668
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19660AB433B876A783E938A6542E712A5D2AC1E404EAEB05DB58070472F0D668"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6443
Expires: Wed, 05 Oct 2022 20:31:01 GMT
Date: Wed, 05 Oct 2022 18:43:38 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 58ac1b886710ef98c8b70a37dcc2b855
ed76f180385d65285525c3426857e1880e2817c8
7fd9a97b66875a6c87413705781a8800ab15e8faaeb821364914ca2d0dd9c890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=420941480073167468&zx=ce6c53da-703e-472f-a93e-cc4f1363365d
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=420941480073167468&zx=ce6c53da-703e-472f-a93e-cc4f1363365d
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=420941480073167468&zx=ce6c53da-703e-472f-a93e-cc4f1363365d HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 Oct 2022 18:43:38 GMT
last-modified: Wed, 05 Oct 2022 18:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=420941480073167468&blogName=XLoveGay&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://xlovegayblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://xlovegayblog.blogspot.com/&vt=3039385022350878281&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=420941480073167468&blogName=XLoveGay&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://xlovegayblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://xlovegayblog.blogspot.com/&vt=3039385022350878281&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3207)
Hash ed73474dd16ac255a2574fd79a7dfb62
15ce9dc3d8d356fa044ddd301d9eee905953063e
71d006693215de9da05a0695a07b58b4ed8c3296d6d0e9a1841aa7c454ab4497
GET /navbar.g?targetBlogID=420941480073167468&blogName=XLoveGay&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://xlovegayblog.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://xlovegayblog.blogspot.com/&vt=3039385022350878281&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 Oct 2022 18:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2576
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565931f85be1d7b79c3c78799b78b803
4fac3edd83d096a2f808e68f59fb664205074326
7159ade2298f39b07ad6d7f48031406c05ac4a3f5cf947e91220c1c460b0cedb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7159ADE2298F39B07AD6D7F48031406C05AC4A3F5CF947E91220C1C460B0CEDB"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17797
Expires: Wed, 05 Oct 2022 23:40:16 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
cloud.secure.nexpectation.com/assets/banners/txxxm/002/txxxm_gif_2.gif
200 OK 4.3 MB URL HTTP/2 cloud.secure.nexpectation.com/assets/banners/txxxm/002/txxxm_gif_2.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 4.3 MB (4252405 bytes)
Hash 355ee28b71c9836ba7d211dcce8ecc76
8cf05441c6c48ca9c44ad61512342273589ca681
1918b0b13254323ce27c0dd0cc68394e849b029691e328437cc1316b6f304965
GET /assets/banners/txxxm/002/txxxm_gif_2.gif HTTP/1.1
Host: cloud.secure.nexpectation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:38 GMT
etag: "1522099716"
cache-control: max-age=86400
content-length: 4252405
content-type: image/gif
last-modified: Mon, 26 Mar 2018 21:28:36 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1664995418.dop072.sk1.t,1664995418.cds026.sk1.hn,1664995418.cds220.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565931f85be1d7b79c3c78799b78b803
4fac3edd83d096a2f808e68f59fb664205074326
7159ade2298f39b07ad6d7f48031406c05ac4a3f5cf947e91220c1c460b0cedb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7159ADE2298F39B07AD6D7F48031406C05AC4A3F5CF947E91220C1C460B0CEDB"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17797
Expires: Wed, 05 Oct 2022 23:40:16 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
cloud.secure.nexpectation.com/assets/banners/txxxm/001/txxxm_gif_1.gif
200 OK 4.7 MB URL HTTP/2 cloud.secure.nexpectation.com/assets/banners/txxxm/001/txxxm_gif_1.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 4.7 MB (4705199 bytes)
Hash 010621fc500218873250fcf830528694
89bdd0006db3478fa1ac3dd193e07dfc43a3f189
b1928a4d16622b38b99bad3ff2d00f128e205ca144c6dc16dfc22d4fb21c12ff
GET /assets/banners/txxxm/001/txxxm_gif_1.gif HTTP/1.1
Host: cloud.secure.nexpectation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:38 GMT
etag: "1522099591"
cache-control: max-age=86400
content-length: 4705199
content-type: image/gif
last-modified: Mon, 26 Mar 2018 21:26:31 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1664995418.dop072.sk1.t,1664995418.cds026.sk1.hn,1664995418.cds072.sk1.c
X-Firefox-Spdy: h2
apis.google.com/js/platform:gapi.iframes.style.common.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform:gapi.iframes.style.common.js
IP
File type ASCII text, with very long lines (1277)
Hash 789b1578022d06cdd9b9e08cc163b273
a0c8e6ee8eeab30a9e4694b4dce6114e8cf54694
a16daf81412962fc6dcd03dd2a513298533add37bd8e5566861385fcc61b01bc
GET /js/platform:gapi.iframes.style.common.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20370
date: Wed, 05 Oct 2022 18:43:39 GMT
expires: Wed, 05 Oct 2022 18:43:39 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "ad26d8ca372feb90"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8b2776e2dfc87f5fa03d8bcba6493b7
5d4472a8bf64aff81769e0fe865d4e7acf0b8849
eba9780e13427e27f6e5936732642da0c2a2b4ed7fd9a6d0061b70c1e8340553
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBA9780E13427E27F6E5936732642DA0C2A2B4ED7FD9A6D0061B70C1E8340553"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Wed, 05 Oct 2022 19:22:45 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2ShjGskkoulm60du3EwCEQ8XZnRm7CifSW2edj8uk8cQl_FFyd4gCmb4MTnnI6l9aTVIJH0HNQyL37FBh47wvMh44rW_3Xpi2ct2h_-2iNCxZdtMZ4jz0otjpgDyUwWlpuvwCCLQ69Cw1ikja5EPepgj89j_qZPsmlPw=s0-d
200 OK 436 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2ShjGskkoulm60du3EwCEQ8XZnRm7CifSW2edj8uk8cQl_FFyd4gCmb4MTnnI6l9aTVIJH0HNQyL37FBh47wvMh44rW_3Xpi2ct2h_-2iNCxZdtMZ4jz0otjpgDyUwWlpuvwCCLQ69Cw1ikja5EPepgj89j_qZPsmlPw=s0-d
IP
File type GIF image data, version 89a, 500 x 500\012- data
Size 436 kB (435920 bytes)
Hash 5117499711f9e9b8af7cb8a4a10efe59
6f860517cf01247003f1a27b1f0e5aa49b7aeae8
aa082b9b9a74ed94fa5a02ef6f5178ade56d7c1d816a5d5dd6a2a6fa4f742a02
GET /blogger_img_proxy/ANbyha2ShjGskkoulm60du3EwCEQ8XZnRm7CifSW2edj8uk8cQl_FFyd4gCmb4MTnnI6l9aTVIJH0HNQyL37FBh47wvMh44rW_3Xpi2ct2h_-2iNCxZdtMZ4jz0otjpgDyUwWlpuvwCCLQ69Cw1ikja5EPepgj89j_qZPsmlPw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 435920
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:41:22 GMT
expires: Thu, 06 Oct 2022 18:41:22 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/gif
age: 137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha25OxTsVrpT-IaF3WjmnKyFall9R_PFgA0w7NG-r8p7naO8uULM_D_xg6jhOUU5Cf7PxhgiayDPQvHwed7cW5f5YdWWJSGXGUjyVqrWkVNTogeYBmpAtFD37I4KkedgAJpiB0_D-yX1sckn1JxR6QztLXLRm50XQG8rMfA9IJM=s0-d
200 OK 40 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha25OxTsVrpT-IaF3WjmnKyFall9R_PFgA0w7NG-r8p7naO8uULM_D_xg6jhOUU5Cf7PxhgiayDPQvHwed7cW5f5YdWWJSGXGUjyVqrWkVNTogeYBmpAtFD37I4KkedgAJpiB0_D-yX1sckn1JxR6QztLXLRm50XQG8rMfA9IJM=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 315x300, components 3\012- data
Hash 1e61e1e189f0b7e0b4a8e60799e058db
2a38164d4906293923256fcfe16eeab8d763999c
9fb1cbd622b458266d2161249db7e43a1752f035c42f8625e1daf42727cb3d90
GET /blogger_img_proxy/ANbyha25OxTsVrpT-IaF3WjmnKyFall9R_PFgA0w7NG-r8p7naO8uULM_D_xg6jhOUU5Cf7PxhgiayDPQvHwed7cW5f5YdWWJSGXGUjyVqrWkVNTogeYBmpAtFD37I4KkedgAJpiB0_D-yX1sckn1JxR6QztLXLRm50XQG8rMfA9IJM=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 39511
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:41:22 GMT
expires: Thu, 06 Oct 2022 18:41:22 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 18:41:09 GMT
expires: Wed, 05 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 150
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bugleczmoidgxo.com/assets/cp/js/webcam_gallery/iframe_handler.js
200 OK 720 B URL HTTP/2 www.bugleczmoidgxo.com/assets/cp/js/webcam_gallery/iframe_handler.js
IP
ASN #212882 dnx network sarl
Hash 9709bacc04b62ff87963103b5e9e4883
89252d6bfec71288cab7a27bcaf83b4203b08413
099c9175214f0770a68ea18b0303d80042a897af574e4642ecfc313b07e02743
GET /assets/cp/js/webcam_gallery/iframe_handler.js HTTP/1.1
Host: www.bugleczmoidgxo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript
content-length: 720
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "fb8-5dee00855469c-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0fQzIsKgW_i0hwgVAThXCcGVJ8G-qd5NaJ-uCaG7HM5MMg7KD4q6Kay0pCX8JRXAM5x2K3rNQbLkHBgEjf23pEH53aCvlzvyGRKPZQxslHrvic6wlKekzqey3apdnn0rdvEgZJ58BOAsePKUrQTaycZZWQvyF-uZr_9kPbk_TO13NsQRi7TKet=s0-d
200 OK 85 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0fQzIsKgW_i0hwgVAThXCcGVJ8G-qd5NaJ-uCaG7HM5MMg7KD4q6Kay0pCX8JRXAM5x2K3rNQbLkHBgEjf23pEH53aCvlzvyGRKPZQxslHrvic6wlKekzqey3apdnn0rdvEgZJ58BOAsePKUrQTaycZZWQvyF-uZr_9kPbk_TO13NsQRi7TKet=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 1555a782c5051c4a49d679f499f22f7b
15a3386da32a39ebfd42eb9f373cc675054bf2d6
a716c80648b798923da0e7c7c4470b786dabfb590f398f03bdaaaa7659999298
GET /blogger_img_proxy/ANbyha0fQzIsKgW_i0hwgVAThXCcGVJ8G-qd5NaJ-uCaG7HM5MMg7KD4q6Kay0pCX8JRXAM5x2K3rNQbLkHBgEjf23pEH53aCvlzvyGRKPZQxslHrvic6wlKekzqey3apdnn0rdvEgZJ58BOAsePKUrQTaycZZWQvyF-uZr_9kPbk_TO13NsQRi7TKet=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 84650
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:10:24 GMT
expires: Thu, 06 Oct 2022 18:10:24 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 1995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pixxxels.cc/jdGgrTC3/x-love-gay.png
200 OK 9.9 kB URL HTTP/2 i.pixxxels.cc/jdGgrTC3/x-love-gay.png
IP
File type PNG image data, 250 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 541149af534306d3c2d0a38af891aebc
9f993ed7a49f8e75722fbc66a7b4ea32aef50688
1b7ea054ae43e8a7ffa07364d037974c86774f7b06824fa24727251088c2c75a
GET /jdGgrTC3/x-love-gay.png HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/png
content-length: 9904
last-modified: Fri, 07 Feb 2020 00:10:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0l8k9Plv0szqSY0b2P5533zjqrRAiyZzltM0FUxVEKGgFJ4LjvS_hAxvXFiFOTTEImmmrDMC_8-tlVfuAr_GNUuU0Xwuc-dcyedaVTenujbo4ol_A5jsNOTaC9K2LVqfSAIkoJyDrDgtRfUFwe0a0aP9dIbv5ZmfOzSqMOcXZ5xEXZwLk=s0-d
200 OK 133 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0l8k9Plv0szqSY0b2P5533zjqrRAiyZzltM0FUxVEKGgFJ4LjvS_hAxvXFiFOTTEImmmrDMC_8-tlVfuAr_GNUuU0Xwuc-dcyedaVTenujbo4ol_A5jsNOTaC9K2LVqfSAIkoJyDrDgtRfUFwe0a0aP9dIbv5ZmfOzSqMOcXZ5xEXZwLk=s0-d
IP
File type GIF image data, version 89a, 500 x 500\012- data
Size 133 kB (133368 bytes)
Hash 1c2679a764a6654fe933f7109116abb6
37e8b49a1d093ea5b3f2fc1b209f4dea52ceab14
15f33d3f17d2beeea689cf063ab9aa955f4382f4b28aef317b38c120aecc48b9
GET /blogger_img_proxy/ANbyha0l8k9Plv0szqSY0b2P5533zjqrRAiyZzltM0FUxVEKGgFJ4LjvS_hAxvXFiFOTTEImmmrDMC_8-tlVfuAr_GNUuU0Xwuc-dcyedaVTenujbo4ol_A5jsNOTaC9K2LVqfSAIkoJyDrDgtRfUFwe0a0aP9dIbv5ZmfOzSqMOcXZ5xEXZwLk=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 133368
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:41:22 GMT
expires: Thu, 06 Oct 2022 18:41:22 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/gif
age: 137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1dec479613976b3e32ff6bf661bc7b7a
b547bf2f45c23011ff9cbc550e8a4b053af70d85
f5b89bd185c31159f385eb01129ff517f2c73d83565f9b3608c67ca832789c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5B89BD185C31159F385EB01129FF517F2C73D83565F9B3608C67CA832789C0F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10090
Expires: Wed, 05 Oct 2022 21:31:49 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 075c0849a5739bda75763e3740fd5079
c59fbd5865bacc3857fcdfae28c7eaaa7ca1972b
24b54121bcf5221650c3127ee28ef7f92524d391f75639c1ad25d678e7a99d2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1dec479613976b3e32ff6bf661bc7b7a
b547bf2f45c23011ff9cbc550e8a4b053af70d85
f5b89bd185c31159f385eb01129ff517f2c73d83565f9b3608c67ca832789c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5B89BD185C31159F385EB01129FF517F2C73D83565F9B3608C67CA832789C0F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10090
Expires: Wed, 05 Oct 2022 21:31:49 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1dec479613976b3e32ff6bf661bc7b7a
b547bf2f45c23011ff9cbc550e8a4b053af70d85
f5b89bd185c31159f385eb01129ff517f2c73d83565f9b3608c67ca832789c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5B89BD185C31159F385EB01129FF517F2C73D83565F9B3608C67CA832789C0F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10090
Expires: Wed, 05 Oct 2022 21:31:49 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha33BzN-TCLrj_ZLyoXiyxhRtuTbrX4oJJeuzgnCvZyR6nn5VcK90chswP0DJy4IOGRXRXDdf3Bvw6tVC6TWTkvgyDGGe1cqOYRuylF8s0gt4pX0bjdCqQDOgrcBQT4Nn8DdUU9rKm49S0yu02ZX-35GdZIQtBIfnprHWqo=s0-d
200 OK 106 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha33BzN-TCLrj_ZLyoXiyxhRtuTbrX4oJJeuzgnCvZyR6nn5VcK90chswP0DJy4IOGRXRXDdf3Bvw6tVC6TWTkvgyDGGe1cqOYRuylF8s0gt4pX0bjdCqQDOgrcBQT4Nn8DdUU9rKm49S0yu02ZX-35GdZIQtBIfnprHWqo=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Size 106 kB (106284 bytes)
Hash 26caaaace426b485933670db4d29dfa5
05a8eb033dbd24d65c4f52d92037d314def374a5
6dc0457afb055a9c751f5335d72a4a3c637f5140e2d422e03da798e7877045c0
GET /blogger_img_proxy/ANbyha33BzN-TCLrj_ZLyoXiyxhRtuTbrX4oJJeuzgnCvZyR6nn5VcK90chswP0DJy4IOGRXRXDdf3Bvw6tVC6TWTkvgyDGGe1cqOYRuylF8s0gt4pX0bjdCqQDOgrcBQT4Nn8DdUU9rKm49S0yu02ZX-35GdZIQtBIfnprHWqo=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 106284
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:41:23 GMT
expires: Thu, 06 Oct 2022 18:41:23 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 136
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1dec479613976b3e32ff6bf661bc7b7a
b547bf2f45c23011ff9cbc550e8a4b053af70d85
f5b89bd185c31159f385eb01129ff517f2c73d83565f9b3608c67ca832789c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5B89BD185C31159F385EB01129FF517F2C73D83565F9B3608C67CA832789C0F"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10090
Expires: Wed, 05 Oct 2022 21:31:49 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Tue, 04 Oct 2022 20:43:01 GMT
expires: Tue, 18 Oct 2022 20:43:01 GMT
cache-control: public, max-age=1209600
age: 79238
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2AeDjbA0sKYNGh2DRKurE2C02XGotimmocw-EIS0TNTOJYccVd8w6_GAw_LvagVfuWZAuU4Kt8RDUJabOwUZ_L65nR4BPJ9GdOV72jjZD6waQlh-2r-A3pv3IGQVnG5intP4v5B1sGAGpS3W8BS1vD_GXG-hmsTV2D4rxoKhDO788jkwS55eaX=s0-d
200 OK 89 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2AeDjbA0sKYNGh2DRKurE2C02XGotimmocw-EIS0TNTOJYccVd8w6_GAw_LvagVfuWZAuU4Kt8RDUJabOwUZ_L65nR4BPJ9GdOV72jjZD6waQlh-2r-A3pv3IGQVnG5intP4v5B1sGAGpS3W8BS1vD_GXG-hmsTV2D4rxoKhDO788jkwS55eaX=s0-d
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 500x500, components 3\012- data
Hash 28910603dcc3b45c0c42ee1d9a202793
888d8f4b34e5a8a45fd4a1059d3198e771e23959
b2d461f532dbaf7d878b429447c454e1b0ad13fa66149ff178b018533087ff99
GET /blogger_img_proxy/ANbyha2AeDjbA0sKYNGh2DRKurE2C02XGotimmocw-EIS0TNTOJYccVd8w6_GAw_LvagVfuWZAuU4Kt8RDUJabOwUZ_L65nR4BPJ9GdOV72jjZD6waQlh-2r-A3pv3IGQVnG5intP4v5B1sGAGpS3W8BS1vD_GXG-hmsTV2D4rxoKhDO788jkwS55eaX=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: attachment;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 88835
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:10:24 GMT
expires: Thu, 06 Oct 2022 18:10:24 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 1995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1248178701&t=pageview&_s=1&dl=https%3A%2F%2Fxlovegayblog.blogspot.com%2F&ul=en-us&de=UTF-8&dt=XLoveGay&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=562393948&gjid=1363023678&cid=2029602045.1664995419&tid=UA-172906678-1&_gid=176639896.1664995419&_r=1&_slc=1&z=559708163
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1248178701&t=pageview&_s=1&dl=https%3A%2F%2Fxlovegayblog.blogspot.com%2F&ul=en-us&de=UTF-8&dt=XLoveGay&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=562393948&gjid=1363023678&cid=2029602045.1664995419&tid=UA-172906678-1&_gid=176639896.1664995419&_r=1&_slc=1&z=559708163
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=1248178701&t=pageview&_s=1&dl=https%3A%2F%2Fxlovegayblog.blogspot.com%2F&ul=en-us&de=UTF-8&dt=XLoveGay&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAACAAI~&jid=562393948&gjid=1363023678&cid=2029602045.1664995419&tid=UA-172906678-1&_gid=176639896.1664995419&_r=1&_slc=1&z=559708163 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://xlovegayblog.blogspot.com
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://xlovegayblog.blogspot.com
date: Wed, 05 Oct 2022 18:43:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.pixxxels.cc/0yrzMCFb/Streamen-506x360.jpg
200 OK 36 kB URL HTTP/2 i.pixxxels.cc/0yrzMCFb/Streamen-506x360.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 506x360, components 3\012- data
Hash c7d38801e1f8dca5b73c8ac93f60f88c
5d721a7f332c511647a5553bc5151db2d8e39493
1842a38ff3b007212d9ddaff79df2e97536e57fd4326e295002b6fd27b668768
GET /0yrzMCFb/Streamen-506x360.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 36129
last-modified: Fri, 17 Jul 2020 15:55:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 8f3e030cdbeb3382f7cf08465a09d751
b3e9a07fa836a523cfa42ee25ad626d6b7d46436
6fcaadd859948fece8976d8b74765387e3a5b27d1b3570f9b59978b20a40fc75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:39 GMT
Last-Modified: Wed, 05 Oct 2022 17:56:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg
200 OK 2.0 kB URL HTTP/1.1 wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg
IP
File type HTML document, ASCII text, with very long lines (372)
Hash 3ac8cdda7c53d62cf6963a83e87521b7
a86c150bffdc073d29fd7f4a065ce9c78a633316
9ec7d1db7db53703b4a54cc64c65339ce8757680a171e7dc9c233e3630efa51e
GET /banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg HTTP/1.1
Host: wct.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript
content-length: 1952
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
access-control-allow-headers: x-requested-with
set-cookie: RNLBSERVERID=ded4077; path=/
x-request-id: 633DD059-D812A8A101BBDE83-122634
wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg
200 OK 2.0 kB URL HTTP/1.1 wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg
IP
File type HTML document, ASCII text, with very long lines (372)
Hash e259fc47feef1c68ce49b742b5c32045
d94dfd9a60fe399453a921cc878f499974f49737
68055d52bf01ed28a689ccb622b2aa0d565b9ac3b2d57215dcb6d65382a3d04c
GET /banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg HTTP/1.1
Host: wct.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript
content-length: 1952
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
access-control-allow-headers: x-requested-with
set-cookie: RNLBSERVERID=ded5635; path=/
x-request-id: 633DD059-D812A8A101BB34B7-124E0A
i.pixxxels.cc/q7yr4YqT/471x272-Next-Door-Chat.jpg
200 OK 31 kB URL HTTP/2 i.pixxxels.cc/q7yr4YqT/471x272-Next-Door-Chat.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 471x272, components 3\012- data
Hash 3377b66dee59080c79e8f285529b7784
55b9eb086286c3246dc0bd7cf0cb4928b5f9833d
68dabdebbc0711d2edf1aa6eb4627c550e40ed3ea12aa7f42d9567e5864796a4
GET /q7yr4YqT/471x272-Next-Door-Chat.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 31052
last-modified: Sat, 18 Jul 2020 19:08:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/4/c/4c617275df4ad854671e722fe9c9d301.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/4/c/4c617275df4ad854671e722fe9c9d301.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash 1353701782d0712acec9a22a9136a438
e86ef691aa7b2e1832a3096a5a4f89ff9177f38f
cb853898e9b2f3c12effe251fb16e77a9785a0d8060126e96d5a4e2db4e6420a
GET /html/4/c/4c617275df4ad854671e722fe9c9d301.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 21:25:19 GMT
etag: "1353701782d0712acec9a22a9136a438"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6xZdVQvYRDGj0cQnjUVEUHJV5lX4byPHbMnK2fQck8QvW8QycE_Svg==
age: 166338
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7246
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
cdn.creativesumo.com/jpg/c/a/ca6cb8972ba0044c56e6ab22a93ef316.jpg
200 OK 35 kB URL HTTP/2 cdn.creativesumo.com/jpg/c/a/ca6cb8972ba0044c56e6ab22a93ef316.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x300, components 3\012- data
Hash ca6cb8972ba0044c56e6ab22a93ef316
c3aab752569b6a69a3c089123a16cf8ee772a4ab
04ab058160baef034d8d83c02eb8ead00af3c8e93b7e92e301f431527166ff6b
GET /jpg/c/a/ca6cb8972ba0044c56e6ab22a93ef316.jpg HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 35225
date: Sun, 02 Oct 2022 06:32:26 GMT
last-modified: Wed, 15 Aug 2018 14:53:07 GMT
etag: "ca6cb8972ba0044c56e6ab22a93ef316"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qj4s_F3nYSbEq74uuLxwkO3gf_MPuB9PNdlBDovXSd_3RX_3JxxOCw==
age: 303074
X-Firefox-Spdy: h2
i.pixxxels.cc/wMHzX6Bw/male-728x90-3.jpg
200 OK 33 kB URL HTTP/2 i.pixxxels.cc/wMHzX6Bw/male-728x90-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 724x90, components 3\012- data
Hash 131aa09b94f9b7d40bd1fe63198ec4a3
38a853f3681992ebb20bacf29c234ae94df9890b
4662a285b768452d7bf0312d2e8b4f2c14a172fe80057984259d55ac906b6c3a
GET /wMHzX6Bw/male-728x90-3.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 33347
last-modified: Fri, 17 Jul 2020 15:30:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/b/0/b0b22274e1616e18373adc26c6d194be.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/b/0/b0b22274e1616e18373adc26c6d194be.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash 5fdf6e457c0465c6c7607c17005ae748
f5b13667a85c9786ac1990b10d96e73787524d0f
4376a90622f97c7de27d0f142b6615ffcf22f34cac951ee3a53c90533ee1152d
GET /html/b/0/b0b22274e1616e18373adc26c6d194be.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 22:12:18 GMT
etag: "5fdf6e457c0465c6c7607c17005ae748"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UBT7HR-D12qwZRrjpxEfl6lI_BI-MFKieAqESdtKAC7i4QSHoFaG9g==
age: 166338
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/2/c/2cc418759c5810fc71e326341e5a0657.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/2/c/2cc418759c5810fc71e326341e5a0657.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash 709ed71f689efac8b52a8d58453de6f9
b001aca70a9ed5b81add55283487ca9b648c8f83
7b8aff51f713f1bbde730d1f44ea98a56fa7b2de9f37c996fa8c9f3bdf3642ec
GET /html/2/c/2cc418759c5810fc71e326341e5a0657.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 21:09:58 GMT
etag: "709ed71f689efac8b52a8d58453de6f9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X06P_hwrVwSW38FDhCICvWiIcC5TTUXvC5D7MTx8j0y560WhJZNPkQ==
age: 166338
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
302 Found 226 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5684363a171f7415be0a9909b5a40f73
84a0067ad70c3880dd1be0289576641d9b29ef8a
d28685621db663129a20177930ab3e3cad6519370df6ca05229c857e6880b2b4
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&followup=https://www.blogger.com/blogin.g?blogspotURL%3Dhttps://xlovegayblog.blogspot.com/%26type%3Dblog%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 05 Oct 2022 18:43:39 GMT
location: https://www.blogger.com/blogin.g?blogspotURL=https%3A%2F%2Fxlovegayblog.blogspot.com%2F&type=blog&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-ba2gYlx589bUZ3jtvoLyMQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 226
server: GSE
set-cookie: __Host-GAPS=1:UnTmQPTL6Qmz78Qjdi5Iryem4VzScA:5vCjGRkn66YDKo4-;Path=/;Expires=Fri, 04-Oct-2024 18:43:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7246
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7246
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 18:43:39 GMT
Connection: keep-alive
i.pixxxels.cc/BndJRzHx/gbl-Header.jpg
200 OK 42 kB URL HTTP/2 i.pixxxels.cc/BndJRzHx/gbl-Header.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 455x190, components 3\012- data
Hash 6f82a5aeb280b700dbeb04037d04a03d
644d47a6da098f287fc91f7c6515e7902131421f
49889317222f5fda209b65d83a123e1326c9a96d3b69f0274cca16423777ff4d
GET /BndJRzHx/gbl-Header.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 41662
last-modified: Fri, 17 Jul 2020 05:52:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/Qdqg6QqS/Big-Cocks-NJocks-500-x-177.jpg
200 OK 41 kB URL HTTP/2 i.pixxxels.cc/Qdqg6QqS/Big-Cocks-NJocks-500-x-177.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 500x177, components 3\012- data
Hash 5e1667724f8e8dedbdc1dd7f7f6f8f0e
e9d01ecb5a9cb8a17f86611f9341a69c8bbcb604
3e15bd985b51eea0a2983c0431415e3053daf6c3d0bfc0bfb1078fbea9e59b37
GET /Qdqg6QqS/Big-Cocks-NJocks-500-x-177.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 41151
last-modified: Mon, 12 Jul 2021 07:06:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/RCwcCv8d/pornication300.jpg
200 OK 56 kB URL HTTP/2 i.pixxxels.cc/RCwcCv8d/pornication300.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:01:16 10:52:24], progressive, precision 8, 300x300, components 3\012- data
Hash 407d7b6460171cd9bc29fa974339016f
7f048d80fc8479629e5e601a7fddf16bda804a82
fd8f76b0766d90a3153c822e076782d331e72622a4abf3a92a99f9d276de9aef
GET /RCwcCv8d/pornication300.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 55473
last-modified: Wed, 01 May 2019 05:49:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/L6gtFhRt/Gay-1200-A.gif
200 OK 56 kB URL HTTP/2 i.pixxxels.cc/L6gtFhRt/Gay-1200-A.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Hash 1160a54743d5344a77e278cce23b242a
f72a1aa678544c7bf5e82d292369279be840f8b1
19abff150e92430639c7b862be44ce673e7cbd7d31fe75e6d3a6a0b50cb7f85b
GET /L6gtFhRt/Gay-1200-A.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 55478
last-modified: Wed, 03 Jan 2018 20:23:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/W1BPQw4T/300x250-2-1.jpg
200 OK 38 kB URL HTTP/2 i.pixxxels.cc/W1BPQw4T/300x250-2-1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash 9a9d387ebf16f0177b825e80b88b554b
dad267170c234a5c368066f0b620aac8caf8ee79
efda4012ebddfd346b31b75b07b7393e38fb13ccf46c1b348174e8ec062cfe88
GET /W1BPQw4T/300x250-2-1.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 38368
last-modified: Thu, 10 Sep 2020 02:32:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/13WzyNzs/cb-male-300.jpg
200 OK 60 kB URL HTTP/2 i.pixxxels.cc/13WzyNzs/cb-male-300.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 7c079968aaea3bdae85696f431d0a029
594d6fe8814e2a5f8f41b74999424cd995ab1e11
408d09731e8af9baf4400344566cfbb4c52e65d96fbcea3beaf457a238048823
GET /13WzyNzs/cb-male-300.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 60011
last-modified: Fri, 17 Jul 2020 15:19:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creativesumo.com/jpg/f/a/fa47a4748b55999a28dc313182ac30ee.jpg
200 OK 119 kB URL HTTP/2 cdn.creativesumo.com/jpg/f/a/fa47a4748b55999a28dc313182ac30ee.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x300, components 3\012- data
Size 119 kB (118739 bytes)
Hash fa47a4748b55999a28dc313182ac30ee
feb5ab0920d667f36115949e5bb30e9e763a87e2
0304e4af9aabd0145662deb21aacc003fea2f073ebb30444b1cf833b7b9b346f
GET /jpg/f/a/fa47a4748b55999a28dc313182ac30ee.jpg HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 118739
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 18 Jul 2018 20:23:40 GMT
etag: "fa47a4748b55999a28dc313182ac30ee"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c8R0BwXq_9eyLXwB83JjGIGhGNQ4fK-jtieq_3ay_CXInLza3sQCug==
age: 166338
X-Firefox-Spdy: h2
i.pixxxels.cc/TYrrdMWw/Male-Private-Feeds-500-x-375.jpg
200 OK 65 kB URL HTTP/2 i.pixxxels.cc/TYrrdMWw/Male-Private-Feeds-500-x-375.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 500x375, components 3\012- data
Hash 52ec924dbe734a4c5d6482aab91059da
eb626236a14efbc5cf32c369e27ef304e5448d0c
a6bbf7ee8c6de578be0802b594ab0cf08ed19cf7e1a9a83ecc7b4b4e441fe0f7
GET /TYrrdMWw/Male-Private-Feeds-500-x-375.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 64755
last-modified: Tue, 13 Jul 2021 04:58:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/W3cqJL2C/339-x-194.jpg
200 OK 65 kB URL HTTP/2 i.pixxxels.cc/W3cqJL2C/339-x-194.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2013:08:23 10:19:11], baseline, precision 8, 339x194, components 3\012- data
Hash c73c0e034bf5b61cfc242d3fdd8192be
d1c4c9416f60151ac83bfb6326166d4fa9bf3013
ef18264216f2941d3e99fc0761f4807e911ab013e41de34683a28d2e895dae77
GET /W3cqJL2C/339-x-194.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 65437
last-modified: Wed, 03 Jul 2019 04:26:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/c4qGkp4y/chaturbate-models-wanted-0.png
200 OK 50 kB URL HTTP/2 i.pixxxels.cc/c4qGkp4y/chaturbate-models-wanted-0.png
IP
File type PNG image data, 210 x 210, 8-bit/color RGBA, non-interlaced\012- data
Hash a2f8f4463a0a3bd257b1d5d5c6580ea4
b88ac05350f8fe5cf33bb4cccc1007740be319f8
291f004aef79319a33d68f593c2c6fdd6f132b04981932f46b535c628c38e74c
GET /c4qGkp4y/chaturbate-models-wanted-0.png HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/png
content-length: 50510
last-modified: Tue, 28 Jul 2020 13:31:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/KYwvMSLW/cb-male-300-2.jpg
200 OK 59 kB URL HTTP/2 i.pixxxels.cc/KYwvMSLW/cb-male-300-2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 78db4288b1904ca26a3ff9335f8bbad7
5a3bd1b991be9c4e7a6f1ddb25faf0034d6db885
4a4608f2b80c1e999ab5c9adc4203657940f3e3594dc2c37f362b275a1ed3f1a
GET /KYwvMSLW/cb-male-300-2.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 59156
last-modified: Fri, 17 Jul 2020 15:19:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/W3ZpmWw1/cb-male-300-3.jpg
200 OK 59 kB URL HTTP/2 i.pixxxels.cc/W3ZpmWw1/cb-male-300-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Hash 3da470d122c58c1b7ba5e38ec0c120bd
425360ebfd9e00704e4b46f7babe6b0e89b6b534
e4ac8129c6e54bb29128b3e8d0e3ecd2e103890ff6b08acb81f60182faff4ea2
GET /W3ZpmWw1/cb-male-300-3.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 58757
last-modified: Fri, 17 Jul 2020 15:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/PxxHSj15/Straight-Naked-Thugs-500-x-193.jpg
200 OK 56 kB URL HTTP/2 i.pixxxels.cc/PxxHSj15/Straight-Naked-Thugs-500-x-193.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 500x193, components 3\012- data
Hash 7f87e91253e4cf00b1960783f197af84
740f84b481b76f6d1082431e80273f3a0cb66967
4bc693cbdd0f30b6bfde662cf9359fe554e961a439c90df19c0f44a4d5b837ff
GET /PxxHSj15/Straight-Naked-Thugs-500-x-193.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 56257
last-modified: Tue, 13 Jul 2021 03:56:12 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/52PfRwj6/Maskurbate-486-x-360.jpg
200 OK 142 kB URL HTTP/2 i.pixxxels.cc/52PfRwj6/Maskurbate-486-x-360.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2016:11:03 12:02:53], baseline, precision 8, 486x360, components 3\012- data
Size 142 kB (141706 bytes)
Hash 7aeabb77222e9d8af1d1821a292a41c2
ddd9c5fd1a330009ad7bad9ded1d0105a9554671
5883078a4990067677c0e978ecdd070c9b51afb64511a6d7694692456578752d
GET /52PfRwj6/Maskurbate-486-x-360.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 141706
last-modified: Wed, 12 Aug 2020 21:29:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/SK0gqPn5/Raging-Stallion-Copy.jpg
200 OK 119 kB URL HTTP/2 i.pixxxels.cc/SK0gqPn5/Raging-Stallion-Copy.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 486x360, components 3\012- data
Size 119 kB (119302 bytes)
Hash 27b2c426adb8f5d76b58b9127cef1209
4d6fc2d56081a32058044fce4b9a2b0b7893a790
19761bcc0bb4e4c52f258ed4004dd5aa7f7de893d91f5419703f197ab15322af
GET /SK0gqPn5/Raging-Stallion-Copy.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 119302
last-modified: Wed, 12 Aug 2020 21:33:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/SsHqX5Zv/xlovegay-250x250-10-en.gif
200 OK 53 kB URL HTTP/2 i.pixxxels.cc/SsHqX5Zv/xlovegay-250x250-10-en.gif
IP
File type GIF image data, version 89a, 250 x 250\012- data
Hash 79a9a57792d806a374536c5bf0810130
58916aeda59b3a720cb13f859de3f4aa4da1e823
5f92ad6109e1cc8fc0a04c59c7fee0338b9f2700db5cc6f6dace07050b7b9ac0
GET /SsHqX5Zv/xlovegay-250x250-10-en.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 52712
last-modified: Mon, 16 Apr 2018 17:09:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/43Tr6RpF/header-logo.png
200 OK 92 kB URL HTTP/2 i.pixxxels.cc/43Tr6RpF/header-logo.png
IP
File type PNG image data, 478 x 222, 8-bit/color RGBA, non-interlaced\012- data
Hash c33944f4aa437eda7ef7c1bf728716d2
c5a1c2517ba06c3da1cffb669dbc1c7728f1199a
2a8999601eb22d54bbe45b852ce355be4c47243f54ce4e7cab667330d40a398b
GET /43Tr6RpF/header-logo.png HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/png
content-length: 91494
last-modified: Fri, 17 Jul 2020 05:59:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/C5ZhGdwz/Next-Door-Raw-486-x-360.jpg
200 OK 84 kB URL HTTP/2 i.pixxxels.cc/C5ZhGdwz/Next-Door-Raw-486-x-360.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, software=ACDSee Pro 5, datetime=2016:01:25 12:48:16], baseline, precision 8, 486x360, components 3\012- data
Hash f95f38a0ac2f81e87fe526ba5947e317
5076083c92231b309502e2b5fc0a914f9511ed5e
8abff96dd5920e15d785a6cc67b335a4f31cf868c24b86c7616b9c5369b5fa70
GET /C5ZhGdwz/Next-Door-Raw-486-x-360.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 83906
last-modified: Wed, 12 Aug 2020 21:24:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/L82xX8jp/250x250-3.jpg
200 OK 66 kB URL HTTP/2 i.pixxxels.cc/L82xX8jp/250x250-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 250x250, components 3\012- data
Hash a8182ff4c2f88809c326f99ae0ba0aef
a4253d89ffcde186201fdfafff9cef2ce908338b
4f43226ad1be768b166abe5dad94591edd3823a64c20bb27269be2243ddf499f
GET /L82xX8jp/250x250-3.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 66081
last-modified: Thu, 13 Aug 2020 05:58:26 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/zXSk9Y6P/300x300-02.jpg
200 OK 78 kB URL HTTP/2 i.pixxxels.cc/zXSk9Y6P/300x300-02.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Hash c410dc06bf222f2b872ffe45597f795d
7b3694a38663d02586a138daadb74c31b4f7a05d
bc3fd660bb2412eddf568369fcd808b839cec9dc30a99975bd6e8d06064fa1e9
GET /zXSk9Y6P/300x300-02.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 77706
last-modified: Thu, 13 Aug 2020 06:01:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/mDJd23yX/300x300-best.jpg
200 OK 79 kB URL HTTP/2 i.pixxxels.cc/mDJd23yX/300x300-best.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Hash 42e03e2cb5fd102479ca83a9442a0636
1c388d79d116c32a74107071fd50e2b7f390097d
e0b4c89c1a22210c6dbdeafae8b01fa6026da611e824bb9f9f890332519ac1f8
GET /mDJd23yX/300x300-best.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 79023
last-modified: Thu, 13 Aug 2020 05:55:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/sfY1K1wM/250x250-2.jpg
200 OK 74 kB URL HTTP/2 i.pixxxels.cc/sfY1K1wM/250x250-2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 250x250, components 3\012- data
Hash 5ae2157c05d0056afae79b73a94c169e
f2b0b191feb1847900fe55feb27bdb103896acf5
bbc8fecab9bfcb0eb5e44b474097d6e77942b705054549ac5947ca750d99c8c3
GET /sfY1K1wM/250x250-2.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 74444
last-modified: Thu, 10 Sep 2020 02:07:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/vHXTFkRM/300x250-1.jpg
200 OK 70 kB URL HTTP/2 i.pixxxels.cc/vHXTFkRM/300x250-1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 300x250, components 3\012- data
Hash e626d6fbdefe1efa3d29716170fc3ab3
362be2622a0cb516d467307053bf44e50b668329
fd4ccd7a62add89fb12a11e9aba14cedc5692a5b2e760c44a6eb2169c7684792
GET /vHXTFkRM/300x250-1.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 69734
last-modified: Thu, 10 Sep 2020 02:14:07 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/G2QwT0xm/tastytwink-300x250.jpg
200 OK 121 kB URL HTTP/2 i.pixxxels.cc/G2QwT0xm/tastytwink-300x250.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:11:15 22:17:38 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-1, spot sensor temperature 4323621993986912157696.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 17865603613018928936124416.000000], baseline, precision 8, 300x250, components 3\012- data
Size 121 kB (120689 bytes)
Hash c23f602b7e933d55fd0ef54ff32057f9
e7f7cb802a66bcdc5a1b2884866f5f6a2c64fc80
d4b51924c5228baa243f0ab5d9c67d3b73cd6001100bfb69dfab1a1187b20b95
GET /G2QwT0xm/tastytwink-300x250.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 120689
last-modified: Thu, 10 Sep 2020 02:37:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/x88f0TV2/txxxm-300x250.jpg
200 OK 121 kB URL HTTP/2 i.pixxxels.cc/x88f0TV2/txxxm-300x250.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:11:14 04:12:31], progressive, precision 8, 300x250, components 3\012- data
Size 121 kB (121375 bytes)
Hash 946e7ea8fe50835fbb8c5d4f403ab0e6
77c2ff02a7f52236618b3accc85a06a673479483
056327c96376b5e11efb8e35adfbd4a7230468920e78178234599cd1b730b662
GET /x88f0TV2/txxxm-300x250.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 121375
last-modified: Thu, 10 Sep 2020 02:54:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 557f9c7dc41359283d09dcc72de70b2e
4f991d9f5ca1c967f8e16b1481bad51f51dbca60
87c0209ef52dfd63b4f401515f94322ec39410217692e82db875f5d45a1e2783
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:39 GMT
Last-Modified: Wed, 05 Oct 2022 17:21:48 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rckkB_F4pGyYPPQeGP5j1b8_WLCWo68Blkfe1xI4Oi6P1HvToEhJpw==
Age: 4911
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 1.3 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash 1bf0f0cc0a3fa68af46e1929230bea49
d50aff1aea8a2efb147162556bbdb081f348ff53
0624e19ba52e868ebb9aa6efa81b6e52e8c5b08be93ac4f74d9f4f5fa8cc103c
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 1.3 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash b273e28cc559183f2219438aa6d51288
3fcbee1626a3077351f5413f376141b364d1001f
248160bf87cd325a37fb1ef7399371a1d5a80b4dff02dddf376cd2dbef58cfd8
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/c/b/cbe034c7383eaeb3017107b8bbbd84c3.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/c/b/cbe034c7383eaeb3017107b8bbbd84c3.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash 07f5f719e7c1691e370c92283953e056
43916e5ace837d89dffaa671856e7bbc0de49664
33056e7a295385655688ce2b317eee06038c0b24cd0483f151a4744e557bcde1
GET /html/c/b/cbe034c7383eaeb3017107b8bbbd84c3.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 22:25:12 GMT
etag: "07f5f719e7c1691e370c92283953e056"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GCcSQsFDtDt-fsVRvYaOvS6OTvjejIWe_wIkFbV9IELRg7UW40wH1A==
age: 166338
X-Firefox-Spdy: h2
i.pixxxels.cc/fbyBjGsb/joeschmoevideos-300x250.gif
200 OK 152 kB URL HTTP/2 i.pixxxels.cc/fbyBjGsb/joeschmoevideos-300x250.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 152 kB (151681 bytes)
Hash 8aa89cc40bc6c28f41905ad5d28b3237
da9de507dcc13c7062b64d06bf34b1ab820d3f9d
1129a63f0aaeba7b7b807ba318ec2a86ad390de81cb2a8b953684c3b32ec397f
GET /fbyBjGsb/joeschmoevideos-300x250.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 151681
last-modified: Thu, 10 Sep 2020 02:46:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 6f159ff7-3de3-4aea-a1b1-659ff0637fa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8u2EbCIAMFfuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f8-0ae426a8413909ff68b8bea2;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Br7k-PbD6HunruiBVWGRFLwagPcPn40Aght-urDTIjkfPqb_u5X4gQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:49:43 GMT
age: 75236
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.pixxxels.cc/tT0M09yf/VRBGay-428x856-0002.gif
200 OK 236 kB URL HTTP/2 i.pixxxels.cc/tT0M09yf/VRBGay-428x856-0002.gif
IP
File type GIF image data, version 89a, 400 x 800\012- data
Size 236 kB (235649 bytes)
Hash 00b4f5f4cf5ecf1b0acb9fda9f03e97b
57349e3b529af6830d6e1d960f2d2ce9b0b07490
ae5a75e82c60fbe401d515648500a816ff285527f513f86fe87df535a5a9eedb
GET /tT0M09yf/VRBGay-428x856-0002.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 235649
last-modified: Mon, 08 Mar 2021 10:52:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vCFiT9h9qi4NDfagFOWuMY5rF0uXVe3LA6DHK7X7XKkZle-AKpHOEw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 05:42:18 GMT
age: 46881
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/3/3/330a66f00153e4ee6155113c8f69ac6e.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/3/3/330a66f00153e4ee6155113c8f69ac6e.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash a40f2bf5b8dea501c75a92f1f3924fc4
9079abcbd94b36f9e705fa74f12f858041676714
d21f1f97a5d9bc293e3e893f92a6225e8f51d3c7b094271d3f4a2b2f24d16b21
GET /html/3/3/330a66f00153e4ee6155113c8f69ac6e.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 21:13:02 GMT
etag: "a40f2bf5b8dea501c75a92f1f3924fc4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -e0_mlGztud4JNOgXZkt4qlNP2VxGfYYbZr6e6EpwOrR8ZRW-6Y1IA==
age: 166338
X-Firefox-Spdy: h2
i.pixxxels.cc/nh4JfQ9m/boypissing-300x250.jpg
200 OK 96 kB URL HTTP/2 i.pixxxels.cc/nh4JfQ9m/boypissing-300x250.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2018:11:13 23:51:18], progressive, precision 8, 300x250, components 3\012- data
Hash 430d35274575d0ead7185252925991a1
918fb04ea224df1264ebca7886a081ba248570d6
fe5adc46a8dbba1397d924e5a773e923946a95a7b8d9ad3458ef11cd38518f9d
GET /nh4JfQ9m/boypissing-300x250.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 95729
last-modified: Thu, 10 Sep 2020 02:59:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 05:36:15 GMT
age: 47244
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.pixxxels.cc/sXNF4Yqk/300x250-2.gif
200 OK 53 kB URL HTTP/2 i.pixxxels.cc/sXNF4Yqk/300x250-2.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Hash bda4f8e9d95a3b0fbf3cc7e23c3e2d29
608ef12039a7ed7e67e6fc4b122b84f4ef873a89
e2a4e8fd0abf016e106a8025da8b7734e5618457b0f0cf5dd1f295cd553b9241
GET /sXNF4Yqk/300x250-2.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 53152
last-modified: Thu, 10 Sep 2020 03:03:47 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m39EdyuRmNm-VelvlSbWiDofANXkqLQmdnmYkXJQ6wFduyEROVZMfQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 00:09:23 GMT
age: 66856
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.pixxxels.cc/4yV4DBy4/6eb7b752c24b9983f97a267a256487671036446.jpg
200 OK 29 kB URL HTTP/2 i.pixxxels.cc/4yV4DBy4/6eb7b752c24b9983f97a267a256487671036446.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash f4c4bd30120a5f660bcf60a4437f62d5
bd89f24d276e0a99bd81d82a4ee4d51114f15bb3
e2db8bb536c2ccfb6c25578def4a68b7cd75fccc6b36e9ccbebb3411fe509aa9
GET /4yV4DBy4/6eb7b752c24b9983f97a267a256487671036446.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 28981
last-modified: Tue, 29 Jan 2019 04:39:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/yNtH2Z13/Webcam-Resource-Gay-500-x-312.jpg
200 OK 28 kB URL HTTP/2 i.pixxxels.cc/yNtH2Z13/Webcam-Resource-Gay-500-x-312.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 500x312, components 3\012- data
Hash 30326a2e7d3281d61bcaecf957a2a143
f79866bd29693fd7f713392fd6566fe0e6677c69
e53714e469a5b3a40fd472aab2b77163ce809f267858135089933b254ff61446
GET /yNtH2Z13/Webcam-Resource-Gay-500-x-312.jpg HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/jpeg
content-length: 27633
last-modified: Mon, 12 Jul 2021 06:47:18 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creativesumo.com/jpg/6/9/69ffc24b9c547528ff829e322d140a1d.jpg
200 OK 258 kB URL HTTP/2 cdn.creativesumo.com/jpg/6/9/69ffc24b9c547528ff829e322d140a1d.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size 258 kB (257723 bytes)
Hash 69ffc24b9c547528ff829e322d140a1d
d55d01027cb4bac6d676c3bc2e8fb2dcf4e8fbcd
7a026a48757dc8ae6121cbf2c2a3062de4c563ff254fafaa06050b57912aa8c4
GET /jpg/6/9/69ffc24b9c547528ff829e322d140a1d.jpg HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 257723
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 26 Jun 2019 20:58:44 GMT
etag: "69ffc24b9c547528ff829e322d140a1d"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ps5qvpFQhKRvO_gKcoMS0tz8DBz4YO6sjtP4Qtx4gNjstx1EYqUJug==
age: 166338
X-Firefox-Spdy: h2
i.pixxxels.cc/1RBsfFvr/250x250.gif
200 OK 37 kB URL HTTP/2 i.pixxxels.cc/1RBsfFvr/250x250.gif
IP
File type GIF image data, version 89a, 250 x 250\012- data
Hash 5b164719b1141d6fe9e2ce4fa2401c1b
8f24ba6a4b032a7a76bc0a77bf59b6c717e252e4
c3a7da483fefc2d067919ba19987d8ac70b652a0b408d18a0733fb2589dbc554
GET /1RBsfFvr/250x250.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 37371
last-modified: Thu, 10 Sep 2020 02:27:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 23:26:49 GMT
age: 69410
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 252 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Size 252 kB (252510 bytes)
Hash 327fc3fc88b3faf9d74d33ea1fab6200
598108feb8949fa56895072d8beb38346018179e
ee7ac2fe622bab3c0a6e03515c80accd8f196e0b19a0e12005f30effb7e30c76
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
i.pixxxels.cc/wv2ztPNR/19512793.gif
200 OK 761 kB URL HTTP/2 i.pixxxels.cc/wv2ztPNR/19512793.gif
IP
File type GIF image data, version 89a, 300 x 300\012- data
Size 761 kB (760704 bytes)
Hash 70914a46ccffdb579ece24cc993ebac2
6679d6662ca5c1befb7787b1e2a3381553866122
046d5cac7def9604261bc19c05504b646231f5a4ddc09a1399e51934f2e0fbd8
GET /wv2ztPNR/19512793.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 760704
last-modified: Thu, 29 Nov 2018 06:13:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _oDerz6voZ-vYcCIvl9-7nKGybq0ksYbL10K2qo6C4nQsRyx7rKIuA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:54 GMT
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
age: 72045
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.creativesumo.com/html/7/5/758284925ba09cb32d9dd8cb9f9a1d5c.html
200 OK 982 B URL HTTP/2 cdn.creativesumo.com/html/7/5/758284925ba09cb32d9dd8cb9f9a1d5c.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (521)
Hash 6b41c39966246b4b8773527e7c56e90f
1ecfc5c03109021c3795952c9b02b972b45e5a11
4ebb386d2979b2fdc5451bf5f95ba2ca35c7cb38f07b3bd7640124a9ea384f65
GET /html/7/5/758284925ba09cb32d9dd8cb9f9a1d5c.html HTTP/1.1
Host: cdn.creativesumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 982
date: Mon, 03 Oct 2022 20:31:22 GMT
last-modified: Wed, 16 Feb 2022 21:44:56 GMT
etag: "6b41c39966246b4b8773527e7c56e90f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yI5Bj15HR6-g1nYxDX2kSw9IlZALxZJ2LHp6t3DPj0kRyODS872zkA==
age: 166339
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 2.7 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash f13d06c6da39420c369d0a5282729b24
246da9514102dfb63b4c058613ebb384414178e1
5571996ba9a4b5ff864e2042fafc25924e3b8108aa986184eb3f3bded55033a8
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash bbbc982e161dad1b4fbbd9d29ea9aaf7
6e0b61a930b889fcc00e431a4ef7bc567d5d7576
cdf93dec51107db0a4c7a59935b02c1b7e055fee1f11b39cb7abf3408c374862
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 05 Oct 2022 18:43:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 04 Oct 2022 23:00:43 GMT
Expires: Wed, 05 Oct 2022 23:00:43 GMT
ETag: "6e0b61a930b889fcc00e431a4ef7bc567d5d7576"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196430.896
200 OK 2.0 kB URL HTTP/1.1 wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196430.896
IP
File type HTML document, ASCII text, with very long lines (372)
Hash 865c13b526eb4c7df8dd0d0e92b3c72d
a8859b6f785bb56c46f863c5a3520f5942c24db7
a72a26affc89b165b7f47d589bb101b0b5531ca62e123ebd1b220b13277b26e0
GET /banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTIsInAiOjIsImIiOjI0NTMsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196430.896 HTTP/1.1
Host: wct.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript
content-length: 1970
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
access-control-allow-headers: x-requested-with
set-cookie: RNLBSERVERID=ded4077; path=/
x-request-id: 633DD05B-D812A8A101BBDE83-12263A
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196910.514
200 OK 2.0 kB URL HTTP/1.1 wct.click/banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196910.514
IP
File type HTML document, ASCII text, with very long lines (372)
Hash 92a77f042d403578fbf6ccb024133291
63a0f3ecad53606a93d24f3c5c15978ab24f81f2
b38cabaef62f5d23db6378c79fad758d5547dcfe1c2c2e83ecc4ad2068bb1c47
GET /banner/ads.js?data=eyJhIjoxNDExNSwibyI6NTgsInAiOjIsImIiOjI2MzEsInciOjMxNSwiaCI6MzAwfSAg&_id=16649954196910.514 HTTP/1.1
Host: wct.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: application/javascript
content-length: 1970
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
access-control-allow-headers: x-requested-with
set-cookie: RNLBSERVERID=ded4077; path=/
x-request-id: 633DD05C-D812A8A101BBDE83-122640
ocsp.usertrust.com/
200 OK 471 B IP
Hash 496b860584a289d91b669b26c6d2b52f
98d2aaa56ccbcd75a4e13b33e65a8d41bf76e44f
67028659865cbeaa764f07418039133c7c396f5f00b55ecb5f13abc22e972bb4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 15:35:10 GMT
Expires: Mon, 10 Oct 2022 15:35:09 GMT
Etag: "98d2aaa56ccbcd75a4e13b33e65a8d41bf76e44f"
Cache-Control: max-age=603513,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 279
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75584de148570b39-OSL
s1.wlresources.com/vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892
200 OK 52 kB URL HTTP/2 s1.wlresources.com/vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 41226503a6a61f53743c373ec84d0de9
016f3580836db75e3c2ed40b57d585fc50a1b3ee
4bab576b4023e239a5257011a5f1983b8109ec7a22c5793fa4976ff8dd0f554f
GET /vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 14 Jan 2022 15:58:59 GMT
etag: W/"61e19dc3-2afb7"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ejo7FLBinhEmWCU%2BccuV1LRYTzowAD3jc1syIq%2F4ErxEKbl2krs%2BJncZ3U9Jz%2FizJBoh22MV27fwuQww%2F5GjCbhDjsz5p4iJ%2Fol7di2qCx0gTNydZxV5i%2BzjhquQucdLLYV0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584ddf7cacb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
s1.wlresources.com/xlove/sp/js/playerHls.js?13210892
304 Not Modified 0 B URL HTTP/2 s1.wlresources.com/xlove/sp/js/playerHls.js?13210892
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xlove/sp/js/playerHls.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Wed, 10 Mar 2021 09:14:00 GMT
If-None-Match: W/"60488dd8-39b7"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 05 Oct 2022 18:43:40 GMT
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 09:14:00 GMT
etag: W/"60488dd8-39b7"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDJMzMTpfRCGiDibAffAYY1y0XcDSRVhbqqY8RmODR4cPLI9LWOMZ%2BhwmGTihDEIXFXgLFZaJf00Ci9S4QL2QH8gjCj9gyt5OsuYqrjDBAY4AW4UxKPHhF1BjI0TDQ8bZpPAQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584de2d976b503-OSL
X-Firefox-Spdy: h2
s1.wlresources.com/vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892
304 Not Modified 0 B URL HTTP/2 s1.wlresources.com/vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vendor/tool/streaming/video-js-hls-js/v0.9.1/hls.light.min.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Fri, 14 Jan 2022 15:58:59 GMT
If-None-Match: W/"61e19dc3-2afb7"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 05 Oct 2022 18:43:40 GMT
vary: Accept-Encoding
last-modified: Fri, 14 Jan 2022 15:58:59 GMT
etag: W/"61e19dc3-2afb7"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyNHKvVSf59MkOveDMAYvUP%2FsVawLtSuFGG9eUth8ZSeeMUw2N0TbIXSM8Qvc%2BanU8y0tNxbiR8kb4FttMVVMcKBq3CHU2XUUaELkPWOM3wSl8HWX6yHTrSWtI%2BFjamFpGSCBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584de2d974b503-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 8ee01f6146147d8d58942a28e498fdc0
8b0b0772fe60a6caed911dbe7845b88314553e94
13d837961d577cbad7211cf4c7f21e7a56298abbffe2d837554bc4257b63818e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:40 GMT
Last-Modified: Wed, 05 Oct 2022 17:45:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 1.3 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with CRLF, LF line terminators
Hash 7a4dcb55cbd2c73f0cc7f9b458c499a4
9d11c67c71bb5e31f48555c421eebe25960737f7
16f0acba686a8ca5fe403ff912e1e092b0796c6231e69ff9cf556e37ae7ffc7a
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
banners.cams.com/p/cams/iframead.cgi?ad=v2&pid=g1443489-pct&age_range_keys=18-35&background_color=FFFFFF&border_color=0071BC&text_color=ffffff&but_bg_clr=0071BC&but_clr=FFFFFF&m_over_bg_clr=FFFD9F&tle_fnt_size=18&width=298&height=248&genre_keys=11&preset=2&across=1&rows=1&show_title=0&sm_logo=1&show_title=0&page=bio
200 OK 2.8 kB URL HTTP/1.1 banners.cams.com/p/cams/iframead.cgi?ad=v2&pid=g1443489-pct&age_range_keys=18-35&background_color=FFFFFF&border_color=0071BC&text_color=ffffff&but_bg_clr=0071BC&but_clr=FFFFFF&m_over_bg_clr=FFFD9F&tle_fnt_size=18&width=298&height=248&genre_keys=11&preset=2&across=1&rows=1&show_title=0&sm_logo=1&show_title=0&page=bio
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (421)
Hash 6f303a497983ab0473e3a6057434c67f
e37174ee7244ab3637a45b1f623826f9cf560604
aa65103ca057c922fe8f41fe279dbb84bcb6a27424e649abe57ebe62d2d71532
GET /p/cams/iframead.cgi?ad=v2&pid=g1443489-pct&age_range_keys=18-35&background_color=FFFFFF&border_color=0071BC&text_color=ffffff&but_bg_clr=0071BC&but_clr=FFFFFF&m_over_bg_clr=FFFD9F&tle_fnt_size=18&width=298&height=248&genre_keys=11&preset=2&across=1&rows=1&show_title=0&sm_logo=1&show_title=0&page=bio HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:40 GMT
Server: Apache
Set-Cookie: cams_who=r_Zl_S8sEgHxRVzJqd3emTR1W40HkoeO.flEnLFikKjMLGBiNy4j3UTa9RZGHtYtjSVVPIElZD2QqehqnAH5ooMYQeH1sMlKhUw9pflKF1rSKzxl90yTwbHO_DxCR5NvDapQaEMYu0Q.VI3irhtHU5zdp7t5McLoC5RBlfoEKBxYM-; path=/; domain=.cams.com; expires=Fri, 04-Oct-2024 18:43:40 GMT
v_hash=_english_0; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
IP_COUNTRY=Norway; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
cams_tr=r_d.QtrULf.FLQ6sXTK16N7uDSMfSNm3d_03YyCi3zKzdafPOK82hJwISuC1JQC0u9KI8aYXC_wWWZpU71laKHYw--; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.859&country_name&Norway&lat&59.955®ion_name&Oslo+County&country_code&NO®ion&03&state&&city&Oslo&postal_code&0028&latitude&59.955&lon&10.859&dma_code&&country_code3&NOR; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
HISTORY=20221005-1-Dk; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
AB_TRACKING=LANB1jBhKp8SyWf7vxRnTx; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
throttling={"time":1664995420,"AppD":1,"GTM":0}; path=/; domain=.cams.com; expires=Fri, 04-Nov-2022 18:43:40 GMT
X-PERF: 0.079230,0.014038,TS_2_0.0002530,DB_12_0.0085080,TM_15_0.0354500,CD_28_0.0184240,FS_5_0.0003740,PK_3_0.0000670,CE_19_0.0021160
Strict-Transport-Security: max-age=300; includeSubDomains
P3P: CP="DSP LAW"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2810
Content-Type: text/html;charset=UTF-8
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12288
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:40 GMT
Connection: keep-alive
ocsp.usertrust.com/
200 OK 471 B IP
Hash 496b860584a289d91b669b26c6d2b52f
98d2aaa56ccbcd75a4e13b33e65a8d41bf76e44f
67028659865cbeaa764f07418039133c7c396f5f00b55ecb5f13abc22e972bb4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 15:35:10 GMT
Expires: Mon, 10 Oct 2022 15:35:09 GMT
Etag: "98d2aaa56ccbcd75a4e13b33e65a8d41bf76e44f"
Cache-Control: max-age=603513,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 279
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75584de2da400b39-OSL
aweproto.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=teen&ms_notrack=1&subAffId={SUBAFFID}
200 OK 2.6 kB URL HTTP/2 aweproto.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=teen&ms_notrack=1&subAffId={SUBAFFID}
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type ASCII text, with very long lines (1831)
Hash 5ce0ff14705b944d29a91781cc21dfe5
b55ce76b65a09ab297a183997636f13ca3b4cb86
ee33d0fe7f95804f4bfba382d61fcc89d148b5aebf17aff7b432acf7b74c9102
GET /embed/lf?c=object_container&site=jasmin&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=teen&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1
Host: aweproto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:38 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:38 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 871 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561)
Hash 4baa7af464ce0e685906a5d7f73aff4c
d53cb0eeb398c1fb2f3a7d6b477883b5b3d644b4
8f4a691003f1cc13cdda05480f56bc68a9e1e47f55f185006ffee87cb9666a40
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12288
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12288
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:40 GMT
Connection: keep-alive
www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_09_en.gif
404 Not Found 8.9 kB URL HTTP/1.1 www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_09_en.gif
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3406)
Hash 75da052659f4e582e185fd3e4b7fe155
877051a6de93753be3c069c2173f779d5c5f2ac1
90e7efaffd21de2663fb5317688b449386b0a96456cbb14a6882ccc3cc722317
GET /prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_09_en.gif HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995421; expires=Sat, 02-Oct-2032 18:43:41 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
csrf=rMCINjcXRmle9SqF; path=/; secure; HttpOnly; SameSite=Lax
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995421; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
Content-Encoding: gzip
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5
301 Moved Permanently 202 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995421; expires=Sat, 02-Oct-2032 18:43:41 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995421
X-RedirectFrom: URL diff
Location: /us/models/gays/
X-WebFrom: p-86
x-cdn-region: eu-nl
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=4
301 Moved Permanently 202 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=4
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=4 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995421; expires=Sat, 02-Oct-2032 18:43:41 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995421
X-RedirectFrom: URL diff
Location: /us/models/gays/
X-WebFrom: p-86
x-cdn-region: eu-nl
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=1
301 Moved Permanently 202 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=1
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=1 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995421; expires=Sat, 02-Oct-2032 18:43:41 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995421
X-RedirectFrom: URL diff
Location: /us/models/gays/
X-WebFrom: p-86
x-cdn-region: eu-nl
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c4fe8eef8b1d595a7e4eb1d51c95ac4
3edae39f64c1b266e0ef2da62aa4590f73246548
1cfb5bdd00feb19ca009aa374c4829c4cca0568d5fb4dcfeef18728ce33919c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CFB5BDD00FEB19CA009AA374C4829C4CCA0568D5FB4DCFEEF18728CE33919C8"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7939
Expires: Wed, 05 Oct 2022 20:56:00 GMT
Date: Wed, 05 Oct 2022 18:43:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c4fe8eef8b1d595a7e4eb1d51c95ac4
3edae39f64c1b266e0ef2da62aa4590f73246548
1cfb5bdd00feb19ca009aa374c4829c4cca0568d5fb4dcfeef18728ce33919c8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CFB5BDD00FEB19CA009AA374C4829C4CCA0568D5FB4DCFEEF18728CE33919C8"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7609
Expires: Wed, 05 Oct 2022 20:50:30 GMT
Date: Wed, 05 Oct 2022 18:43:41 GMT
Connection: keep-alive
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 9.7 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3406)
Hash c6d8a94214c40738f68c02e948fb5270
95da7aca652c0b55cc8d4eca870dbcbf6f79a7d5
afcecdd0d9864dc61314fa0e9f2fe23572fe3c5d129113678a32f38922013390
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_10_en.gif
404 Not Found 8.9 kB URL HTTP/1.1 www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_10_en.gif
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3406)
Hash e1e87a1f56a39e7c9ddddedf529997c3
83a42f7e0548b18e30056da0506bdcaeb18c22ce
184bdff20cc6894bff527a54ddd5284d823b0e980e45b848833bd857a73f508b
GET /prm/banner/?id_affilie=11692&path=xlovegay/300x250/en/300x250_xlovegay_10_en.gif HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995421; expires=Sat, 02-Oct-2032 18:43:41 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
csrf=Wu2nqgH4SbRmaFpA; path=/; secure; HttpOnly; SameSite=Lax
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995421; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1a3dfbab1577e382436e5d49a8568823
c2f6b68c921c046b1a575167f642b3da6e03b9a8
7230ad50a6a1753a3fb00c3efb60ef37166b9fbc4abd5c5a7037ee39ffad5d00
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:41 GMT
Last-Modified: Wed, 05 Oct 2022 18:20:07 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U0L_JP6EasaPJZ2BfsSohVMr5GDG6BQEcfyy6jH7fNKldemaZAUnig==
Age: 1414
banners.cams.com/banners/streamray/live/banner.html?w=300&h=250&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FCKwyLqMy%2FHeader-Blank.jpg&a=02&c=0&md=any&cb=elitecams.streamray.com
200 OK 395 B URL HTTP/1.1 banners.cams.com/banners/streamray/live/banner.html?w=300&h=250&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FCKwyLqMy%2FHeader-Blank.jpg&a=02&c=0&md=any&cb=elitecams.streamray.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f39b3c7ce04b702a4b386c3207df9cc5
6be791d03e9cefb520eb082bf2ffd9845b6f67fb
fdeea5e7dcd11fcd818fef43eea076a778a6abfba06576407cda22f598e2ebe1
GET /banners/streamray/live/banner.html?w=300&h=250&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FCKwyLqMy%2FHeader-Blank.jpg&a=02&c=0&md=any&cb=elitecams.streamray.com HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:41 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Wed, 16 May 2018 20:46:41 GMT
ETag: "1cb70-40f-56c58d0e2ce40"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 395
Content-Type: text/html
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
cdn.banhq.com/mp4/b/7/b74bbb6c967c448efdae1a4e41467217.mp4
206 Partial Content 1.6 MB URL HTTP/2 cdn.banhq.com/mp4/b/7/b74bbb6c967c448efdae1a4e41467217.mp4
IP
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 1.6 MB (1559836 bytes)
Hash b74bbb6c967c448efdae1a4e41467217
69cde907148614c0925ca61905cace74e373401a
30f2ed41951a17163db48064c09ad6a9e9d4f953b0a3985f9ab05a297c0a4ecd
GET /mp4/b/7/b74bbb6c967c448efdae1a4e41467217.mp4 HTTP/1.1
Host: cdn.banhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://cdn.creativesumo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 1559836
date: Mon, 03 Oct 2022 20:31:23 GMT
last-modified: Thu, 24 Jan 2019 18:10:45 GMT
etag: "b74bbb6c967c448efdae1a4e41467217"
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-1559835/1559836
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dmmc0rWHo2XKWcDNmR09UoReOfNmJQWzAq8O4IykYZ1GNRM5MS1pVA==
age: 166339
X-Firefox-Spdy: h2
bngpt.com/promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male
200 OK 1.0 MB URL HTTP/2 bngpt.com/promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male
IP
ASN #48684 Viking Host B.V.
Size 1.0 MB (1027186 bytes)
Hash 512de4815a6e9a7ee19464094330b2cb
29b00793d799bc8914c2eaae9c638aa05f71e996
ddf97b386575b7dadd958a8a42fd978b81cb7fcdb47d34b403123e48e671a39b
GET /promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male HTTP/1.1
Host: bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Wed, 05 Oct 2022 18:43:39 GMT
x-bcs: ded7383
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8ca46b8e5c5674084ce257e3100b952e
e7f5ef02fdcaea63198b50a0982e90af8cbeb69f
8a598c66e9d5134369f219ff3814e344aa2410254e33405728c7d59285821951
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 03:10:59 GMT
Expires: Mon, 10 Oct 2022 03:10:58 GMT
Etag: "e7f5ef02fdcaea63198b50a0982e90af8cbeb69f"
Cache-Control: max-age=375436,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75584de96c18b529-OSL
www.xlovecam.com/js/ads.js
200 OK 4.2 MB URL HTTP/2 www.xlovecam.com/js/ads.js
IP
ASN #47836 SC Web Software Development SRL
Size 4.2 MB (4247617 bytes)
Hash 151159c2e4bddc75b2d4851e22e45f55
115108ac305db81d31c0d4db63642ab15a745618
51f6bb008ecdc30f3322f81e93e5074340c79b85348647fdde8c390f0194f7f1
GET /js/ads.js HTTP/1.1
Host: www.xlovecam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Mar 2018 07:03:00 GMT
etag: W/"15-56759f7299100"
x-webfrom: p-83
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
bngpt.com/promo.php?c=345596&type=banner&size=300x250&name=g_banner
200 OK 411 B URL HTTP/2 bngpt.com/promo.php?c=345596&type=banner&size=300x250&name=g_banner
IP
ASN #48684 Viking Host B.V.
Hash eee4e9ed37be3ac1589284652a9e5b5c
7945a69db0b3f7c64f7780c66c6835fb098f2fc4
f81d12066b562b6e29690a47133fac2ce51d7d8b0f2bd3d33c7470f9563942d1
GET /promo.php?c=345596&type=banner&size=300x250&name=g_banner HTTP/1.1
Host: bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Wed, 05 Oct 2022 18:43:39 GMT
x-bcs: ded7384
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
X-Firefox-Spdy: h2
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:41 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10446142
X-HW: 1664995421.dop219.sk1.t,1664995421.cds009.sk1.shn,1664995421.cds009.sk1.c
Access-Control-Allow-Origin: *
s1.wlresources.com/prm/v3/css/livewebcam.css?13210892
200 OK 5.0 MB URL HTTP/2 s1.wlresources.com/prm/v3/css/livewebcam.css?13210892
IP
File type ASCII text, with very long lines (1977)
Size 5.0 MB (5016614 bytes)
Hash 81c3516c8fde3b2b07212f8ae5dc2ba4
d4ec1cade9c9ed92276972193a3951e6de68adbe
d7a2d977fa1a7568fa136606bfa3338ab5a774ec9f790746693bbc4c1ef477ed
GET /prm/v3/css/livewebcam.css?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/css
last-modified: Fri, 14 Jan 2022 15:59:30 GMT
etag: W/"61e19de2-7ba"
expires: Mon, 09 Jan 2023 21:52:39 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: MISS
timing-allow-origin: *
cf-cache-status: HIT
age: 2062261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXM3YGYUEyjH%2FE0YPoja5qDcRqWmfR3MpDLMxcEodqmdABl3vk7x5mK%2BhSGLCo8bfj3Q%2BHr9jaJXao4Bj1t1MqwH%2BAYQQtXXzfN4G28X9GMAy8tX%2F0bkSElTXZQ3i1no2DjtIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584de00d98b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 8ee01f6146147d8d58942a28e498fdc0
8b0b0772fe60a6caed911dbe7845b88314553e94
13d837961d577cbad7211cf4c7f21e7a56298abbffe2d837554bc4257b63818e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:42 GMT
Last-Modified: Wed, 05 Oct 2022 17:45:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
cdn.x1cdn.com/wc/banner/d/c/9/4/a/dc94aed94a1fabc833692ad6be37471a.gif
200 OK 122 kB URL HTTP/2 cdn.x1cdn.com/wc/banner/d/c/9/4/a/dc94aed94a1fabc833692ad6be37471a.gif
IP
File type GIF image data, version 89a, 315 x 300\012- data
Size 122 kB (122466 bytes)
Hash e1844c448302d0b8adbc1eec09f9895a
7e894a50b47115cdac11af589dad68006c92f5c2
3721c106c8ba8b686157a6f1d0d75af45f1cebd3fdb0dbc09da69a8bc6cbb3ae
GET /wc/banner/d/c/9/4/a/dc94aed94a1fabc833692ad6be37471a.gif HTTP/1.1
Host: cdn.x1cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:41 GMT
content-type: image/gif
content-length: 122466
last-modified: Tue, 20 Oct 2015 10:34:10 GMT
etag: "106313f21-1de62-52286cd5dec80"
expires: Sat, 28 Jan 2023 14:27:32 GMT
cache-control: max-age=10431655
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-16842-h-0-0---;7619-44-17043----0-0-1
X-Firefox-Spdy: h2
cdn.x1cdn.com/wc/banner/1/e/5/6/3/1e5639b38c6b933c9c6a9a350e2ec9ea.gif
200 OK 135 kB URL HTTP/2 cdn.x1cdn.com/wc/banner/1/e/5/6/3/1e5639b38c6b933c9c6a9a350e2ec9ea.gif
IP
File type GIF image data, version 89a, 315 x 300\012- data
Size 135 kB (135134 bytes)
Hash bb6a74bf7342f7f2fa06db72d65c90a4
61e53199cde1c054c7b1d3e8c3f1a254d12da104
42bc0b3cc3da0562494d02fefa0c1d2952e8b3bdc3e4fcecae2f80b5b648acab
GET /wc/banner/1/e/5/6/3/1e5639b38c6b933c9c6a9a350e2ec9ea.gif HTTP/1.1
Host: cdn.x1cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: image/gif
content-length: 135134
last-modified: Tue, 20 Oct 2015 10:45:06 GMT
etag: "106314499-20fde-52286f477b080"
expires: Tue, 26 Apr 2022 01:21:26 GMT
cache-control: max-age=10781770
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-1-9276-h-0-0---;7619-28-17043----0-0-0
X-Firefox-Spdy: h2
banners.cams.com/images/cams/css/header.css
200 OK 659 B URL HTTP/1.1 banners.cams.com/images/cams/css/header.css
IP
File type ASCII text, with CRLF line terminators
Hash 91847129ba975b7d6560f84bd86ea57b
cca79bc6ceaa5ab0465b633e8b074ce63e9e58ad
2189951aa95d4c839c8ebea7ebce4b6a8f1a01c0cb02e8a1f15cb084a5ad754b
GET /images/cams/css/header.css HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/p/cams/iframead.cgi?ad=v2&pid=g1443489-pct&age_range_keys=18-35&background_color=FFFFFF&border_color=0071BC&text_color=ffffff&but_bg_clr=0071BC&but_clr=FFFFFF&m_over_bg_clr=FFFD9F&tle_fnt_size=18&width=298&height=248&genre_keys=11&preset=2&across=1&rows=1&show_title=0&sm_logo=1&show_title=0&page=bio
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:42:08 GMT
Server: Apache
ETag: "2c30cb64-1294-50d970b751ac0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Tue, 27 Jan 2015 00:07:47 GMT
Content-Encoding: gzip
Content-Length: 659
Content-Type: text/css
Age: 93
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
s1.wlresources.com/prm/v3/js/app/widget.js?13210892
200 OK 21 kB URL HTTP/2 s1.wlresources.com/prm/v3/js/app/widget.js?13210892
IP
File type ASCII text, with very long lines (640)
Hash 97a0d441134c7da5eff73832bc898cb0
2370d324940802e9a2b6a7fc7b1c04b28208fed7
43afa0904c321e610a7d6227fa205c3f2ce0877459525faf6ff54e593dc3b9c3
GET /prm/v3/js/app/widget.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Mon, 10 Jan 2022 15:51:00 GMT
etag: W/"61dc55e4-10f1f"
expires: Thu, 22 Dec 2022 19:51:02 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: MISS
timing-allow-origin: *
cf-cache-status: HIT
age: 3624758
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDPzvdqoy4kpTsynNEV1b6HCJe3KeBrLadj2FDLTiDhI3HTu0wt6NG6z7BiUr63ynS0Vsg6f%2Bo6HIjKN2izkCLls4evQmhIoFDfeR8Sk1mHhx9fd%2BP4D7uDmIOlNUJgR7TRKSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584ddf8cadb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/a7/creatives/12/86/814795/1037568/1037568_logo.png
200 OK 7.5 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/12/86/814795/1037568/1037568_logo.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash aa0c5b7a6cfad8d1dcc4a8c916220d32
f72e76b14a36fb133b883fdadbf478a04283716c
c009de6701320ae4e548d4c09a22e5aa9b6526908e729394209f2f7718115823
GET /a7/creatives/12/86/814795/1037568/1037568_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: Keep-Alive
ETag: "1658072880"
Content-Length: 7491
Content-Type: image/png
Last-Modified: Sun, 17 Jul 2022 15:48:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10641818
X-HW: 1664995421.dop015.sk1.t,1664995422.cds067.sk1.shn,1664995422.dop015.sk1.t,1664995422.cds020.sk1.c
Access-Control-Allow-Origin: *
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 3.7 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash de833dc9b104816808178ebfcc7e72a7
afaa8f93f6513c3a42367dcfe58d2be73557707e
af15aacfd42914411aaaee2ca40f8b2cc25023c065e7d8a5b5b4e478c32dfbab
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&zoom_lvl=5&cat=9
301 Moved Permanently 226 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&zoom_lvl=5&cat=9
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 23e0c31fc2837ce5a7d9e346414b4a5b
26ee2fef4dd5495790c89eaae01e18288a6d1ac7
6cdbba455113f36242027cb85b74b94a1f4a4b005ded06e435a72f64615b7441
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&zoom_lvl=5&cat=9 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995422
X-RedirectFrom: URL diff
Location: /us/models/gays-couples/
X-WebFrom: p-86
x-cdn-region: eu-nl
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=2
301 Moved Permanently 202 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=2
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=2 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995422
X-RedirectFrom: URL diff
Location: /us/models/gays/
X-WebFrom: p-86
x-cdn-region: eu-nl
www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=3
301 Moved Permanently 202 B URL HTTP/1.1 www.xlovegay.com/prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=3
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /prm/livewebcam/?id_affilie=11692&cf=E0F2FA&cc=55C6F6&ct=755B6E&cat=7&zoom_lvl=5&che=3 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 11061x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995422
X-RedirectFrom: URL diff
Location: /us/models/gays/
X-WebFrom: p-86
x-cdn-region: eu-nl
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 3.6 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (561), with CRLF, LF line terminators
Hash 8141c59f13e854f29c123b27b9d29103
6975e26395ff118ee0f40ea96908ef78de28fe75
e7fa042014543696597e159fbc2f4e9cb0188bc7320a3f0b8d52eb364c71bd81
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
chaturbate.com/topembed/male/?join_overlay=1&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
302 Found 471 B URL HTTP/2 chaturbate.com/topembed/male/?join_overlay=1&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
GET /topembed/male/?join_overlay=1&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Cookie: __cf_bm=X7qKcfOIKYGSSWvJTdrxB99N8vpcKo.0DZfKio6jkI4-1664995421-0-AfDoXuUjcC/8mBxA8+kYp2VWnKKV3ZVKMborcLa/mOP5UnLy4CIPT+VtpEWFulJr6mDU/UiCaneA5nzJTrfXV2c=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html; charset=utf-8
location: /embed/antoniovalentinidiamond/?join_overlay=1&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
set-cookie: stcki="pOtSwZ=0\054FqPd9a=0\0546pduSG=0\054aDBbcK=1"; expires=Fri, 04-Nov-2022 18:43:42 GMT; Max-Age=2592000; Path=/
affkey="eJyrVipSslJQyigpKSi20tevyMkvS01PrEzKyU/XAxHFBfklesn5ufpKtQBGSw9f"; Domain=.chaturbate.com; expires=Fri, 04-Nov-2022 18:43:42 GMT; Max-Age=2592000; Path=/
sbr=sec:sbrf00b6c6c-7599-43c9-8b46-c599ead039b6:1og9Ms:PaJXRtslnQXrghf8GcTcEEX81bg; Domain=.chaturbate.com; expires=Mon, 30-Jun-2025 18:43:42 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75584deb5f62b4f3-OSL
X-Firefox-Spdy: h2
gunzblazingpromo.com/iframe/aub/?w=108198&c=&tr=_blank&width=250&height=250&selectedSites=selectedSites%3A169%7CAmateurs+Do+It%3A192%7CAmerican+Muscle+Hunks%3A186%7CAndys+Aussie+Boys%3A17%7CBang+Bang+Boys%3A124%7CClub+Jason+Sparks%3A129%7CDads+Fuck+Lads%3A39%7CDark+Thunder%3A125%7CDirty+Boy+Society%3A106%7CFresh+SX%3A197%7CFun+Size+Boys%3A198%7CGaycest%3A195%7CGrowl+Boys%3A16%7CHot+Barebacking%3A142%7CIron+Lockup%3A156%7CJalif+Studio%3A126%7CJason+Sparks+Live%3A185%7CJock+Pussy%3A181%7CRawFuckBoys%3A69%7CStag+Homme+Studios%3A134%7CTeens+And+Twinks%3A41%7CThug+Orgy%3A133%7CTribal+Twinks%3A31%7CTwinks%3A93%7CTylers+Room%3A170%7CWank+Off+World&niche=3
500 Internal Server Error 25 B URL HTTP/1.1 gunzblazingpromo.com/iframe/aub/?w=108198&c=&tr=_blank&width=250&height=250&selectedSites=selectedSites%3A169%7CAmateurs+Do+It%3A192%7CAmerican+Muscle+Hunks%3A186%7CAndys+Aussie+Boys%3A17%7CBang+Bang+Boys%3A124%7CClub+Jason+Sparks%3A129%7CDads+Fuck+Lads%3A39%7CDark+Thunder%3A125%7CDirty+Boy+Society%3A106%7CFresh+SX%3A197%7CFun+Size+Boys%3A198%7CGaycest%3A195%7CGrowl+Boys%3A16%7CHot+Barebacking%3A142%7CIron+Lockup%3A156%7CJalif+Studio%3A126%7CJason+Sparks+Live%3A185%7CJock+Pussy%3A181%7CRawFuckBoys%3A69%7CStag+Homme+Studios%3A134%7CTeens+And+Twinks%3A41%7CThug+Orgy%3A133%7CTribal+Twinks%3A31%7CTwinks%3A93%7CTylers+Room%3A170%7CWank+Off+World&niche=3
IP
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
GET /iframe/aub/?w=108198&c=&tr=_blank&width=250&height=250&selectedSites=selectedSites%3A169%7CAmateurs+Do+It%3A192%7CAmerican+Muscle+Hunks%3A186%7CAndys+Aussie+Boys%3A17%7CBang+Bang+Boys%3A124%7CClub+Jason+Sparks%3A129%7CDads+Fuck+Lads%3A39%7CDark+Thunder%3A125%7CDirty+Boy+Society%3A106%7CFresh+SX%3A197%7CFun+Size+Boys%3A198%7CGaycest%3A195%7CGrowl+Boys%3A16%7CHot+Barebacking%3A142%7CIron+Lockup%3A156%7CJalif+Studio%3A126%7CJason+Sparks+Live%3A185%7CJock+Pussy%3A181%7CRawFuckBoys%3A69%7CStag+Homme+Studios%3A134%7CTeens+And+Twinks%3A41%7CThug+Orgy%3A133%7CTribal+Twinks%3A31%7CTwinks%3A93%7CTylers+Room%3A170%7CWank+Off+World&niche=3 HTTP/1.1
Host: gunzblazingpromo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
pc180101.com/releasese/ActivePage3676.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE86977873_00000
200 OK 3.9 kB URL HTTP/2 pc180101.com/releasese/ActivePage3676.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE86977873_00000
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, ASCII text, with very long lines (700), with CRLF line terminators
Hash af90b700a31ab7c8f90e9744e86f1cf6
760acb241bc762594d12df1e0714812575a0110c
1507f75e787c84a89b636db1dbad8db78f22ad5a800578dde6ab5bdebbfd67a6
GET /releasese/ActivePage3676.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE86977873_00000 HTTP/1.1
Host: pc180101.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html
content-length: 3886
cache-control: no-cache
content-encoding: gzip
expires: Thu, 09 Jan 2020 18:43:42 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: pcsiml=LocationByIP=41%2C03%2Coslo; expires=Wed, 12-Oct-2022 00:00:00 GMT; path=/
ASPSESSIONIDQARCQARA=CDDEAAABEEJHBHFDFELEIMBD; path=/
x-powered-by: ASP20.NET
n: a2
X-Firefox-Spdy: h2
www.bugleczmoidgxo.com/cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931
200 OK 4.9 kB URL HTTP/2 www.bugleczmoidgxo.com/cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931
IP
ASN #212882 dnx network sarl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9898), with CRLF, LF line terminators
Hash bfd8211a324b6294d59cff60ab2e4e04
fcc0037348e570f3c9dd606a3ad450ea9aed642d
3bd759afe9c01e3eebdd5b944fe84d3abf35af89fc8ba33d400314c2a2e2f2c6
GET /cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931 HTTP/1.1
Host: www.bugleczmoidgxo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html; charset=UTF-8
content-length: 4887
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
x-forwarded-proto: https
X-Firefox-Spdy: h2
pc180101.com/releasese/activepage4538.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE5E5CH4FF_00000
200 OK 6.0 kB URL HTTP/2 pc180101.com/releasese/activepage4538.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE5E5CH4FF_00000
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (523), with CRLF line terminators
Hash a169bcd7027134db11c08cf351bb2e2d
c8470af3e22ace397b4197b484a01fa82cd1de0e
ecac031c6c09a328fc0b89472647fcd63e4b5c465acd16919c1f174218cd04ca
GET /releasese/activepage4538.asp?wid=126375727965&LinkID=1036&QueryID=8&promocode=BCODE5E5CH4FF_00000 HTTP/1.1
Host: pc180101.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html
content-length: 6022
cache-control: no-cache
content-encoding: gzip
expires: Thu, 09 Jan 2020 18:43:42 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: pcsiml=LocationByIP=41%2C03%2Coslo; expires=Wed, 12-Oct-2022 00:00:00 GMT; path=/
ASPSESSIONIDSASRBCQB=JEIPMPPAFFOBHJNJHGDICDCC; path=/
x-powered-by: ASP20.NET
n: a2
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12286
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.xlovegay.com/us/models/gays-couples/
301 Moved Permanently 288 B URL HTTP/1.1 www.xlovegay.com/us/models/gays-couples/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash fdd3c8aadcacabd4710060b4939e1023
deae5522fc12635458cce80149f035346256f54f
970e4e00724772183049bae7bbd36218fec844b07e3363a2b0d99f9ec133193d
GET /us/models/gays-couples/ HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
X-Redirect-Rewrite: 21x4
Content-Security-Policy: default-src 'none'; img-src 'self'; report-uri /err0r/js?ts=1664995422
X-RedirectFrom: URL diff
Location: https://xlovegay.com/us/models/gays-couples/
X-WebFrom: p-86
x-cdn-region: eu-nl
banners.cams.com/banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=M&l=https%3A%2F%2Fsecureimage.securedataimages.com%2Fimages%2Fcams%2Fbanners%2Fmicro_logo_new.png&c=0&md=any
200 OK 395 B URL HTTP/1.1 banners.cams.com/banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=M&l=https%3A%2F%2Fsecureimage.securedataimages.com%2Fimages%2Fcams%2Fbanners%2Fmicro_logo_new.png&c=0&md=any
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f39b3c7ce04b702a4b386c3207df9cc5
6be791d03e9cefb520eb082bf2ffd9845b6f67fb
fdeea5e7dcd11fcd818fef43eea076a778a6abfba06576407cda22f598e2ebe1
GET /banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview&n=1&g=M&l=https%3A%2F%2Fsecureimage.securedataimages.com%2Fimages%2Fcams%2Fbanners%2Fmicro_logo_new.png&c=0&md=any HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:42 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Wed, 16 May 2018 20:46:41 GMT
ETag: "1cb70-40f-56c58d0e2ce40"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 395
Content-Type: text/html
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
banners.cams.com/banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FW38G3DYp%2FOriginal-Header.jpg&c=0&md=any&cb=elitecams.streamray.com
200 OK 395 B URL HTTP/1.1 banners.cams.com/banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FW38G3DYp%2FOriginal-Header.jpg&c=0&md=any&cb=elitecams.streamray.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f39b3c7ce04b702a4b386c3207df9cc5
6be791d03e9cefb520eb082bf2ffd9845b6f67fb
fdeea5e7dcd11fcd818fef43eea076a778a6abfba06576407cda22f598e2ebe1
GET /banners/streamray/live/banner.html?w=500&h=300&tc=FF0000&mc=000000&b=n&d=http%3A%2F%2Fcams.com%2Fp%2Fcams%2Fview.cgi%3Fpid%3Dg1443489-pct%26stream%3D%7bstream%7d%26action%3Dview%26dcb%3Delitecams.streamray.com&n=1&g=M&l=https%3A%2F%2Fi.pixxxels.cc%2FW38G3DYp%2FOriginal-Header.jpg&c=0&md=any&cb=elitecams.streamray.com HTTP/1.1
Host: banners.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:42 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Wed, 16 May 2018 20:46:41 GMT
ETag: "1cb70-40f-56c58d0e2ce40"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 395
Content-Type: text/html
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12286
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: keep-alive
aweproto.com/embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
200 OK 8.9 kB URL HTTP/2 aweproto.com/embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type gzip compressed data, max speed, from Unix\012- data
Hash b46badfc417d50a9ce3811a7168005ec
f939c19d40a5b808473a993546fea486381674e6
1c2ec369d942fd5a11989bb3a4ac133107cba5a2824e6e9c7d9537f67d6b96c7
GET /embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1
Host: aweproto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:41 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:41 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/728x90/en/728x90_xlovegay_20_en.gif
404 Not Found 8.9 kB URL HTTP/1.1 www.xlovegay.com/prm/banner/?id_affilie=11692&path=xlovegay/728x90/en/728x90_xlovegay_20_en.gif
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3406)
Hash e0070b65e5116e2c4adb94a0dfd6f50b
d818be1295f7e530a160ce64cc614b5250e88380
435dfbb8266a8aa82d6735263b7de0eb13185e579c38d34ada8ac0b261197de6
GET /prm/banner/?id_affilie=11692&path=xlovegay/728x90/en/728x90_xlovegay_20_en.gif HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
csrf=1iBfOsRzYxucMlyY; path=/; secure; HttpOnly; SameSite=Lax
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
Content-Encoding: gzip
chaturbate.com/in/?track=embed&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
302 Found 202 B URL HTTP/2 chaturbate.com/in/?track=embed&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d7d800dad7010b3b76a5a67b2396568f
5be485c487d9145ff293445265c5478c91605b56
2dde1f488331ca79ae4d03f814b9b6acadb608387dbc2f430e390f52d92a08b1
GET /in/?track=embed&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1 HTTP/1.1
Host: chaturbate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:41 GMT
content-type: text/html; charset=utf-8
location: /topembed/male/?join_overlay=1&tour=CoeM&campaign=tQUzB&disable_sound=1&mobileRedirect=auto&embed_video_only=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Language, Cookie
content-language: en
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
x-frame-options: DENY
cache-control: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: u_CoeM=1; expires=Mon, 10-Oct-2022 18:43:41 GMT; Max-Age=432000; Path=/
us_CoeM=1; Path=/
affkey="eJyrVipRslJQcs5P9VXSUVBKzi0AcUsCQ6ucQPySomwQPzU3KTUFxC8C8TJKSgqKrfT1K3Lyy1LTEyuTcvLT9UBEcUF+iV5yfq4+SGliWhpIcXJGZoGJEUgAbLKRoVItAKdTIYs="; Domain=.chaturbate.com; expires=Fri, 04-Nov-2022 18:43:41 GMT; Max-Age=2592000; Path=/
fromaffiliate=1; Domain=.chaturbate.com; Path=/
noads=1; expires=Thu, 06-Oct-2022 00:43:41 GMT; Max-Age=21600; Path=/
stcki="pOtSwZ=1\054FqPd9a=0\0546pduSG=0\054aDBbcK=0"; expires=Fri, 04-Nov-2022 18:43:41 GMT; Max-Age=2592000; Path=/
sbr=sec:sbr15f131cb-32ad-492a-8ded-cb9938785d20:1og9Mr:8sJ0xma3gUejOJ5SLwvxDNvIldg; Domain=.chaturbate.com; expires=Mon, 30-Jun-2025 18:43:41 GMT; HttpOnly; Max-Age=86313600; Path=/; Secure
__cf_bm=X7qKcfOIKYGSSWvJTdrxB99N8vpcKo.0DZfKio6jkI4-1664995421-0-AfDoXuUjcC/8mBxA8+kYp2VWnKKV3ZVKMborcLa/mOP5UnLy4CIPT+VtpEWFulJr6mDU/UiCaneA5nzJTrfXV2c=; path=/; expires=Wed, 05-Oct-22 19:13:41 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75584de56decb4f3-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d96a070d79a6e43e3d3953164c885115
21f68a43259bb10dfdb0c966af16ec4a63debd0a
677e864d2b4bb03a29a241f7978f80fff87256a9ed80c8d18e1957fe47dd0a18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "677E864D2B4BB03A29A241F7978F80FFF87256A9ED80C8D18E1957FE47DD0A18"
Last-Modified: Wed, 05 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12286
Expires: Wed, 05 Oct 2022 22:08:28 GMT
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: keep-alive
www.google.com/css/maia.css
200 OK 12 kB URL HTTP/2 www.google.com/css/maia.css
IP
File type Unicode text, UTF-8 text, with very long lines (43499), with no line terminators
Hash bbb96f1e62e3f84502664d603d4ecbfc
684db7b7626d997e41d11716107d25824f322983
fcb969338fcac7f4d33a5f51945c6756d58881b82572604863fd8c0f3b1840c7
GET /css/maia.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 12181
date: Wed, 05 Oct 2022 18:43:42 GMT
expires: Wed, 05 Oct 2022 18:43:42 GMT
cache-control: private, max-age=0
last-modified: Mon, 25 May 2020 08:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43949b51c22083afa058fa6841a1fb35
020b115e6861b801a8e495c0ca65fd4db879cc2a
2d9056e9324b5661c769ff90e4ae80c796ddc22ca91ff454fb9bbe1a80ac85d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2D9056E9324B5661C769FF90E4AE80C796DDC22CA91FF454FB9BBE1A80AC85D1"
Last-Modified: Tue, 04 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21472
Expires: Thu, 06 Oct 2022 00:41:34 GMT
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: keep-alive
s1.wlresources.com/prm/v3/js/app/livewebcamIframe.js?13210892
200 OK 275 B URL HTTP/2 s1.wlresources.com/prm/v3/js/app/livewebcamIframe.js?13210892
IP
File type ASCII text, with very long lines (502)
Hash 1aea7ecc0c19a78f9d104feea29cf68e
15b3ffe1757d36b5aa2deb1c7cf1e8db2898ffb4
0eeb5bb43e700475f25304096744c4ff4bfbeb8de6032be0bb581ead38523488
GET /prm/v3/js/app/livewebcamIframe.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/javascript
last-modified: Wed, 07 Jul 2021 14:56:00 GMT
etag: W/"60e5c080-26c"
expires: Thu, 26 Jan 2023 06:59:31 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: MISS
timing-allow-origin: *
cf-cache-status: HIT
age: 647049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C9wXXeOoIScqdhOi64lqeWPKZAPASxTzII9LGdsrvlx9QAYcGitIrBa5bh5V81IQzaKGhCKiMw2LRzPCyeDlHyZDX55niiS7a4tFvYBjGJgdriacVfMU0F1xMqC5njyW7FATA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584ddf8cb0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
s1.wlresources.com/prm/v3/js/vendor/jquery-2.1.1.js?13210892
200 OK 75 kB URL HTTP/2 s1.wlresources.com/prm/v3/js/vendor/jquery-2.1.1.js?13210892
IP
Hash 47a21d42458334f224212ec85ad1c8d7
a6ed3acda0814c43a2a1311010e0434a64bbfe3c
416b714f0d674765f77807e174bf0ade6d4d8e69a0582b8f3f7b018ce2531054
GET /prm/v3/js/vendor/jquery-2.1.1.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 14 Jan 2022 15:57:18 GMT
etag: W/"61e19d5e-3c637"
expires: Thu, 10 Nov 2022 15:29:29 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7269250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFKhjFheFTNxvQIMXRhI26Pz27%2F0fptj%2FnWWPk%2B8MGvsIoCp7MbFaVIcdMxvScM0cm%2FAuPr1ssn3nqizz5mTWdwieANh3x7v6EqjqPZ43u%2B86XvUj%2Fa0pJMmZ9mCsufoJVLwbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584ddfdd55b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 01f0c34f7bbcfafbabe45a093df40787
9d166b6ff25315a8c6dfceb484d3337b5c4d8e7d
92d85b3ccb57e0d942de169c65b60f508acbc148002ac7f7e4e9ad97ad9788bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D85B3CCB57E0D942DE169C65B60F508ACBC148002AC7F7E4E9AD97AD9788BF"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15921
Expires: Wed, 05 Oct 2022 23:09:03 GMT
Date: Wed, 05 Oct 2022 18:43:42 GMT
Connection: keep-alive
prm03.wlresources.com/resource/browseCdnConfig
200 OK 584 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash 2c54265bf0f7000e6220315f11c263ae
1c6b307747e7a55470c6fb2d99c4e8b9b581645a
076490cd0bc63ac478d268fbace71c30b7ea785073cc51fcdb118c10e4215916
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 www.xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1155
Origin: https://www.xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=79s0mtuhv0llfof7hagvadedos; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
prm03.wlresources.com/resource/browseCdnConfig
200 OK 584 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash 2c54265bf0f7000e6220315f11c263ae
1c6b307747e7a55470c6fb2d99c4e8b9b581645a
076490cd0bc63ac478d268fbace71c30b7ea785073cc51fcdb118c10e4215916
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 www.xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1161
Origin: https://www.xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=evu4224j587nbemrbjbe8h0ngu; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
www.xlovegay.com/err0r/js?ts=1664995421
200 OK 16 B URL HTTP/1.1 www.xlovegay.com/err0r/js?ts=1664995421
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995421 HTTP/1.1
Host: www.xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1163
Origin: https://www.xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=ilktk01jh76v1m68afi8aojbv8; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secureimage.securedataimages.com/images/streamray/streams/alan_ferrer_640.gif
200 OK 11 kB URL HTTP/2 secureimage.securedataimages.com/images/streamray/streams/alan_ferrer_640.gif
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 3a39bb1eee20ee319f7aa8e461020b6b
ef913ca5de1770cdd7b7bd3929671593e04e0e4f
8e799e905d036a3f21440cdde4ae1319dde1648a79aaf033564506f7f27078f3
GET /images/streamray/streams/alan_ferrer_640.gif HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 514841
cache-control: max-age=2592000
content-type: image/gif
date: Wed, 05 Oct 2022 18:43:42 GMT
expires: Fri, 04 Nov 2022 18:43:42 GMT
last-modified: Sat, 12 Mar 2022 16:10:04 GMT
server: ECS (ska/F718)
x-cache: HIT
x-cache-hits: 0
content-length: 11323
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/temp/31498/cams_logo_notag.png
200 OK 32 kB URL HTTP/2 secureimage.securedataimages.com/images/temp/31498/cams_logo_notag.png
IP
File type PNG image data, 250 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fd8212661779127f4002b6ee91f90b5
51f89562e37718085f20e9d8bed801d80dee2d9e
5989a642f5a3b70522ea61bbe17600176ac84ec19144cf82244bc34decee23f7
GET /images/temp/31498/cams_logo_notag.png HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 422260
cache-control: max-age=2592000
content-type: image/png
date: Wed, 05 Oct 2022 18:43:42 GMT
etag: "fcfd7b3-7cfb-56bd20056895c"
expires: Fri, 04 Nov 2022 18:43:42 GMT
last-modified: Thu, 10 May 2018 03:56:16 GMT
server: ECS (ska/F715)
x-cache: HIT
x-cache-hits: 0
content-length: 31995
X-Firefox-Spdy: h2
s1.wlresources.com/xlove/sp/js/spImgOnly.min.js?13210892
200 OK 12 kB URL HTTP/2 s1.wlresources.com/xlove/sp/js/spImgOnly.min.js?13210892
IP
Hash b97541e7aa1e5471a3dd3790db7744e7
21ae66b575b749aad0a443897534a1fbb623392e
efce2f41710d2ceb4be031dd929506eeebbc85effeb096ed734fce4b10274617
GET /xlove/sp/js/spImgOnly.min.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 06 Oct 2020 14:22:00 GMT
etag: W/"5f7c7d88-79e9"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nlb1f7RNbKuI34jN3E6n3bOhl0zXKz4nuApPZLy9ByZR%2FHN2v9erOJgSemqElL4KkFSS81U%2Ff06CtzRvHnNp1Ad8WMxKokdkzpsiZtQ6PGqtjISP%2BUrKmeGJIZHElkH64q4v0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584de02dc2b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
xlovegay.com/us/models/gays/
200 OK 29 kB URL HTTP/1.1 xlovegay.com/us/models/gays/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash 89a6aa672390c8be82b140998454edb1
81129813a8a657a6c71ae54bcb55e9ffb7d859cd
4104db0b1e9fffe40eb56224df7e3cbf8696299ba211b42413ff56975d5f299a
GET /us/models/gays/ HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=61pgehm8b4l84m376epr45kcdu; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
x-cdn-region: eu-nl
Content-Encoding: gzip
cdn.banhq.com/mp4/a/0/a04bc5adf1c9c8a0bb206a2cffdcd062.mp4
206 Partial Content 1.6 kB URL HTTP/2 cdn.banhq.com/mp4/a/0/a04bc5adf1c9c8a0bb206a2cffdcd062.mp4
IP
File type gzip compressed data, from Unix\012- data
Hash f782895a951d9b16568074988003219e
25fc201cda9d7794a37d381ce32b360a418a7a7c
5d50ebda8c00ec554548ce216cdf585aff6d893d1626a58a8ca7996882a0c3a3
GET /mp4/a/0/a04bc5adf1c9c8a0bb206a2cffdcd062.mp4 HTTP/1.1
Host: cdn.banhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://cdn.creativesumo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 1457527
date: Mon, 03 Oct 2022 20:31:23 GMT
last-modified: Fri, 04 Jan 2019 16:50:24 GMT
etag: "a04bc5adf1c9c8a0bb206a2cffdcd062"
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-1457526/1457527
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xoz2ahv2FIDQQBzbYKVo0nPMk326HV7nne-3F3T62vjOOlO2VlU9yA==
age: 166339
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 1.4 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash 731fdf196135201e8a21e8895502463b
141a30024d2d085d65941ace41d34ab8123bfefd
5979cd18d9aeb60811ad0cdaa916dbc4426d754924122e296148a2565df24c83
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash d94158a2c6c5734c9547b3bc41fc3f0a
1dc6d9d831a03e39d91585cdc596bf64285f918b
1ba87ae712012ff77852b28a3e6d0ef20b00902db9a4622c20cdd0bd6ccd7b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6288
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 18:43:42 GMT
Last-Modified: Wed, 05 Oct 2022 16:58:54 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 1.4 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash ff77553b65bb1f66823fc5f6d2b450e6
d1729f0b2a8eaee2520836a50bcf742978515a2a
c5bf2732193c89920aeef22cb80ae22eb37d756338bd2333ae1493b755ccc026
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
i.bcprm.com/dynamic_banner/images/lang/spanish.png
200 OK 414 B URL HTTP/2 i.bcprm.com/dynamic_banner/images/lang/spanish.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 850dbc780fed5860b7ed8bbb41be5801
11c2a1bcfef12197ded7fbfc7c31e69ad94d9340
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35
GET /dynamic_banner/images/lang/spanish.png HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: image/png
content-length: 414
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
expires: Sat, 14 Nov 2020 07:18:41 GMT
cache-control: max-age=2592000
accept-ranges: bytes
x-cdn-diag: ams5-6302-1-14009-h-0-0---;7099-59-13665----0-0-1
X-Firefox-Spdy: h2
i.bcprm.com/dynamic_banner/images/logo2_default.png
200 OK 3.8 kB URL HTTP/2 i.bcprm.com/dynamic_banner/images/logo2_default.png
IP
File type PNG image data, 228 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f9e278767291039059529b5d0bde85c
d66de1002275b6be28edcb6d5c20c69745510688
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
GET /dynamic_banner/images/logo2_default.png HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: image/png
content-length: 3813
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
expires: Fri, 15 Jan 2021 11:19:54 GMT
cache-control: max-age=2592000
accept-ranges: bytes
x-cdn-diag: ams5-7734-7-46121-h-0-0---;7099-59-13665----0-1-0
X-Firefox-Spdy: h2
i.bcprm.com/banners/300x250/g_banner/no.gif
200 OK 138 kB URL HTTP/2 i.bcprm.com/banners/300x250/g_banner/no.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 138 kB (138379 bytes)
Hash 3f6faec09747dc4554c791572d4d775c
b5ea2c7ead1131fd005b23af070f6e2f8c0a195c
e1de965ae47c02ded553f56fe32e7671c7ab42a693454a40a6c24193d6f48be8
GET /banners/300x250/g_banner/no.gif HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: image/gif
content-length: 138379
last-modified: Fri, 31 May 2019 10:34:55 GMT
cache-control: max-age=2592000
x-bcs-o: 1
expires: Thu, 03 Nov 2022 15:16:37 GMT
x-o1-bcs-ban: MISS
access-control-allow-origin: *
access-control-allow-methods: GET
accept-ranges: bytes
x-cdn-diag: ams5-7099-6-11629-h-0-0---;7099-59-13665----0-0-1
X-Firefox-Spdy: h2
i.bimbolive.com/066/347/28d/a4febb67f0d52a40b098da527426fdb4_thumb_medium.jpg
200 OK 5.3 kB URL HTTP/2 i.bimbolive.com/066/347/28d/a4febb67f0d52a40b098da527426fdb4_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 9621101a975225f1b1f2e542d1f700f1
f0ede620c0eabce13c3bce975c69b6b1af2317df
f02e2c83347adbf193686de3a3c14425ab3153431640627083dde4ba929d4e8a
GET /066/347/28d/a4febb67f0d52a40b098da527426fdb4_thumb_medium.jpg HTTP/1.1
Host: i.bimbolive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: image/jpeg
content-length: 5332
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "608cc30f-14d4"
expires: Fri, 28 Oct 2022 02:39:33 GMT
last-modified: Sat, 01 May 2021 02:55:11 GMT
x-o1-p6: EXPIRED
x-bc-o: 1
cf-cache-status: HIT
age: 589061
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75584df1189db515-OSL
X-Firefox-Spdy: h2
xlovegay.com/us/models/gays-couples/
200 OK 28 kB URL HTTP/1.1 xlovegay.com/us/models/gays-couples/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash 63e8306b259a39cc7c43b5688fe0bff4
bd68640e35ce73a9042c905d3fce0a52792c318c
a86ce42277c56d325fdb02a7f70e162a9bea36d093a49e043b211ca30afc9fd0
GET /us/models/gays-couples/ HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=jj2cih9j4cehfjiuqno0ivme66; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
x-cdn-region: eu-nl
Content-Encoding: gzip
prm03.wlresources.com/resource/browseCdnConfig
200 OK 29 kB URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash 36340a5c31ad9aa2a65d8ccddc7a0e7d
69edcd4b2733e74c91d1b977641cc98e2c6e3462
e80c9a10271b8c53b32bf1d159f2a2c79dc91d804b58138ec8dbffc046c0f33f
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 616 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash bf589f2d0fa8701d298f9d5391d64d80
7d5ea7fe714e482ff636ebdd88bfc069ad25a015
a65c191c5c94f4c7c59214c70733cf15bba3fe89c109888ab89497d6a43955f6
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 4.2 kB URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with very long lines (5048), with CRLF line terminators
Hash 238684791f362d01eb6c815a14c1bed0
6737b019786dfdb7607d9e080f239b44bbfb9de6
05efa5653c00c9cdf3d78b4ea27fa08334e0eeaaf6b6536c90ccaa7e67097f0a
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/lib/angular_1.5.5.min.js
200 OK 56 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/lib/angular_1.5.5.min.js
IP
File type ASCII text, with very long lines (640), with CRLF line terminators
Hash ff631cc377910565627d89d655780711
c957107692dc266fbb2343d9487eb3a45e8b7c8c
8987776f5e43bdab5f146b0d35eedcbc795714dee132fcd5b30c1f170972969e
GET /images/cams/lib/angular_1.5.5.min.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 725438
cache-control: max-age=2592000
content-type: application/x-javascript
date: Wed, 05 Oct 2022 18:43:42 GMT
etag: "1065c72-269f0-54d9d1b7e0080"
expires: Fri, 04 Nov 2022 18:43:42 GMT
last-modified: Thu, 20 Apr 2017 18:14:10 GMT
server: ECS (ska/F713)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 2
content-length: 55734
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 62 kB URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with very long lines (65336)
Hash c7ea9fa3ae6dd71d8ec38687d3f4bcc3
65573721d0aa59fac06b6d98790fd1787737fe31
b838767ef455b583eb9017983277eddbea55a1bc6de694c1c4c7871d773206ae
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/lib/angular-sanitize_1.5.5.js
200 OK 8.1 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/lib/angular-sanitize_1.5.5.js
IP
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c5f6d5f7fb13c7c23d6afb2e925aa126
e82bdb4c55bb5c8a61119a24319a545ce04341b3
a7e34126fcbe7221c3f2f6c46ae38c0f184366f38d664ef6917fe697dd8b5e3d
GET /images/cams/lib/angular-sanitize_1.5.5.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 792223
cache-control: max-age=2592000
content-type: application/x-javascript
date: Wed, 05 Oct 2022 18:43:42 GMT
etag: "1065c6b-6701-5382de0196e00"
expires: Fri, 04 Nov 2022 18:43:42 GMT
last-modified: Thu, 21 Jul 2016 23:42:48 GMT
server: ECS (ska/F71E)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 14
content-length: 8065
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/cams/lib/scrollglue.js
200 OK 1.3 kB URL HTTP/2 secureimage.securedataimages.com/images/cams/lib/scrollglue.js
IP
Hash dba111765ee2718d06d6ce12401a1b01
badb0fc58960e30575b189dadd527d7542406591
249d77d9a129d742dfae07d3748880ec1dac1845540e3f08bfa3476945b6f154
GET /images/cams/lib/scrollglue.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 706171
cache-control: max-age=2592000
content-type: application/x-javascript
date: Wed, 05 Oct 2022 18:43:42 GMT
etag: "106843b-1484-54fbf04b6f400"
expires: Fri, 04 Nov 2022 18:43:42 GMT
last-modified: Wed, 17 May 2017 21:32:00 GMT
server: ECS (ska/F711)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 31
content-length: 1301
X-Firefox-Spdy: h2
xlovegay.com/us/models/gays/
200 OK 29 kB URL HTTP/1.1 xlovegay.com/us/models/gays/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash e78faf9494b28df5851f18c9768d101a
7a8d0774624e70b5189403c6046337bc2e758935
d6a778d747732a88495a92800423fb9dbba08c22171147323d56ccc4c4491fd0
GET /us/models/gays/ HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=ktbtfgii1l9eovqr39d8fo5m7f; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
x-cdn-region: eu-nl
Content-Encoding: gzip
xlovegay.com/us/models/gays/
200 OK 29 kB URL HTTP/1.1 xlovegay.com/us/models/gays/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash 6a94ff8a05f7a1fc30249389b7428dd3
2d78ef8fe4520d4253287f955338bd27285a25c1
3b9438ef53504c77913caa6d2961b7f127e364eaec4228f24579468b707db31c
GET /us/models/gays/ HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=48qp2sfdop8931l00oe1nocr99; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
x-cdn-region: eu-nl
Content-Encoding: gzip
prm03.wlresources.com/resource/browseCdnConfig
200 OK 29 kB URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash 9562b16b2b8e7f1a6d4d97c329ed4dda
52f027bd4f92e40b5b38d0b5da4ebff05146d07e
82693bbb4c71e4a2f93e12d22102823c831116bb98f1f1f88b3586d7a83d6000
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
pt.protawe.com/cifra/script?id=awe-customiframe-container&row=3&column=5&border=0&wide=0&padding=6px&model=insidehover&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
200 OK 2.2 kB URL HTTP/2 pt.protawe.com/cifra/script?id=awe-customiframe-container&row=3&column=5&border=0&wide=0&padding=6px&model=insidehover&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Hash c810599b0add49db6e3271643b530e44
3a4c8b26eadb547dca1fbcff3d8901bdaa5b94f2
64e153df1c1ecb286b09d121c3f0bcd4b4bf000d0591aa7670b2b4574d339237
GET /cifra/script?id=awe-customiframe-container&row=3&column=5&border=0&wide=0&padding=6px&model=insidehover&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&legacyRedirect=1 HTTP/1.1
Host: pt.protawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:39 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:39 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
xlovegay.com/us/models/gays/
200 OK 29 kB URL HTTP/1.1 xlovegay.com/us/models/gays/
IP
ASN #47836 SC Web Software Development SRL
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash e9104a3e9e3d9968eb3e364e6bded0c0
28f238f807ece2dcd06a9bdc9ee14bbc28e3e128
9a3e14967cb8320782ab7482d257d24e90f57a9308e95721ac57abdf95f104d1
GET /us/models/gays/ HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xlovegayblog.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995422; expires=Sat, 02-Oct-2032 18:43:42 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=j4jnvvu945u72fg8c2vo1frn8u; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: script-src 'self' 'unsafe-eval' *.wlresources.com *.acwebconnecting.com 'sha256-e4pYjXQH6ajx5POUxz2FrYEpL/WroFiVF5clf0FNS5g=' www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net gstatic.com www.google.com www.googleoptimize.com optimize.google.com www.gstatic.com https://bat.bing.com https://*.clarity.ms ; style-src 'self' 'unsafe-eval' 'unsafe-inline' *.wlresources.com; connect-src 'self' *.wlresources.com *.acwebconnecting.com wss://*.wlresources.com www.google-analytics.com www.googletagmanager.com *.analytics.google.com *.doubleclick.net https://bat.bing.com https://*.clarity.ms ; report-uri /err0r/js?ts=1664995422; worker-src 'self' blob:; frame-ancestors 'none'; object-src 'self'
X-WebFrom: p-86
x-cdn-region: eu-nl
Content-Encoding: gzip
prm03.wlresources.com/resource/browseCdnConfig
200 OK 29 kB URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6827), with CRLF, LF line terminators
Hash b14c37d50ba122bf36967cabef94025e
ab9ed88d9189e05da2b1d5ea9b16a75b4ad83c3b
e58375f4777a3e02d541ac3f38ad198b4c158d82fd965330e6db3415183a2572
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1090
Origin: https://xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:43 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995423; expires=Sat, 02-Oct-2032 18:43:43 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=foe5kbt0a57bpbvf0gqfj6f8fa; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1090
Origin: https://xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:43 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995423; expires=Sat, 02-Oct-2032 18:43:43 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=8u77kcten2kq4s7edbhtrtb1h7; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1098
Origin: https://xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:43 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995423; expires=Sat, 02-Oct-2032 18:43:43 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=l1hk2egtatim8iacpaf7uo60fk; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
prm03.wlresources.com/resource/browseCdnConfig
200 OK 129 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash cf39b4093800fb84ff07e5145aab3abb
ded28ef38c50be1ec7fdbe4a90785a62a3441351
85c0e239fa34e662f645177806d38bbb2aaddc22356e1dde3b35202361dc636f
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995423
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 129 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash cf39b4093800fb84ff07e5145aab3abb
ded28ef38c50be1ec7fdbe4a90785a62a3441351
85c0e239fa34e662f645177806d38bbb2aaddc22356e1dde3b35202361dc636f
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
xlovegay.com/err0r/js?ts=1664995422
200 OK 16 B URL HTTP/1.1 xlovegay.com/err0r/js?ts=1664995422
IP
ASN #47836 SC Web Software Development SRL
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /err0r/js?ts=1664995422 HTTP/1.1
Host: xlovegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 1090
Origin: https://xlovegay.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Powered by acwebconnecting
Date: Wed, 05 Oct 2022 18:43:43 GMT
Content-Type: application/json
Content-Length: 16
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=2592000
Set-Cookie: first_visit=1664995423; expires=Sat, 02-Oct-2032 18:43:43 GMT; Max-Age=315360000; path=/; secure; HttpOnly; SameSite=Lax
PHPSESSID=57l484bovp858h3d3o4un8hgb5; path=/; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-WebFrom: p-86
x-cdn-region: eu-nl
prm03.wlresources.com/resource/browseCdnConfig
200 OK 242 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
Hash 8288af13251c89e9f989f9eee34f20d6
4c1e99aa850288d755249ee377bc25384845e9b2
b8a1292d9340bb6221e29cd4640a08cbd5d5d8f517fda9c7b0fd1a289ba8d094
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 92ee11ac5c8baccd5c41e68fb6a5e560
9e05be6f78bf9c80ed6674620f485b49920dda76
5a300dc8482e54f6e8f99bd6779a3a7a5e652e481a5df0415067e837a0f2b4b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A300DC8482E54F6E8F99BD6779A3A7A5E652E481A5DF0415067E837A0F2B4B4"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17114
Expires: Wed, 05 Oct 2022 23:28:57 GMT
Date: Wed, 05 Oct 2022 18:43:43 GMT
Connection: keep-alive
secure.vs3.com/_special/banners/LiveWebCams.php?cta=gtr&style=400x240-lva-theme001&mp_code=agy4r&service=guys&language=en&use_promo=0&model_id=&bgcolor=000000&txtcolor=FFFFFF&linkcolor=00A7E1&num_models=50&target=_blank&btncolor=00A7E1&btntxtcolor=FFFFFF&accentcolor=0859A8
200 OK 3.3 kB URL HTTP/2 secure.vs3.com/_special/banners/LiveWebCams.php?cta=gtr&style=400x240-lva-theme001&mp_code=agy4r&service=guys&language=en&use_promo=0&model_id=&bgcolor=000000&txtcolor=FFFFFF&linkcolor=00A7E1&num_models=50&target=_blank&btncolor=00A7E1&btntxtcolor=FFFFFF&accentcolor=0859A8
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (414), with CRLF, LF line terminators
Hash dfb47a43e16e93f8c146aa2fa642b9e6
fcc36a93c14a54e9d9bfad76cf19b311606f9943
8aead727b47182557c83fb909fd30e7deb29833dab528abe2580f2e4531d2b82
GET /_special/banners/LiveWebCams.php?cta=gtr&style=400x240-lva-theme001&mp_code=agy4r&service=guys&language=en&use_promo=0&model_id=&bgcolor=000000&txtcolor=FFFFFF&linkcolor=00A7E1&num_models=50&target=_blank&btncolor=00A7E1&btntxtcolor=FFFFFF&accentcolor=0859A8 HTTP/1.1
Host: secure.vs3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
set-cookie: PHPSESSID=2dd6327a17a7877f4b64d829edb29492; path=/ ;SameSite=None; secure; HttpOnly
service=guys; expires=Thu, 05-Oct-2023 18:43:43 GMT; path=/; domain=.vs3.com; secure
mp_code=agy4r; expires=Fri, 04-Nov-2022 18:43:43 GMT; path=/; domain=.vs3.com
language=en; expires=Wed, 12-Oct-2022 18:43:43 GMT; path=/; domain=.vs3.com; secure
source_code=default; expires=Wed, 12-Oct-2022 18:43:43 GMT; path=/; domain=.vs3.com; secure
layout04=1; expires=Wed, 12-Oct-2022 18:43:43 GMT; path=/; SameSite=Strict; domain=.vs3.com
started=1664995422; expires=Thu, 06-Oct-2022 18:43:43 GMT; path=/; SameSite=Strict; domain=.vs3.com
pb_cc=deleted; expires=Tue, 05-Oct-2021 18:43:42 GMT; path=/; SameSite=Strict; domain=.vs3.com
BILLING_TEST_SUB_GROUP_4=NEW; expires=Thu, 06-Oct-2022 18:43:43 GMT; path=/; domain=.vs3.com; secure
BILLING_TEST_GROUP_4=GROUP_B%3A%3Av8; expires=Wed, 12-Oct-2022 18:43:43 GMT; path=/; domain=.vs3.com; secure
cdn=https%3A%2F%2Fcdn4.vscdns.com; expires=Wed, 05-Oct-2022 18:58:43 GMT; path=/; domain=.vs3.com; secure
cache-control: no-store, no-cache, must-revalidate, max-age=0, max-age=2592000, post-check=0, pre-check=0
pragma: no-cache
expires: Fri, 04 Nov 2022 18:43:42 GMT
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
content-length: 3337
content-type: text/html
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a.adtng.com/get/10002470?ata=EliteCamPromos
200 OK 180 kB URL HTTP/2 a.adtng.com/get/10002470?ata=EliteCamPromos
IP
Size 180 kB (180466 bytes)
Hash 3fd23df2615cd48c11df44f669f8753b
01343df2655a2be2fbb087968898380e4e1516ba
061b65f04e7483f1fd8c026bba3c1f9a8e686527b416251cf8ab38d10fbd7ad6
GET /get/10002470?ata=EliteCamPromos HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Cookie: adtool_guid=Ch5KGmM90FuhM3uwrerCAg==; RNLBSERVERID=ded7077
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 633DD05B-42FE72AB01BB5F90-1F56C40
X-Firefox-Spdy: h2
cdn.banhq.com/mp4/f/9/f9659ee1b0593ac40b4b16bc15a11106.mp4
206 Partial Content 5.4 kB URL HTTP/2 cdn.banhq.com/mp4/f/9/f9659ee1b0593ac40b4b16bc15a11106.mp4
IP
File type gzip compressed data, max speed, from Unix\012- data
Hash 4c88ec980af027f1c3d0ed56aab34e94
f21a231744fcae2178d180891591ff4531f12bf4
759809016f5c1cc3738dfaee79491ffebeb776050ae9249e99f41eda00c4cd05
GET /mp4/f/9/f9659ee1b0593ac40b4b16bc15a11106.mp4 HTTP/1.1
Host: cdn.banhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://cdn.creativesumo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 1479891
date: Mon, 03 Oct 2022 20:31:23 GMT
last-modified: Thu, 24 Jan 2019 18:06:27 GMT
etag: "f9659ee1b0593ac40b4b16bc15a11106"
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-1479890/1479891
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F-yncEITG6EU8Bwqwi-mMQi0HKHNau3gDKmONsYxNVAOrYFWWipXFw==
age: 166339
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c2712db9bb743d7e3e3e8ec1112ad93c
25101be81bd0939400bd477d0a16244229e8575e
99b37b2073e094227b5165300bab9dde7a27b1f9b39cc4f1938c2ea6f7c34d20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99B37B2073E094227B5165300BAB9DDE7A27B1F9B39CC4F1938C2EA6F7C34D20"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16045
Expires: Wed, 05 Oct 2022 23:11:08 GMT
Date: Wed, 05 Oct 2022 18:43:43 GMT
Connection: keep-alive
www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
302 Found 138 B URL HTTP/2 www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: www.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/html
content-length: 138
location: https://classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
x-ingress: PROD
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601775
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16748, version 1.0\012- data
Hash 62d24b94de2fd801742f49d8c6306ba2
d4b841b136adad3051b58a66692f7c5942cf6deb
1b2f88142c19df560f487368810bba2d41c5d6948df584abaa2e0091c0b2245b
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.blogger.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:54:21 GMT
expires: Tue, 03 Oct 2023 18:54:21 GMT
cache-control: public, max-age=31536000
age: 172162
last-modified: Mon, 15 Aug 2022 18:14:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.adtng.com/get/10002466?ata=EliteCamPromos
200 OK 7.1 kB URL HTTP/2 a.adtng.com/get/10002466?ata=EliteCamPromos
IP
Hash 97afadf3440e7625b45feeb526d63b98
d2d0897c4e30948f9e3e8ee6c54e56fc8d66890d
7802b1496a8d383aa31593a4399bf284fa406969d913c41be1b22feecadcb7cc
GET /get/10002466?ata=EliteCamPromos HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Cookie: adtool_guid=Ch5KGmM90FuhM3uwrerCAg==; RNLBSERVERID=ded7077
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 633DD05E-42FE72AB01BB5F90-1F56C43
X-Firefox-Spdy: h2
www.cbmiocw.com/script?providers=imlive&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=40737f20-49a3-11eb-a165-17a4dc8b58f5
200 OK 79 kB URL HTTP/2 www.cbmiocw.com/script?providers=imlive&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=40737f20-49a3-11eb-a165-17a4dc8b58f5
IP
Hash 75a7e709cac377d9ebbcdd578aa5d71f
836340e33ac40683b01e310197d7912b19059b1f
531713c1abbc024f8d4aa0c73661afc9f93ea6364d104a823327ab50447738d2
GET /script?providers=imlive&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=40737f20-49a3-11eb-a165-17a4dc8b58f5 HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-892f4078cf16afa2d5f3a1317e4837f3-3da528698e63a652-00
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.camshq.info/imlive/1472194/profile.jpeg
200 OK 9.8 kB URL HTTP/2 cdn.camshq.info/imlive/1472194/profile.jpeg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 539c1a8f7480073ad10f4b2aa7194456
7772e463d853a1667672c55122cd2de0dbccdeac
596686e465e9664ec3e60ac53f0ff0c1acb02fcd8ef43109209a18356d22953a
GET /imlive/1472194/profile.jpeg HTTP/1.1
Host: cdn.camshq.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cbmiocw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: image/webp
content-length: 9778
server: BunnyCDN-NO-830
cdn-pullzone: 252413
cdn-uid: edc35b79-0e1a-463a-906a-379e9a3a3461
cdn-requestcountrycode: NO
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2022 18:43:43 GMT
x-bo-server: ASB-206
x-downloadsize: 19207
x-bo-origindownloadtime: 51
x-bo-processingtime: 1
x-bo-compressionratio: 49.09%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/05/2022 18:43:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7e2b4877cdf0c488a4d0e17f0a991bda
cdn-cache: MISS
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
200 OK 6.6 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
IP
File type JPEG image data, baseline, precision 8, 200x150, components 3\012- data
Hash 73e2de378ef511a31d2054819cb4f7b8
4ca7a9ec06984e6d74e9ada728998881a4fdbcbf
450f56501e2ad870cc4fc5464811b35b6b6be6f59c6f1ede55a788f32560080b
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6560
access-control-allow-origin: *
awssrv: 01
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 12:38:24 GMT
etag: 73E2DE378EF511A31D2054819CB4F7B8
id: 9708
last-modified: Tue, 04 Oct 2022 12:38:24 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
requestuid: 95a10919-520c-45ce-bbb8-cc71f5f394f5
responsecode: 200
responseserver: INFIMGADR00
responsetime: 187
responsetimeex: 187
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4K_NnFoL1qKaNXm3cijfqCegmPqwIubnVWoQ-IXiVRduXTf0ux3ESw==
age: 108298
X-Firefox-Spdy: h2
aweproto.com/embed/lf?c=object_container&site=joy&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=twenties&ms_notrack=1&subAffId={SUBAFFID}
200 OK 3.6 kB URL HTTP/2 aweproto.com/embed/lf?c=object_container&site=joy&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=twenties&ms_notrack=1&subAffId={SUBAFFID}
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type ASCII text, with very long lines (1831)
Hash 354f8f505e518102146b5527db1a93be
662a08c9f079ca1cbcd1f974d7b3a18f4f784732
f5cf01a94ab389d9c4b86d0a645a774b08ad22a399ec377e76cd3ac073a086f9
GET /embed/lf?c=object_container&site=joy&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=twenties&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1
Host: aweproto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:38 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:38 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
i.bimbolive.com/09c/328/073/82f0dedb5e0e459aab126cd7cc51ccd7_thumb_medium.jpg
200 OK 9.9 kB URL HTTP/2 i.bimbolive.com/09c/328/073/82f0dedb5e0e459aab126cd7cc51ccd7_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash ba3c11b371b30d8cb90cf59682e1f376
f9c978ef8169312219f6279926c55ca4d69371ba
73e014abfaa50237a421900df68ddcdb591c12db8e03994eb8ae93145784777b
GET /09c/328/073/82f0dedb5e0e459aab126cd7cc51ccd7_thumb_medium.jpg HTTP/1.1
Host: i.bimbolive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: image/jpeg
content-length: 9873
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "633dbe4d-2691"
expires: Fri, 04 Nov 2022 17:27:17 GMT
last-modified: Wed, 05 Oct 2022 17:26:37 GMT
x-o1-p6: MISS
x-bc-o: 1
cf-cache-status: HIT
age: 4228
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75584df68ffcb515-OSL
X-Firefox-Spdy: h2
i.bimbolive.com/096/0f8/217/d403f228844907ad1285eb0d4bc7d9e0_thumb_medium.jpg
200 OK 7.1 kB URL HTTP/2 i.bimbolive.com/096/0f8/217/d403f228844907ad1285eb0d4bc7d9e0_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 7581ff34c6cf34856ee3d39a50893b1a
dcfba8f7f60bafd29fe062aae7209257fa1f9042
6d665267333e6fc1daea6c13ba60b2524e26aff3f0c64a481243109436af8029
GET /096/0f8/217/d403f228844907ad1285eb0d4bc7d9e0_thumb_medium.jpg HTTP/1.1
Host: i.bimbolive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: image/jpeg
content-length: 7121
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "632213de-1bd1"
expires: Wed, 19 Oct 2022 14:16:52 GMT
last-modified: Wed, 14 Sep 2022 17:48:14 GMT
x-o1-p6: MISS
x-bc-o: 2
cf-cache-status: HIT
age: 1387417
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75584df6880db515-OSL
X-Firefox-Spdy: h2
i.bimbolive.com/06a/263/1fa/d298fdb222e626838597a136a8443965_thumb_medium.jpg
200 OK 18 kB URL HTTP/2 i.bimbolive.com/06a/263/1fa/d298fdb222e626838597a136a8443965_thumb_medium.jpg
IP
ASN #209242 Cloudflare London, LLC
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 7553a0709661aa91f0d707882e9c7bef
786b86a822d5998cd1262845962c35e09a10795f
764236cb811184bd72ca6643204a0e46eaa4430a21c78b277ef72009cfc90ea3
GET /06a/263/1fa/d298fdb222e626838597a136a8443965_thumb_medium.jpg HTTP/1.1
Host: i.bimbolive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: image/jpeg
content-length: 17748
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "60568b66-4554"
expires: Wed, 19 Oct 2022 13:49:55 GMT
last-modified: Sat, 20 Mar 2021 23:55:18 GMT
x-o1-p6: EXPIRED
x-bc-o: 1
cf-cache-status: HIT
age: 267937
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75584df69816b515-OSL
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 20:55:30 GMT
expires: Wed, 04 Oct 2023 20:55:30 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 78493
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.bcprm.com/dynamic_banner/images/lang/russian.png
200 OK 287 B URL HTTP/2 i.bcprm.com/dynamic_banner/images/lang/russian.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 42a3f939f0021d64159941dae12becbe
57c40bad672317622ab256378fafa750f1f1e947
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492
GET /dynamic_banner/images/lang/russian.png HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: image/png
content-length: 287
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
expires: Sat, 14 Nov 2020 07:18:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
x-cdn-diag: ams5-7735-3-10549-h-0-0---;7099-24-13665----0-0-1
X-Firefox-Spdy: h2
i1.pcstatic21.com/images/Imlive_v1.gif
200 OK 2.6 kB URL HTTP/2 i1.pcstatic21.com/images/Imlive_v1.gif
IP
File type GIF image data, version 89a, 116 x 31\012- data
Hash 45cd349e1832248b9caea8b9e55fabc9
4f254495f18e3d1a841aa0b4da2610cfd583d512
967de9fb4942d5dad7d42bd1b52c445f2fb669372edbee595bf646beede0d655
GET /images/Imlive_v1.gif HTTP/1.1
Host: i1.pcstatic21.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2583
last-modified: Wed, 02 Sep 2015 11:25:19 GMT
x-amz-meta-cb-modifiedtime: Wed, 02 Sep 2015 11:23:24 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 12:04:16 GMT
etag: "45cd349e1832248b9caea8b9e55fabc9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ruh5VLUQ6Ryk6LGQFLfJH95_BkOYpY8Uqjr3CKhVy8Tq6EoCBajuew==
age: 23970
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=0495/425495/42549501635970350.jpg
200 OK 7.0 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=0495/425495/42549501635970350.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x150, components 3\012- data
Hash b1ebbffc1a67aba88a8ffdaa65990aff
4e5ffdba2960150cdf2e60fcc7e8db0c6e4e99a8
e55aa4678fd006048191c43fab1c84ab8a82882593baf4705c45a7a654059b3c
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=0495/425495/42549501635970350.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6973
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 12:07:52 GMT
etag: B1EBBFFC1A67ABA88A8FFDAA65990AFF
id: 5388
last-modified: Tue, 04 Oct 2022 12:07:52 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=174x144&wi=200&hi=150&fn=0495/425495/42549501635970350.jpg
requestuid: 9b36a112-0061-44b6-9116-bc7f2b4b7183
responsecode: 200
responseserver: INFIMGADR00
responsetime: 125
responsetimeex: 125
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UWeeAo31Si7ah7SRaFQ3gWnukehfeIDd1vkm-vfwMeGqlKGJfbbYZg==
age: 110126
X-Firefox-Spdy: h2
www.bugleczmoidgxo.com/assets/cp/js/webcam_gallery/script.js
200 OK 2.5 kB URL HTTP/2 www.bugleczmoidgxo.com/assets/cp/js/webcam_gallery/script.js
IP
ASN #212882 dnx network sarl
Hash 29d4abdd0b6d435d69afbcf9e3055f12
de0eef8153e3772c5fda2c823c50e2f6663ec41c
ef92809d3ea35eeff3c71ff685e7f21c742b4e3061dba5bcb66cf439854022f9
GET /assets/cp/js/webcam_gallery/script.js HTTP/1.1
Host: www.bugleczmoidgxo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: application/javascript
content-length: 2500
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "3c41-5dee00855469c-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
i.pixxxels.cc/X7nt7NF6/c4-Banner-01.gif
200 OK 12 kB URL HTTP/2 i.pixxxels.cc/X7nt7NF6/c4-Banner-01.gif
IP
File type JPEG image data, progressive, precision 8, 232x174, components 3\012- data
Hash 5fcadb2f2911f609bead8321b83ce0c1
6e296bd376e2824fdf9b5598afe2b15aea12ad4f
98027f56fc57bc73dfa2fba0b76e75df32bb666aeaf3dc42f3ab8fb75074c637
GET /X7nt7NF6/c4-Banner-01.gif HTTP/1.1
Host: i.pixxxels.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: image/gif
content-length: 6608124
last-modified: Mon, 08 Mar 2021 10:52:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bugleczmoidgxo.com/assets/cp/css/webcam_gallery/bn.css
200 OK 1.1 kB URL HTTP/2 www.bugleczmoidgxo.com/assets/cp/css/webcam_gallery/bn.css
IP
ASN #212882 dnx network sarl
Hash a229aa919d2c24aadbe3f5c117b7accb
93e992fe430a594bd8956e6c65d1fede3e0c883c
83acdadf577291de65cfc501524d5fd5767a5b679a0c50892f8d2d2adc038974
GET /assets/cp/css/webcam_gallery/bn.css HTTP/1.1
Host: www.bugleczmoidgxo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/css
content-length: 1095
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "14da-5dee008538bae-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://banners.cams.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:53:39 GMT
expires: Tue, 03 Oct 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 172204
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bugleczmoidgxo.com/assets/cp/css/webcam_gallery/grid.css
200 OK 3.1 kB URL HTTP/2 www.bugleczmoidgxo.com/assets/cp/css/webcam_gallery/grid.css
IP
ASN #212882 dnx network sarl
Hash a2b6bbf0a866d7d47e1425aff682f193
0aecf2da74301866a8e1717356c5ce7bcb6d58e2
0ef5c6c03bb8709a5b9ea0e60851b68d19c891c630ee8b181d026499e6be846b
GET /assets/cp/css/webcam_gallery/grid.css HTTP/1.1
Host: www.bugleczmoidgxo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/cp/webcam_gallery/index.php?submitconfig=0&brand=xcams&ur=aHR0cDovL3d3dy54Y2Ftcy5jb20%3D&re=freechat&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&cf0=pc2&cf2=&cfsa2=&ts=big&ro=4&snp=0&gc=000000&tbc=1E1C3B&bgc=141220&bc=1E1C3B&tbs=0.3&tbr=0.3&s=0.3&bs=0.3&br=0.3&fi=1&ftc=FFFFFF&fbgc=60B404&hi=1&htc=FFFFFF&hbc=000000&li=1<c=FFFFFF&lbc=000000&dtc=FFFFFF&c=1&cc=000000&ctc=FFFFFF&cr=0.3&ctt=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJDaGF0dGUgSmV0enQhIiwibmwiOiJDaGF0IG51ISIsImVzIjoiXHUwMGExQ2hhdGVhciEiLCJpdCI6IkNoYXR0YSBvcmEhIn0%3D&modelSex=M&modelStatus=free&modelAge=18%2A60&savedConfig=0&labelConfigOutil=&comfrom=932931
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/css
content-length: 3113
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "9802-5dee008516e37-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/eventlogger.js
200 OK 9.3 kB URL HTTP/2 static.pc161021.com/scripts/noui/eventlogger.js
IP
Hash 23ca7f16351624b99ffc41b410c793c8
f137213fd845f27bc0db510c0cd03b446985ce1b
4ea6cc1b69ce065f08c5e2944636234cbc2cdef0c684afaa1e1bda18d652e8a3
GET /scripts/noui/eventlogger.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 25 Oct 2018 14:46:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-encoding: gzip
date: Wed, 05 Oct 2022 07:59:38 GMT
cache-control: max-age=50400, no-cache="set-cookie"
etag: W/"0ae7087716cd41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5da5hlCG9u_cs43yws_KSBys4U7VzFFxJ0vGgSR4vHvca8M-xBKQcg==
age: 38646
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0027/509027/509027O1384317213.jpg
200 OK 4.0 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0027/509027/509027O1384317213.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash 70822f7574e5757bd65757285b0d1c97
0640966452cd20f37bf98b644d7a18716bb4368c
9a052bd609a6d1185cabda4bfeb3b0a7e3fb3ac9d5c0bef2d722cfa0d4f4a152
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0027/509027/509027O1384317213.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4002
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 27 Sep 2022 22:08:42 GMT
etag: 70822F7574E5757BD65757285B0D1C97
id: 5388
last-modified: Tue, 27 Sep 2022 22:08:43 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0027/509027/509027O1384317213.jpg
requestuid: a8a85770-6e0e-4919-8f17-883361726f93
responsecode: 200
responseserver: INFIMGADR00
responsetime: 46
responsetimeex: 46
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VHGyo9beZHTAnTnRJCYFMVOhVppRLfLJtthjzuMPamMSUMKwolwJCQ==
age: 678884
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0552/1544552/154455201652256638.jpg
200 OK 4.0 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0552/1544552/154455201652256638.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash f9313a604c9361e9e019588f268bd5b3
147dbbf6180acec0a0ed7d75321986ad1f22efd0
40f79362630e72b82a757613f6d22c9a191936579d36c725e6f666fef39d9744
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0552/1544552/154455201652256638.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4000
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Thu, 29 Sep 2022 07:11:54 GMT
etag: F9313A604C9361E9E019588F268BD5B3
id: 5208
last-modified: Thu, 29 Sep 2022 07:11:54 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0552/1544552/154455201652256638.jpg
requestuid: 4d526db2-41b7-4772-be83-c686214c95d8
responsecode: 200
responseserver: INFIMGADR00
responsetime: 62
responsetimeex: 62
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OuDUzBHFJR8iUJIsXZoyz7NlgBmxQL4_KHflti6S5lVKfaJr1bWuiA==
age: 559891
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
200 OK 4.2 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash 4660f50a94a7c1e237da2afdd0c73fd5
5b29facd9684a7fb7e8bb2d8c2bc938c773f2f52
f73821ca2b4aa1a67a7b6a78be7c359db716cc0a6596ca1bc2f4224d8e7d8d1b
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4152
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Thu, 29 Sep 2022 02:44:15 GMT
etag: 4660F50A94A7C1E237DA2AFDD0C73FD5
id: 6888
last-modified: Thu, 29 Sep 2022 02:44:16 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0402/1568402/64d87663b8e64e28aa93834caf973a82.jpg
requestuid: 4fdbc8ad-5833-4b2a-95b0-45ba774562db
responsecode: 200
responseserver: INFIMGADR00
responsetime: 375
responsetimeex: 375
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m1mPN-5Wbg8XnM3Uky3vqpl5_2Wd2tQd-2uTe9uM9kwK07WK9QKHWw==
age: 575949
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js
200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.9.0/jquery.min.js
IP
File type ASCII text, with very long lines (32132)
Hash be187cb120122bfe6ff2d21f7ff7a3ef
07fee86aa440ca076f5ebc34a1d3177e497aa7d4
24cc821add16c2460cbaedb740e439ab2561a2499347c9f5cfb60215cb6c48b3
GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 29505
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-16b8c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10435862
expires: Mon, 25 Sep 2023 18:43:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuUicnaKxc%2BSEnEfxLxcb8niDznF6TcZtBY08Ty2VMnxZSXPlH%2FiWoj1cq7jdehuZoEXcxfnEvKa2MAFEBSa%2FgLXmKeJeMSlKC15ebKwUnRqokbbs0zxcyo54iax4A3PP0eNWlFZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75584df769ff0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0035/1383035/138303501623794336.jpg
200 OK 4.1 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0035/1383035/138303501623794336.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash da2b2287c32b5708ae50a36c782b9c03
70869948cec80602ec26dca45fda3ab21a5eea66
0850511787ba174d95eaa2633ae6bdf3d402a0d00c65011eedba4f25e7924de3
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0035/1383035/138303501623794336.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4092
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 03:23:53 GMT
etag: DA2B2287C32B5708AE50A36C782B9C03
id: 3372
last-modified: Tue, 04 Oct 2022 03:23:53 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0035/1383035/138303501623794336.jpg
requestuid: 13e17961-a9b5-4bcb-b6b2-6d0dc637e003
responsecode: 200
responseserver: INFIMGADR00
responsetime: 31
responsetimeex: 31
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5yxE6vb2zMld6blaDZEzyWXd0HWIyc0tSpMz9UBvbCFL-ufOlULr9w==
age: 141565
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/pure/0.6.0/grids-responsive-min.css
200 OK 875 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/pure/0.6.0/grids-responsive-min.css
IP
File type ASCII text, with very long lines (9646)
Hash 2213c905387919e98f886637daed0987
483e74d3e48dfdfd1f8ebda649f3f670ee604e07
5f0c56bb698164b9d7d06a1e2f25d495f15777e3d7ddf5c48c643c540d0a3e57
GET /ajax/libs/pure/0.6.0/grids-responsive-min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/css; charset=utf-8
content-length: 875
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fac-2646"
last-modified: Mon, 04 May 2020 16:15:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 21264192
expires: Mon, 25 Sep 2023 18:43:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvGPSv5pkYAyu6H%2BwpXLo2JNs%2FUIO%2FZc%2B632P9BtaTc9w4tipVCIl7Eryx%2Fr8rF05vnoYdYcm5Gz0gAO%2BAVynh%2BrsbVYN%2F6EE05OJBj0mmmzme1WYVnfWusEOUmuqbXBV5AKSVQI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75584df78a0d0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0495/425495/42549501635970350.jpg
200 OK 3.6 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0495/425495/42549501635970350.jpg
IP
File type JPEG image data, baseline, precision 8, 133x100, components 3\012- data
Hash ee7313268cbd2177f1e8ec1801c50031
ed575bcac52a9e6bea673803c5a181c236c51c74
faba73a84176f53d1dca9b2e571ed2ea48442412e8adbe22ae4bb85cd176c953
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0495/425495/42549501635970350.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3631
access-control-allow-origin: *
awssrv: 01
id: 5924
last-modified: Sun, 04 Sep 2022 10:25:14 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0495/425495/42549501635970350.jpg
requestuid: 6001d307-5090-4a2c-ad06-70b29559b352
responsecode: 200
responseserver: INFIMGADR00
responsetime: 78
responsetimeex: 78
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 12:07:57 GMT
etag: EE7313268CBD2177F1E8EC1801C50031
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yMtueqLd9r29LVktySqIRowkdte8YKK7F70roNJtApItgrLVMlJeLw==
age: 110124
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 7.7 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash 52f3c6bed54fdfd9da466c309445cccf
43bb8336d87ada6d8e7d713251a882584e252fd2
29648fedd33632945d34e66e8a32f1d8b35e9291b26498f4d38f13c503ab2b1c
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0501/1573501/74ff2f83a4624ed08cb75aee0df90895.jpg
200 OK 3.6 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0501/1573501/74ff2f83a4624ed08cb75aee0df90895.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash a33c9f80610c4f6e45e978dcd0210319
734a3437146025f3d25ef941dd5f9c3596962073
e7e451d1034adc3428a8ded5d25d8eefc88869356036bb7e0fa186b2d32d294e
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0501/1573501/74ff2f83a4624ed08cb75aee0df90895.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3602
access-control-allow-origin: *
awssrv: 05
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Mon, 03 Oct 2022 01:40:52 GMT
etag: A33C9F80610C4F6E45E978DCD0210319
id: 5208
last-modified: Mon, 03 Oct 2022 01:40:52 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0501/1573501/74ff2f83a4624ed08cb75aee0df90895.jpg
requestuid: 80329a98-9b0f-4546-8ab5-0e9084568122
responsecode: 200
responseserver: INFIMGADR00
responsetime: 281
responsetimeex: 281
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ELSSWcfnnSVgd6IOrtjDiCmzu_TClySVZWVNh4CNpezEmAcC6EtKCA==
age: 234148
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0584/1545584/7338a121cc65469384b1425c1c7cd6cc.jpg%3Av%3D1
200 OK 3.3 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0584/1545584/7338a121cc65469384b1425c1c7cd6cc.jpg%3Av%3D1
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash a6dc799c0a6eb46a9cc0924dc27fde17
ba285b1779223b7cdd394f4d264388807844a2a5
ee85da0df5f6c59ea5678362a41c633eb9b4e1e08302597e594bf16a2c48ceef
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0584/1545584/7338a121cc65469384b1425c1c7cd6cc.jpg%3Av%3D1 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3305
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Wed, 05 Oct 2022 17:18:53 GMT
etag: A6DC799C0A6EB46A9CC0924DC27FDE17
id: 3372
last-modified: Wed, 05 Oct 2022 17:18:54 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=AHIP/0584/1545584/7338a121cc65469384b1425c1c7cd6cc.jpg:v=1
requestuid: 8c03d99c-20b4-4fd5-84d6-f5c737a57e63
responsecode: 200
responseserver: INFIMGADR00
responsetime: 110
responsetimeex: 110
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CjQwv9rLOmO3zf98QLQMxmfCztse2zWSKlxkni2FkJqj-mMf8qIs-Q==
age: 5063
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/pure/0.6.0/pure-min.css
200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/pure/0.6.0/pure-min.css
IP
File type ASCII text, with very long lines (17024)
Hash e39dcf5ada32d663e294cf374276da2e
720c9ac3d20c40aebc2478dc5d2630b67a476f1d
978f6635fa33b011d3c78f66f182f55c84999dfce5e7e8eaeb11027ee1f9fb1d
GET /ajax/libs/pure/0.6.0/pure-min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/css; charset=utf-8
content-length: 3459
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fac-4386"
last-modified: Mon, 04 May 2020 16:15:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11486410
expires: Mon, 25 Sep 2023 18:43:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhtxLvcdFPsR8oB%2FPXWq%2BMjemhoOQ2kSvhgvKwcH%2FYyRvYiGZiOVI%2B9oeanbsuTvdN1z8oPOWTRYAepX8iNHxkNmnJQJz4sqUg%2BIquyZoVSoOJJmkJkbJ7bIiWc2vA%2FgXNR26jAj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75584df79a3c0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0447/1568447/fb4a39f924ce4baab40345a7f7417509.jpg
200 OK 4.3 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0447/1568447/fb4a39f924ce4baab40345a7f7417509.jpg
IP
File type JPEG image data, baseline, precision 8, 133x100, components 3\012- data
Hash 1827f191297949413e2d54dfc54f0029
53439bd6fb8ba84976671149f2106bde027ff0b4
3d63ccd340947745e6d6593971d2f2bdfabbf01e8f79c36284cb75a9c3b973df
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0447/1568447/fb4a39f924ce4baab40345a7f7417509.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4262
access-control-allow-origin: *
awssrv: 01
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Fri, 30 Sep 2022 17:29:02 GMT
etag: 1827F191297949413E2D54DFC54F0029
id: 2204
last-modified: Fri, 30 Sep 2022 17:29:03 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0447/1568447/fb4a39f924ce4baab40345a7f7417509.jpg
requestuid: 06f0d9c1-8804-43b0-871f-0a245d050cb8
responsecode: 200
responseserver: INFIMGADR00
responsetime: 2049
responsetimeex: 2049
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Be7pI7f-X46OSXdHHNfXY_zuo8TUgCMjCYaKzLc5hgkei5CqTT6m8A==
age: 436460
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0848/1492848/149284801629918916.jpg
200 OK 3.3 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0848/1492848/149284801629918916.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash 574eb593952df0abc92b3158b5d84335
be6719bf0eee2995464f6bc8992ddddff497b3a6
0d059bd528e5af18322802129104aa41a48c5b91bb9b29ffc37f336f63f2c91c
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0848/1492848/149284801629918916.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3309
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 13:30:04 GMT
etag: 574EB593952DF0ABC92B3158B5D84335
id: 5364
last-modified: Tue, 04 Oct 2022 13:30:04 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=0848/1492848/149284801629918916.jpg
requestuid: 3e35e303-f1ff-4d5a-bbe6-05df7c194353
responsecode: 200
responseserver: INFIMGADR00
responsetime: 500
responsetimeex: 500
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zs43Lg4jJdEYhIsd35GVxzQJ7zjFFXscbWr9eeFxyz43h8yhzVpQXw==
age: 105195
X-Firefox-Spdy: h2
static.pc161021.com/scripts/jquery.cookies-min.js
304 Not Modified 0 B URL HTTP/2 static.pc161021.com/scripts/jquery.cookies-min.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/jquery.cookies-min.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 10 Jul 2017 14:24:11 GMT
If-None-Match: "80f7c73288f9d21:0"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
awssrv: 05
last-modified: Mon, 10 Jul 2017 14:24:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Wed, 05 Oct 2022 11:43:43 GMT
cache-control: max-age=50400, no-cache="set-cookie"
etag: "80f7c73288f9d21:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: euZctqZGwWDVoKqBoguvlIiKfqtzDQ0dtYAhIJLTHFr3CrprMWds7A==
age: 25200
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/StatProvider.js
304 Not Modified 0 B URL HTTP/2 static.pc161021.com/scripts/noui/StatProvider.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/noui/StatProvider.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 24 Mar 2022 13:42:53 GMT
If-None-Match: W/"bb5c91f853fd81:0"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 24 Mar 2022 13:42:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
cache-control: max-age=50400, no-cache="set-cookie"
date: Wed, 05 Oct 2022 08:30:14 GMT
etag: W/"bb5c91f853fd81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EtVYR3WBO9RbPNNZBhLan37ypkORmv-bDjVgvcYck_3qbmbasqEbFw==
age: 36788
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/eventlogger.js
304 Not Modified 0 B URL HTTP/2 static.pc161021.com/scripts/noui/eventlogger.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/noui/eventlogger.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 25 Oct 2018 14:46:36 GMT
If-None-Match: W/"0ae7087716cd41:0"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 25 Oct 2018 14:46:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Wed, 05 Oct 2022 07:59:38 GMT
cache-control: max-age=50400, no-cache="set-cookie"
etag: W/"0ae7087716cd41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Ex1auwAtiXhAzCSOdaKT4Nm1JE4hv2PnNWGUpY-l9hzr0Vaw9u_pQ==
age: 38646
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56e2a7de756f3783ace99cc787db99b2
f0127f5ef24a153a370f4a7a26b891514bc3a52a
fb1e6c6e5d297c003653a02b23c984525ce033283d7c5f97f444d32f9ce16d92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB1E6C6E5D297C003653A02B23C984525CE033283D7C5F97F444D32F9CE16D92"
Last-Modified: Mon, 03 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5262
Expires: Wed, 05 Oct 2022 20:11:26 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56e2a7de756f3783ace99cc787db99b2
f0127f5ef24a153a370f4a7a26b891514bc3a52a
fb1e6c6e5d297c003653a02b23c984525ce033283d7c5f97f444d32f9ce16d92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB1E6C6E5D297C003653A02B23C984525CE033283D7C5F97F444D32F9CE16D92"
Last-Modified: Mon, 03 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5262
Expires: Wed, 05 Oct 2022 20:11:26 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56e2a7de756f3783ace99cc787db99b2
f0127f5ef24a153a370f4a7a26b891514bc3a52a
fb1e6c6e5d297c003653a02b23c984525ce033283d7c5f97f444d32f9ce16d92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB1E6C6E5D297C003653A02B23C984525CE033283D7C5F97F444D32F9CE16D92"
Last-Modified: Mon, 03 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5262
Expires: Wed, 05 Oct 2022 20:11:26 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0175/1545175/946bd473c6d74df4bfb9c3701915b76e.jpg%3Av%3D1
200 OK 5.3 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0175/1545175/946bd473c6d74df4bfb9c3701915b76e.jpg%3Av%3D1
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 133x100, components 3\012- data
Hash 9a52ecdff3423f4fb3598a0b8373e39a
c532978db58cb7bb153982db469ea4e89dd5f5bf
899a9ba8ebdf140feb7bcf544554dbf0bf1aef9251afa513e47fcf10f1b60e1d
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0175/1545175/946bd473c6d74df4bfb9c3701915b76e.jpg%3Av%3D1 HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 5300
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Tue, 04 Oct 2022 23:15:57 GMT
etag: 9A52ECDFF3423F4FB3598A0B8373E39A
id: 6888
last-modified: Tue, 04 Oct 2022 23:15:58 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0175/1545175/946bd473c6d74df4bfb9c3701915b76e.jpg:v=1
requestuid: 7141142f-4cee-40fb-83a8-af22f902499f
responsecode: 200
responseserver: INFIMGADR00
responsetime: 281
responsetimeex: 281
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EdSdu9jCvd-r8msiK_WBPfqEXPHUja_aiSu1aqMis0KK_KrCJMw-lQ==
age: 70041
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/StatProvider.js
304 Not Modified 0 B URL HTTP/2 static.pc161021.com/scripts/noui/StatProvider.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/noui/StatProvider.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 24 Mar 2022 13:42:53 GMT
If-None-Match: W/"bb5c91f853fd81:0"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 24 Mar 2022 13:42:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
cache-control: max-age=50400, no-cache="set-cookie"
date: Wed, 05 Oct 2022 08:30:14 GMT
etag: W/"bb5c91f853fd81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6JzFGjID6g-KZ2VvC4hNITaDaO9OgFv4RwkMgkhxy6AD53mGYDA41A==
age: 36789
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/eventlogger.js
304 Not Modified 0 B URL HTTP/2 static.pc161021.com/scripts/noui/eventlogger.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/noui/eventlogger.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 25 Oct 2018 14:46:36 GMT
If-None-Match: W/"0ae7087716cd41:0"
TE: trailers
HTTP/2 304 Not Modified
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 25 Oct 2018 14:46:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Wed, 05 Oct 2022 07:59:38 GMT
cache-control: max-age=50400, no-cache="set-cookie"
etag: W/"0ae7087716cd41:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEE370fmfNX20SjFc6EBlsyxHaAbHNgqCzXh8xq1U-ulAFnww3LokQ==
age: 38647
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/js/common/jquery.dnxChat.js
200 OK 10 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/js/common/jquery.dnxChat.js
IP
ASN #212882 dnx network sarl
Hash cd4c26cb965ded9369dac637ae0155e3
db5aa38f7bb0205db162f7be328bafb48966bd33
9f2e44d7463f90d10caa5222a5495c830428c1b28197c76cde0e2c6d2941ebf7
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/js/common/jquery.dnxChat.js HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
content-length: 10029
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "bc97-5dee008584e77-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
pt-static5.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v807590.js
200 OK 21 B URL HTTP/2 pt-static5.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v807590.js
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
File type ASCII text, with no line terminators
Hash 01c6e7ecb819ef28b0c9b962513a1596
1a49f493db7b91ed34a7040d36732352b9a5dc39
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
GET /npe/_common/script/adblock/advertisement-v807590.js HTTP/1.1
Host: pt-static5.ptwmstcnt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.protawe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
content-length: 21
last-modified: Wed, 05 Oct 2022 13:56:16 GMT
etag: "633d8d00-15"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/js/common/jquery.timer.js
200 OK 1.4 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/js/common/jquery.timer.js
IP
ASN #212882 dnx network sarl
Hash acfc2055fc82ef471d7ac82963d7e8b4
f6fc83846f894a0111d095e3d9e4ce1944bcde32
ed2a557039b598531d1c9e7315d7eda2ed6e63ca2ed4ebbeab1b056311718214
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/js/common/jquery.timer.js HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
content-length: 1351
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "d42-5dee00854f87c-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/js/common/iphone-inline-video.browser.js
200 OK 1.5 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/js/common/iphone-inline-video.browser.js
IP
ASN #212882 dnx network sarl
File type ASCII text, with very long lines (3545)
Hash 03835ad5325e6f5ac2c079b5e0f3f904
9378312f9a4f94daff6f1fcac0e43513258ee5be
06faf95bb3662e15fb36b19fb883d7a354150600bc636dbfb7e6ed1c878d9795
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/js/common/iphone-inline-video.browser.js HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
content-length: 1526
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "dfb-5dee00854f87c-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/js/lfb/script.js
200 OK 2.9 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/js/lfb/script.js
IP
ASN #212882 dnx network sarl
Hash 4d0a91cecd6c2f2a095d1ed3dbe96e1d
3bcd80b62b446bfc30302296c56e232671b92cb6
ed58fad085e461677a5311233e31bfad7ab6007451ea0393612bedf00cbe1c4d
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/js/lfb/script.js HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
content-length: 2871
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "3543-5dee00855469c-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/css/lfb/style.css
200 OK 2.4 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/css/lfb/style.css
IP
ASN #212882 dnx network sarl
Hash 79a8782d14bc479e7e297f4a13684299
9caad4aec45a09e287eaf6facf3ddd172934be38
d91b80193d034071c20716d25c2dca09baff2879174c545eb13b7a006045bc28
GET /assets/cp/css/lfb/style.css HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/css
content-length: 2371
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "2b68-5dee008537c0e-gzip"
vary: Accept-Encoding
content-encoding: gzip
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
302 Found 138 B URL HTTP/2 www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: www.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/html
content-length: 138
location: https://classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
x-ingress: PROD
X-Firefox-Spdy: h2
www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
302 Found 138 B URL HTTP/2 www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: www.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/html
content-length: 138
location: https://classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
x-ingress: PROD
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 11 kB IP
ASN #20940 Akamai International B.V.
Hash e7295d0265b976388462111bb5bbd042
cbbb9c954670caca2d88f86b72fc750f7505adbd
43f8046925ecc414d282ed6ddf112c83cc2900cbde1f9ca927049892d2def61f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A339348172870CC4576924E5FC4FF4138F5E1045B84BC399BEF3C0E910F3B8E"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15280
Expires: Wed, 05 Oct 2022 22:58:24 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
static-assets.highwebmedia.com/CACHE/css/output.5dda07fbf5a1.css
200 OK 11 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.5dda07fbf5a1.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 65df28d80b765ea529713f23ab81beaa
8852ce146bc1a03df0ee7afacd071eca35461d98
fd91f6506eaaa1821fa411fa20cd9630278f35984f38091a86cb7b4e070a0a25
GET /CACHE/css/output.5dda07fbf5a1.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=81876
etag: W/"f95c479762c736198cf0d4232e7dd852"
last-modified: Mon, 03 Oct 2022 22:40:03 GMT
x-amz-id-2: bd/PsnqtvoJ7x2mXjwGlt1YRYOhnsY6BVYbNPD+PpR2gvI4Y/f12vJReVch48viRGA3hXa/L3Ik=
x-amz-meta-s3cmd-attrs: md5:f95c479762c736198cf0d4232e7dd852
x-amz-request-id: F1KTYC5QTKA3P72Z
cf-cache-status: HIT
age: 158350
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3jRNUe6Rmo6WURZ5QqciluN4r2QspUlcpzTmlTcAkwAHR7cUUyk6exIFi2aU4kuJE7dPvj%2BsQHdgMS2jGoimFd1asTCSpntIOB%2FmdI%2BH2ydcZFweex0sO6Ze9eejodqQgVqXFlISZkXddjVFqDEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df8fd56b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.pcstatic21.com/images/activepage3830_header.png
200 OK 607 B URL HTTP/2 i1.pcstatic21.com/images/activepage3830_header.png
IP
File type PNG image data, 300 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 37e37ca4474ba11997ad9dfa1f444733
78b910b8360205a0713057ce15b91f28574159be
1a27518b240f8ee37497b8352abe6c98ce46aab915ed79833b00a0b00bbf727a
GET /images/activepage3830_header.png HTTP/1.1
Host: i1.pcstatic21.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 607
last-modified: Wed, 01 May 2013 23:01:20 GMT
x-amz-meta-cb-modifiedtime: Wed, 06 Oct 2010 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 18:41:27 GMT
etag: "37e37ca4474ba11997ad9dfa1f444733"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bM7TDEWJZnYMQzMGRoCWo8U_WpFr7Qe_Vb6_m8aoHY8JCCJ1F-sy1A==
age: 35183
X-Firefox-Spdy: h2
www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
302 Found 138 B URL HTTP/2 www.cams.com/images/cams/lib/camslivebanner-1.0.6.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /images/cams/lib/camslivebanner-1.0.6.js HTTP/1.1
Host: www.cams.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/html
content-length: 138
location: https://classic.cams.com/images/cams/lib/camslivebanner-1.0.6.js
x-ingress: PROD
X-Firefox-Spdy: h2
i1.pcstatic21.com/images/activepage3830_tab.png
200 OK 23 kB URL HTTP/2 i1.pcstatic21.com/images/activepage3830_tab.png
IP
Hash 258b8ecff1d1704b3424f372b6852f7f
54bedf65fe926dea65c89fe15eb9409b04a16302
73b20e5866f2c9f5448c1b235260c798bdc434915c21b327ca56c800d2b06bb9
GET /images/activepage3830_tab.png HTTP/1.1
Host: i1.pcstatic21.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 967
last-modified: Wed, 01 May 2013 23:01:21 GMT
x-amz-meta-cb-modifiedtime: Wed, 06 Oct 2010 00:00:00 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 18:41:27 GMT
etag: "857dd409ca8df2b433f55d730148d3c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YkUpw2uobdk4tMfTcsnFZ5x-0zC-oRzN0oD-0O1IO9DI2fMhjgjq-g==
age: 62399
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
200 OK 28 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.e1067846ea15.js
IP
File type ASCII text, with very long lines (1534)
Hash 1b0bc833cc57aa3d606606aee4f5e1e4
6cd84eac17d1b447ad898d3f7645ef6861cdd6bd
ab304a5cdf3648d7ca32f966b04d243ba2b0295c5da182814b01040c92f58b20
GET /CACHE/js/output.e1067846ea15.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=108152
etag: W/"97a23c5e27826ee4bed1dbcfe0601da8"
last-modified: Thu, 24 Jun 2021 21:24:09 GMT
x-amz-id-2: gJdq637yDaGW5b/k/xLZcaVgKR2zPrz11wa1iwf3/kEEAF2JWIngCVC4T9LIrDSnBaklrTBcytM=
x-amz-meta-s3cmd-attrs: md5:97a23c5e27826ee4bed1dbcfe0601da8
x-amz-request-id: C8A0N4S7KE12CYZQ
cf-cache-status: HIT
age: 1545377
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNHutj5OGWrTcUvdprNRGT%2F%2F7X6ew%2BT5CIWNC5831s6%2FhfZj4q15hoE0VHA0mFu2%2FysrCXUsjk3uu%2FmToSUGf2rvnPyoxU0R5%2FKPjUmoiAfX4%2BNtt9tX6q4HqO1RfmuE4MNkkRTaIT%2Bc21JE0qIjEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df8fd5cb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 16 kB IP
ASN #20940 Akamai International B.V.
Hash b09c248e34934f92b5a5f3ae70f5fe2a
bd5771f0c923812b804ac044336ca7b82d1cb913
fa07a976042160e3eee9eaca1813f3e5bbec7048e175d2fdbb28dfc2b32217cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A339348172870CC4576924E5FC4FF4138F5E1045B84BC399BEF3C0E910F3B8E"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15280
Expires: Wed, 05 Oct 2022 22:58:24 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 2.3 kB IP
ASN #20940 Akamai International B.V.
Hash 62e46ab89a5aeef7e8eef591d5c62b45
a9b604aa7926a7b18539506efbdfadec2795d16b
5b2fcbe9432314b6c5f586b3c2a1be3d6aba788555f998e2221655ac2dca358b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A339348172870CC4576924E5FC4FF4138F5E1045B84BC399BEF3C0E910F3B8E"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15280
Expires: Wed, 05 Oct 2022 22:58:24 GMT
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: keep-alive
xcams.images-dnxlive.com/pictures/c154809_picture5fe480c25b503.jpg
200 OK 81 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c154809_picture5fe480c25b503.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash f387dcb93f028bbe1a4b38a183bfefdf
1b42f6f7eef2e86dab22a8b912bc7d79fa03726d
8195387b900e6a86bbc60e31e95f3c35477c2152e6a7079169aaa7ac7b2f8e1c
GET /pictures/c154809_picture5fe480c25b503.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: image/jpeg
content-length: 81014
last-modified: Mon, 22 Feb 2021 15:35:14 GMT
etag: "13c76-5bbee8c4cd5d0"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:44 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/
200 OK 25 B URL HTTP/2 xcams.images-dnxlive.com/
IP
ASN #212882 dnx network sarl
File type ASCII text, with no line terminators
Hash 620ae17467c331d287afe13ec98c8192
bbd1768270faa0c2497f5a17f8fa4fad7aafacaa
d969a5d4ebc5e3230f394280a0288c7abb5cf2e5d0ece77f7264d988ab26e455
GET / HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/html; charset=UTF-8
content-length: 25
vary: Accept-Encoding
content-encoding: gzip
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:44 GMT
x-img-cache: Y
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
IP
File type ASCII text, with very long lines (16704)
Hash d6dbd48e37ff8b7d57c76e98f8ce1c86
b43bd63df3a3412044e963393c460ed304000ee6
f2c903a3fda138ebd465d1f10c8e95bddd1467f958d999bc444a96976f4a80ad
GET /gtm.js?id=GTM-WXTGF28 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.protawe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 18:43:44 GMT
expires: Wed, 05 Oct 2022 18:43:44 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65850
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c202781_picture62c4069d36856.jpg
200 OK 74 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c202781_picture62c4069d36856.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 2a93f0fa5ac53107c35054d869a6a803
c172ad5df4271c3a82f90d420ba0331d47da5725
3b6f3146cab020cdf6b61ad208db3d93c6b36879682d67a4a6a617703d1a79fb
GET /pictures/c202781_picture62c4069d36856.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: image/jpeg
content-length: 73629
last-modified: Tue, 05 Jul 2022 09:38:52 GMT
etag: "11f9d-5e30b9ecef046"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:44 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
a.adtng.com/get/10002811?ata=EliteCamPromos
200 OK 115 kB URL HTTP/2 a.adtng.com/get/10002811?ata=EliteCamPromos
IP
Size 115 kB (114817 bytes)
Hash 61d68f795f49a4878c488564cb9e1cf1
812dbc3857d3920739500e7e3adeaa0f8cbc0241
bab2112fc5d68565e8d4b7aadc2efe1b13a6e0f5e2130e882ced7ee4a72027e2
GET /get/10002811?ata=EliteCamPromos HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KGmM90FuhM3uwrerCAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 633DD05A-42FE72AB01BB5F90-1F568E0
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c203203_picture62ddaf6902545.jpg
200 OK 46 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c203203_picture62ddaf6902545.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash b24ae96d6ddbfe8e96c28bdafa505c3e
3c746c4ea4f8e9abcff04ae944ad15b3528e41fb
4f247dd54452fe8b588c8be711a5b15548249ebf18e5a0c220afae76fdbf8360
GET /pictures/c203203_picture62ddaf6902545.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: image/jpeg
content-length: 46068
last-modified: Sun, 24 Jul 2022 20:45:31 GMT
etag: "b3f4-5e49325f35a11"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:44 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0960/1573960/2ba2daaa31694265b76db245e87e58ba.jpg
200 OK 7.3 kB URL HTTP/2 images.pc161021.com/imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0960/1573960/2ba2daaa31694265b76db245e87e58ba.jpg
IP
File type gzip compressed data, from Unix\012- data
Hash 3d665edbaabf004dc605c4b253cc853e
e888e109773724774b9873f813395eeafe6631fc
76676493e0166cef8f4cf3f34f3fadd8b36c6fc08911f4345bac84861fcabf1c
GET /imagesrv/imp_getimage?qu=77&cctrl=public,max-age%3d2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0960/1573960/2ba2daaa31694265b76db245e87e58ba.jpg HTTP/1.1
Host: images.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4050
access-control-allow-origin: *
awssrv: 03
cache-control: public,max-age=2592000, no-cache="set-cookie"
date: Wed, 28 Sep 2022 13:03:02 GMT
etag: 14C675C40B13790811ED24B83CA5AE85
id: 3372
last-modified: Wed, 28 Sep 2022 13:03:03 GMT
requestparameters: imp_getimage?qu=77&cctrl=public,max-age=2592000&is=IMLFOH&wm=108x90&wi=133&hi=100&fn=ahip/0960/1573960/2ba2daaa31694265b76db245e87e58ba.jpg
requestuid: efa4f75b-ba8f-40af-8000-6de9fe947a39
responsecode: 200
responseserver: INFIMGADR00
responsetime: 359
responsetimeex: 359
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XIbNUL-eWkey0Tf_eyPamSoGDR8QLMGAF0YjOoHYE_sFbhZBXlSxfg==
age: 625222
X-Firefox-Spdy: h2
cdn4.vscdns.com/assets/min/css/icons/icons.css
200 OK 1.7 kB URL HTTP/2 cdn4.vscdns.com/assets/min/css/icons/icons.css
IP
File type ASCII text, with very long lines (6890)
Hash 4591fdc203ad2141e25ec8b5a61dc150
db42e5eb1e764c0593b57dc3f64ec21e122ec8c3
4a3913ae82c87d9b0a558460db679c0d38acd5fbf7d42bc743954cb3adbe0778
GET /assets/min/css/icons/icons.css HTTP/1.1
Host: cdn4.vscdns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.vs3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-type: text/css
x-llid: 912d367d864cbac1fbd6b0a2551ba36d
age: 4911616
date: Wed, 05 Oct 2022 18:43:44 GMT
last-modified: Tue, 29 Jun 2021 11:11:21 GMT
expires: Wed, 09 Aug 2023 22:23:28 GMT
content-length: 1689
X-Firefox-Spdy: h2
m.sancdn.net/common/fontawesome-430/font-awesome.min.css
200 OK 24 kB URL HTTP/1.1 m.sancdn.net/common/fontawesome-430/font-awesome.min.css
IP
File type ASCII text, with very long lines (23523)
Hash 3738ef90dad175977dc8a695809bb71a
98aa676ba7987caa86d49ab1b71f73896d08ad13
c86f7b62a894d5799f1aa0a535efb34ed6f914447f901f1da50c837dee13fa72
GET /common/fontawesome-430/font-awesome.min.css HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: Keep-Alive
ETag: "1422564509"
Cache-Control: max-age=86400
Content-Length: 23685
Content-Type: text/css
Last-Modified: Thu, 29 Jan 2015 20:48:29 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664995424.dop212.sk1.t,1664995424.cds259.sk1.shn,1664995424.dop212.sk1.t,1664995424.cds206.sk1.c
cdn4.vscdns.com/assets/js/lib/hls_js/hls.js-1.2.0/hls.min.js
200 OK 109 kB URL HTTP/2 cdn4.vscdns.com/assets/js/lib/hls_js/hls.js-1.2.0/hls.min.js
IP
Size 109 kB (109011 bytes)
Hash 3681fe8b45a20eca4e75167e1bc95231
b5e8fee974cf3fae382e39d973899c53198ba8ad
7342d912dfccf151f9d7ca988f425a4408937e27bd2c54fbe475b94d7f7166f4
GET /assets/js/lib/hls_js/hls.js-1.2.0/hls.min.js HTTP/1.1
Host: cdn4.vscdns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.vs3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-llid: 52cd8a1e8c2cb396185907ddbfe03f32
age: 4911614
date: Wed, 05 Oct 2022 18:43:44 GMT
last-modified: Wed, 27 Jul 2022 18:32:39 GMT
expires: Wed, 09 Aug 2023 22:23:30 GMT
content-length: 96441
X-Firefox-Spdy: h2
m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
200 OK 20 kB URL HTTP/1.1 m.sancdn.net/jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js
IP
File type HTML document, ASCII text, with very long lines (14756)
Hash 70d492eca4141bdd1452977dd893dd63
9cd9504b3afdeca86a03251591e1afab36ae2c57
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
GET /jquery-plugins/modernizr-2.6.2-respond-1.1.0.min.js HTTP/1.1
Host: m.sancdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 18:43:44 GMT
Connection: Keep-Alive
ETag: "1367368554"
Cache-Control: max-age=86400
Content-Length: 19484
Content-Type: application/javascript
Last-Modified: Wed, 01 May 2013 00:35:54 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1664995424.dop014.sk1.t,1664995424.cds069.sk1.shn,1664995424.cds069.sk1.c
cdn4.vscdns.com/assets/min/css/pcf/purecssframework.css
200 OK 17 kB URL HTTP/2 cdn4.vscdns.com/assets/min/css/pcf/purecssframework.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 45f779129604ea14df2813feab514e29
d3089fe4ed894439f3b986748f53bb761942c7de
a8bf59d9f20e73c2bfd0b0a7dbd7ded415d27f81e65239224c09046169cd40da
GET /assets/min/css/pcf/purecssframework.css HTTP/1.1
Host: cdn4.vscdns.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.vs3.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-type: text/css
x-llid: ca2275a4438f01061bc153007c046ca9
age: 4911606
date: Wed, 05 Oct 2022 18:43:44 GMT
last-modified: Tue, 08 Oct 2019 18:19:40 GMT
expires: Wed, 09 Aug 2023 22:23:38 GMT
content-length: 16953
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 635b79d2bbd2afa7321303c5ab663234
e53c5b1c8a4240e698d720d71f80e803c87fb0dd
15ed9648c085694c77d8dddab1f562e66551fd13d9208b8902fca174b195f789
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:44 GMT
Last-Modified: Wed, 05 Oct 2022 17:59:48 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MLeIYQ5HS3R4fJTvEfp2g2tmNl8FnRP2Je7YT2pK-NNVmAQDSZTNFA==
Age: 2636
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 22207f26d3949d6840a90159fd567319
3738639c145d8b3491081232827da2c3a3604d24
65f1fd92e1ff05a5d067194f6673f4524b3a9dbb7c82c4ded04cf3868bfd6c3b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:44 GMT
Last-Modified: Wed, 05 Oct 2022 17:27:53 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qneFV0obRD15qA6oby0pUwGKSQid1-_CG6PWA333zrKAZ1f6iMAzrA==
Age: 4551
as.sexad.net/px.gif?stno=3-937-streamate.com-0-5104-0-0-3001-5671-10&p=reseller&w=1&h=1&v=5104&adHeight=500&adWidth=1200&niche=gay&adType=live&autoplay=true&hn=streamate.com&AFNO=2-11337&cam=0&adv=0&ctry=NO&lang=en&dev=Other
200 35 B URL HTTP/1.1 as.sexad.net/px.gif?stno=3-937-streamate.com-0-5104-0-0-3001-5671-10&p=reseller&w=1&h=1&v=5104&adHeight=500&adWidth=1200&niche=gay&adType=live&autoplay=true&hn=streamate.com&AFNO=2-11337&cam=0&adv=0&ctry=NO&lang=en&dev=Other
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 729c3007a8ed0597531b0c76d54a94bb
90fe9b8a8142548fdfab29f59cb0a164a0eaef81
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
GET /px.gif?stno=3-937-streamate.com-0-5104-0-0-3001-5671-10&p=reseller&w=1&h=1&v=5104&adHeight=500&adWidth=1200&niche=gay&adType=live&autoplay=true&hn=streamate.com&AFNO=2-11337&cam=0&adv=0&ctry=NO&lang=en&dev=Other HTTP/1.1
Host: as.sexad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/as/if?p=reseller&w=1&h=1&v=5104&adHeight=500&adWidth=1200&niche=gay&adType=live&autoplay=true&hn=streamate.com&AFNO=2-11337
Cookie: iid=7289-1664995423
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200
Server: nginx/1.18.0
Date: Wed, 05 Oct 2022 18:43:44 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Access-Control-Allow-Origin: *
Set-Cookie: ust=1664995424; expires=Sat, 02-Oct-2032 18:43:44 GMT; Max-Age=315360000; path=/; secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="This is not our comprehensive privacy policy (P3P). For complete information, please see http://streamate.com/privacy.html"
static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
200 OK 51 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.1486cd5aa4f0.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 443a4bf75f0cf4a44b3125c48a5cbfac
c4e654f8361c10741ce9fcc91ac0848814aeb7cc
b99c597ef385bbd1e27b03df5b482cf66751ffeb6304f9125a5eff9c9df023fe
GET /CACHE/js/output.1486cd5aa4f0.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=117895
etag: W/"eb2259ff6dbd950ae158f73065752aa1"
last-modified: Thu, 21 Oct 2021 18:11:54 GMT
x-amz-id-2: k6NhlyRh+XXZM7+pSOMylQwAMSlxLRy7teDHalfRWz7mnIIf6Ig6amIFaKAolUjBHmL3PkEkULk=
x-amz-meta-s3cmd-attrs: md5:eb2259ff6dbd950ae158f73065752aa1
x-amz-request-id: FHZ86T60E9WK32PB
cf-cache-status: HIT
age: 76214
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFjkcL693YVbRnrsV2w9nJa37lclPeB2a8Pjlr1JmFiYGnogKYL5s7aadRqfvG7SpspGi%2BqM6ymyFgm2RgFIanTCiL5TmrOAzm3XJv0K63Fn1nybVswJxhtdbFKfzP%2Bm0eJQhOXIeBChqx2vEAqxHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df97e2fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sqs.us-east-1.amazonaws.com/
200 OK 378 B URL HTTP/1.1 sqs.us-east-1.amazonaws.com/
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (378), with no line terminators
Hash 62fb5732d47a3f36e610ff721cc7fbb3
a0a855024b5776401bf62e898ab85c06d15f7f66
72ba050cfb01ee934407ed8185d6e1e186311a2f8c19738c05d41b8cf1308458
POST / HTTP/1.1
Host: sqs.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1186
Origin: https://pc180101.com
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amzn-RequestId: 5f01341f-63a9-59da-b760-6fa8b1099e16
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Wed, 05 Oct 2022 18:43:45 GMT
Content-Type: text/xml
Content-Length: 378
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 54c0865c8ed427b28302ebf739b1a3c6
6253ed7159d51ea0b59e259f978ec4479efb2edf
9253bea0a157f6725a1ae7846e616709e3fe08e3ef01f5f24a549f7e0b1a25ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 18:43:45 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: on6SR7O0zg6duDQ7FQkkglzCJeW-jVCLDeSZZSelMekPaTTj8uNhJA==
xcams.images-dnxlive.com/pictures/c115368_picture620bbd61de8ad.jpg
200 OK 75 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c115368_picture620bbd61de8ad.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash f86dafb10f56f3f32bc77cc115171c58
19f8bc8a8257781cbe9d3378616d03bbf872c11a
21a5204b70602ce04740aee4f769c82f1c09c0d5fb8448fed7f572ea465d6b32
GET /pictures/c115368_picture620bbd61de8ad.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 74988
last-modified: Tue, 15 Feb 2022 14:49:25 GMT
etag: "124ec-5d80fa3aeb6d6"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
m1.nsimg.net//media/8/7/5/8758969.jpg
200 OK 13 kB URL HTTP/1.1 m1.nsimg.net//media/8/7/5/8758969.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Hash 09ecf82eda7fa24d63b0d8afeab537a0
63f4774b15e510f5fc1283be8a32a931167a7a26
4e325202a9a92338e28e9f40492bf0c187c16611e262f333429c7dbef5437c23
GET //media/8/7/5/8758969.jpg HTTP/1.1
Host: m1.nsimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Oct 2022 18:43:45 GMT
Content-Type: image/jpeg
Content-Length: 13420
Connection: keep-alive
Last-Modified: Wed, 25 Sep 2019 09:24:18 GMT
ETag: "5d8b3242-346c"
Expires: Wed, 06 Sep 2023 15:06:25 GMT
Cache-Control: max-age=31536000
X-Varnish: 225682349 133547116
Age: 2518408
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
xcams.images-dnxlive.com/pictures/c44704_picture62bd241160b26.jpg
200 OK 79 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c44704_picture62bd241160b26.jpg
IP
ASN #212882 dnx network sarl
Hash 2a3698f446260c241e726c584af375f4
b67ee15155138a39017563aebbf7e724395b37f0
de7f7c6c200f590a6753a9bf57fc9e184f9c108cd4cf96d125abf51cea546bbe
GET /pictures/c44704_picture62bd241160b26.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 63657
last-modified: Thu, 30 Jun 2022 04:18:29 GMT
etag: "f8a9-5e2a28fdc6873"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c108966_picture601ec1adac211.jpg
200 OK 44 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c108966_picture601ec1adac211.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash a77f35df10d1f04b78c013abd5f99fb1
10eb87ef4e090e2237a8bb3017eb5d7c01c00a99
50a43ae5c3c7c051b1dc704065de3d91c2c2cff8041b6df91bbc7d02e6d015f3
GET /pictures/c108966_picture601ec1adac211.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 44322
last-modified: Tue, 23 Feb 2021 08:27:58 GMT
etag: "ad22-5bbfcb22157ce"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
200 OK 107 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.bc85e791cb2f.js
IP
File type Unicode text, UTF-8 text, with very long lines (65328)
Size 107 kB (106892 bytes)
Hash 6b9d49796526e1892fde1be276356a7d
9b5c3bf5f1ba86ca6014f0560d975545fe946ced
523297f79b0bcb5afb31a0b78f8c2f1d9d80b42ad964e42eafcd7697a1415962
GET /CACHE/js/output.bc85e791cb2f.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=202270
etag: W/"7d90e856406997eee24123ea8a61c92d"
last-modified: Fri, 10 Sep 2021 01:29:44 GMT
x-amz-id-2: HJqgrzmpP8NIgQA+YW8wx4YmDeOFkE860/zZrYgEfEOOhSRenFjn4mxx7ChaQYvyWjZAxImMIY8=
x-amz-meta-s3cmd-attrs: md5:7d90e856406997eee24123ea8a61c92d
x-amz-request-id: EVKN10SQAKNB8VZG
cf-cache-status: HIT
age: 68999
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuqZmeYgJlJfXo%2BuNjaCBHBvFnq%2Blly5okeZ50Nv7J0F%2FO%2B%2B8gy6MWbo8VhsoYhLyzo9LzNVgDBSvCnhutksRxVnTI1sj%2FhMU%2BIqyK%2Bsg99yMAOSxDM19jqyLBhPUzKqsOMl%2BGlgrLQC33YillqVXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df92d9fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c209630_picture6335498862602.jpg
200 OK 70 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c209630_picture6335498862602.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 8624f6f3c9fee3ee00814ce21da7b811
3341fcc50dcd64aad5a2cc7db21ebbffa635a7df
f81d40c75319af18a737f7f553ca41fe7766a97d4dace913dd225796daec1293
GET /pictures/c209630_picture6335498862602.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 69556
last-modified: Thu, 29 Sep 2022 07:30:41 GMT
etag: "10fb4-5e9cbdac38c7c"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c209649_picture6335513685c7f.jpg
200 OK 90 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c209649_picture6335513685c7f.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 71df4841fe6cf6cbe5a7edbd6ecac1c5
e9aea05686c51e7ebbfd78d73a87794e4e344b48
438f8dcffd1396f329413a6b014faedf6c2cee0d8280bd3da481dcb11994999b
GET /pictures/c209649_picture6335513685c7f.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 89807
last-modified: Thu, 29 Sep 2022 08:03:10 GMT
etag: "15ecf-5e9cc4eef2c54"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c19315_picture5d6508399f6a0.jpg
200 OK 47 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c19315_picture5d6508399f6a0.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash aeebe26297661ddbeb34c1cc419a3dea
ce8c40f3d029b3e3bf0e1712c0a6d5aab1c8d3a3
c994bc15be0a03e9a444198e04302a7fc15bdcbe07eabc8f30ebd288644b7c21
GET /pictures/c19315_picture5d6508399f6a0.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 46657
last-modified: Mon, 22 Feb 2021 14:53:32 GMT
etag: "b641-5bbedf73793f0"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c75766_picture556f400b46cbf.jpg
200 OK 31 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c75766_picture556f400b46cbf.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 360x480, components 3\012- data
Hash 54b7ce64453a368ee1235493294668c3
86cedc5f6172fd4d128421f530e814c27e2fbd57
2e1bb4545e4501491aa119a88647748877311955a8582848a631546daacb8119
GET /pictures/c75766_picture556f400b46cbf.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 30960
last-modified: Mon, 22 Feb 2021 14:05:53 GMT
etag: "78f0-5bbed4cc4e020"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c118361_picture5b82cdd892c25.jpg
200 OK 50 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c118361_picture5b82cdd892c25.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 5f7b3b136ff12579205c707d33d078ba
db233501df2a69934baf91b5855dad57ed80b183
dfb98c21755769f21d716d2711b81ef82e97786ffb00694eb33604db25e71c96
GET /pictures/c118361_picture5b82cdd892c25.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 50335
last-modified: Mon, 22 Feb 2021 14:32:10 GMT
etag: "c49f-5bbedaac3744c"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c166242_picture607e98a5bf5ea.jpg
200 OK 40 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c166242_picture607e98a5bf5ea.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 4cf2e359fe3266398f6c9f780eb5f99f
897af3dc19d5839a445359271731eb4870da210a
78a805b2fb023e59cb963887ad43a2df6346a2dd0dd63c5734d1fa31cd6e91de
GET /pictures/c166242_picture607e98a5bf5ea.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 39845
last-modified: Tue, 20 Apr 2021 09:02:46 GMT
etag: "9ba5-5c063b5b36762"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
200 OK 16 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.caee332d326d.js
IP
File type ASCII text, with very long lines (1105)
Hash 1716f85bb0111c8a0f8cb86d424bebe8
1dd8f1cebdcd398e9bd5e77dbba1677a548bf677
110734854eba68d5e2ed5f9d4de234503ceefcd17853ea3f268a8fb946758422
GET /CACHE/js/output.caee332d326d.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"b61e15511bf0db70d0d422e98c465403"
last-modified: Thu, 24 Jun 2021 21:24:08 GMT
x-amz-id-2: gAJe87IyJM0OkbaBgua73HTcoEANURYYk4wpsNNClr414DBIRL/v+K+9hxRFHrgcwnw38qlmXmM=
x-amz-meta-s3cmd-attrs: md5:b61e15511bf0db70d0d422e98c465403
x-amz-request-id: 2D5TZ021KE4200HB
cf-cache-status: HIT
age: 1545383
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuuHXkBlBeLUWFtQP1QMHUbAmwUoAl%2FVBiso68I%2FIuuYffRMaC27IP5hOMRI9o5GnCz0FF4l9ZxjwX8D5JQqTu8Xbx8ezoChQQIKzEQ6TOtXwKX%2FHu%2BxGgD6xUKXnJD6n475N%2F4yTaXTAZdMLfOldA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df97e30b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aweproto.com/embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
200 OK 281 kB URL HTTP/2 aweproto.com/embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Size 281 kB (281312 bytes)
Hash ce7940cc93d1cefa8942815f9c25ed77
ea0b87d1ff1af4a8fd721614dcd4328bf1f6e691
4f53cafe419bef29f15a0ebad33c086a70869bf72f9a60c1e8369427baa80853
GET /embed/lf?c=object_container&site=lsa&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=boy&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1
Host: aweproto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:38 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:38 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c172989_picture60ebbebb9f6e4.jpg
200 OK 62 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c172989_picture60ebbebb9f6e4.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash c0655cb646d437edc2e9e9a5bba26c8b
dbb875c4e93bdc02271b1b466353bab4e88c474a
196a63f2718c5b6a764c12e924e23574ac63f1469657dd410a31d23463a2686f
GET /pictures/c172989_picture60ebbebb9f6e4.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 61488
last-modified: Mon, 12 Jul 2021 04:02:30 GMT
etag: "f030-5c6e530b6ede2"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c209388_picture6332dff9292d4.jpg
200 OK 80 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c209388_picture6332dff9292d4.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 272dcd0fb49759d7b416e2b42c38f6d7
79903356fc4ea17c07c4a134e7e1c2af42344c22
e574ac660b4258ddfec32fac27d4592aa15a75b91b52996fde5a8475319a49d7
GET /pictures/c209388_picture6332dff9292d4.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 80421
last-modified: Tue, 27 Sep 2022 11:35:29 GMT
etag: "13a25-5e9a70a8ec3ac"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c209657_picture633591d8c77b5.jpg
200 OK 76 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c209657_picture633591d8c77b5.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash be501ca4f924810e3e77ab90f9ec77ff
0cce48526962537898a9588faecff6bf6bd132e0
14170df5dfa44b1d94add2b2e53623ec911df269f6603a195af72957bc21b1ca
GET /pictures/c209657_picture633591d8c77b5.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 76462
last-modified: Thu, 29 Sep 2022 12:39:13 GMT
etag: "12aae-5e9d02a2bfbd1"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c207471_picture63170aa948bed.jpg
200 OK 70 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c207471_picture63170aa948bed.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 97b59e879cb853f3b58ff942f91d80c0
f6a7dc07076bf16eecf76a31f4541f6bab1c1091
0371a86a149c6c50e98b664602b8c1dff5ac3b39f18425517d6db663c5c5b0d5
GET /pictures/c207471_picture63170aa948bed.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 69714
last-modified: Tue, 06 Sep 2022 08:54:06 GMT
etag: "11052-5e7fe56b67bd6"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
go.strpjmp.com/config?url=https%3A%2F%2Fcreative.strpjmp.com%2Fwidgets%2Fv3.html%23namespace%3Dmen%252Fgays%26cols%3D1%26rows%3D1%26margin%3D0%26refreshRate%3D60%26width%3D500%26height%3D300%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D77bec363d01038a28c101db57a3c436d4b72a4a315049406ee0ef1455119a8fc
200 OK 92 kB URL HTTP/2 go.strpjmp.com/config?url=https%3A%2F%2Fcreative.strpjmp.com%2Fwidgets%2Fv3.html%23namespace%3Dmen%252Fgays%26cols%3D1%26rows%3D1%26margin%3D0%26refreshRate%3D60%26width%3D500%26height%3D300%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D77bec363d01038a28c101db57a3c436d4b72a4a315049406ee0ef1455119a8fc
IP
File type JSON data\012- , ASCII text
Hash 8e556a06115153b94fda6cc15ac93225
b4f53b405d2ac645d785b90bf77340d4d10575d5
ea21e163f6e7500dbc0624fe95fe5ff8ab0066d94798a3d95f90cab7f7e5f5f8
GET /config?url=https%3A%2F%2Fcreative.strpjmp.com%2Fwidgets%2Fv3.html%23namespace%3Dmen%252Fgays%26cols%3D1%26rows%3D1%26margin%3D0%26refreshRate%3D60%26width%3D500%26height%3D300%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D77bec363d01038a28c101db57a3c436d4b72a4a315049406ee0ef1455119a8fc HTTP/1.1
Host: go.strpjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.strpjmp.com/
Origin: https://creative.strpjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: application/json
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXzzPUrWRuAm6eFS8Rw%2FglHI7Cb4%2BaNpSbfvDB9BZnIcGVnNMiA0fQdDvBZ2T80emIQupMbxKRpt2q4lB8qbzJapVUcBa6eRzl3z6maShCaUvi4VjXxMKX7%2FckxT%2FEoxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584e0008c8b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c208605_picture6324980c51302.jpg
200 OK 73 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c208605_picture6324980c51302.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash 6bd83a444147af7ff3eeaeae14e9c770
5d542178f35c9c6b1785529397db3450f666eaa0
fad4edb4b02c0319a5face6d1df559db74c19afd575326f8d78503fdf89772db
GET /pictures/c208605_picture6324980c51302.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 73090
last-modified: Fri, 16 Sep 2022 15:37:00 GMT
etag: "11d82-5e8cd22098737"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c110725_picture5c8a280902ba9.jpg
200 OK 88 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c110725_picture5c8a280902ba9.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Hash fb82efdc980c46daac2590da58d3fb0d
2c5c28b8c771ac88da7bc17ab75b8cdda9ca2000
441c9033bbc0aa8f2a783b38a396f3be8bb3d06943e3f59edd891260027aee92
GET /pictures/c110725_picture5c8a280902ba9.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 87527
last-modified: Mon, 22 Feb 2021 14:44:49 GMT
etag: "155e7-5bbedd8092f41"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
xcams.images-dnxlive.com/pictures/c165954_picture607f5e45bde62.jpg
200 OK 117 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c165954_picture607f5e45bde62.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Size 117 kB (116880 bytes)
Hash e454b54266a87db941e4ef409c90babb
83a4c1de2a4e48967df71e0c95ee6d85300f1ffe
e4c30f09599d3ff7006039a5633f1976db3869ad20158476739842ca851db576
GET /pictures/c165954_picture607f5e45bde62.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 116880
last-modified: Tue, 20 Apr 2021 23:06:04 GMT
etag: "1c890-5c06f7d935b0d"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
m1.nsimg.net//media/1/3/3/13320433.jpg
200 OK 18 kB URL HTTP/1.1 m1.nsimg.net//media/1/3/3/13320433.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 320x240, components 3\012- data
Hash 078f37c83e87b93a2e34f1d41db4feb5
f7fa5b077a8603c2f40211587149191d83aef319
fc9d95e39cb723fb461e443ac4c27275fc228ddbb4f29331ae44fa1f565e02f9
GET //media/1/3/3/13320433.jpg HTTP/1.1
Host: m1.nsimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Oct 2022 18:43:45 GMT
Content-Type: image/jpeg
Content-Length: 18425
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:18:10 GMT
ETag: "63314422-47f9"
Expires: Wed, 27 Sep 2023 03:07:05 GMT
Cache-Control: max-age=31536000
X-Varnish: 305613925 278745043
Age: 745386
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
xcams.images-dnxlive.com/pictures/c208294_picture6320ca6437668.jpg
200 OK 156 kB URL HTTP/2 xcams.images-dnxlive.com/pictures/c208294_picture6320ca6437668.jpg
IP
ASN #212882 dnx network sarl
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x480, components 3\012- data
Size 156 kB (155767 bytes)
Hash 8c6721dc21a24b8a99a04ffcbd75d99e
11601629e985ab63e2a544066710f4bb9405043d
741d30afd59ac7661f99ed3f2b8953f5d5e262aeb742071c4ee4a46b1598277b
GET /pictures/c208294_picture6320ca6437668.jpg HTTP/1.1
Host: xcams.images-dnxlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bugleczmoidgxo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/jpeg
content-length: 155767
last-modified: Tue, 13 Sep 2022 18:22:56 GMT
etag: "26077-5e89319ecac01"
server: AdvancedTurboProxy
x-forwarded-proto: https
cache-control: max-age=3600
expires: Wed, 05 Oct 2022 19:43:45 GMT
x-img-cache: Y
accept-ranges: bytes
X-Firefox-Spdy: h2
pt-static4.ptwmstcnt.com/npe/cifra/script/cifrafk-v807590.js
200 OK 132 kB URL HTTP/2 pt-static4.ptwmstcnt.com/npe/cifra/script/cifrafk-v807590.js
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
Size 132 kB (132176 bytes)
Hash 4fe6182a01ec133fb6b557c20c81ec37
47f4e3e622de1c760b7c03e7d07411c6e7449820
38decc0b3bf9adbfb1ea6c9b5e7093d6fc93e8908fb58096db67281a01ce1897
GET /npe/cifra/script/cifrafk-v807590.js HTTP/1.1
Host: pt-static4.ptwmstcnt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.protawe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:56:17 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"633d8d01-4ff4f"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 21 kB URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
Hash bdce73b5fc7bc50a94597a69540b4359
d63823a6a89d01e9837e85c8af3bd09676719fc8
ec7208a50395d3da226aea95c595686e04101e27cbc54103b1c2dbbc9ff59f32
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
200 OK 253 kB URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.97a5db11ca63.js
IP
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 253 kB (253424 bytes)
Hash b35a7865221b88d70aa61e6a2a062756
f8ebc7bf786be872f5950491638b41be016bab98
77ef059a11fddc3728b449eeb61450193e838da0ad2db1c2f5360185331cfb01
GET /CACHE/js/output.97a5db11ca63.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=827275
etag: W/"692ec922d2a39b4037073f70286968b3"
last-modified: Fri, 13 May 2022 09:09:46 GMT
x-amz-id-2: VZ8ol5gj9DR4cR1Ys+gd3EdgeEH8vduV/GWCX0hMYtqbtTyLc8wtgelbUHUwXR/km7ekid2PJdA=
x-amz-meta-s3cmd-attrs: md5:692ec922d2a39b4037073f70286968b3
x-amz-request-id: WKBNH94P832M1DR9
cf-cache-status: HIT
age: 2193905
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELIe7%2BbqQaQL9WSSz8bIOlqap0qORtXyQ%2BXw93Q8DXd8JPgUmw2tZBW%2B%2BqnRDhsFk7BiSscKxGYpR7ZsS3iBFCPzaxFct4dfASY6eMPeZuK5iFBTFjL%2F8dEA5Bf60o9ASpeuqPokVyIMaVBf0j3OJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df8fd5db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/img/lfb/xcams_white.svg
200 OK 4.9 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/img/lfb/xcams_white.svg
IP
ASN #212882 dnx network sarl
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c38ae4e7d17a42ef99f9a0fca484efa6
ea543a6801e522e0ddf0d97c21164abaf97dde71
ebda51b65bfe7f285a1843c0908708cf783a904d165a09d15ee00a65e7697b4b
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/img/lfb/xcams_white.svg HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/svg+xml
content-length: 4900
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "1324-5dee00854d93c"
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/img/lfb/sound_on.svg
200 OK 1.4 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/img/lfb/sound_on.svg
IP
ASN #212882 dnx network sarl
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e0a5ec98befc0928bcdd4bfc220f12cd
106da0b4fcb94cecb8a0c7ec00ed8ecba51aabe3
b8dab7b402f8fb4aa8dcc0864d581695644c533d72c57d077398265fdbe8639c
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/img/lfb/sound_on.svg HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/svg+xml
content-length: 1357
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "54d-5dee008581f97"
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
hl.pc161021.com/js/8.js?anc=510&_=1664995425207
200 OK 10 kB URL HTTP/2 hl.pc161021.com/js/8.js?anc=510&_=1664995425207
IP
File type ASCII text, with very long lines (1580), with CRLF line terminators
Hash 07f816652a3b19bd8f04818678c1f4bf
d680004bc0658886a11ff87e0811ccacb3d641fd
b8b5b55735b3e7560fc1b098ea92193b59fe7e501bf8e53b3a80a33e5e98433a
GET /js/8.js?anc=510&_=1664995425207 HTTP/1.1
Host: hl.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: application/javascript
content-length: 10208
server: nginx/1.20.2
last-modified: Wed, 05 Oct 2022 18:43:32 GMT
vary: Accept-Encoding
etag: "633dd054-27e0"
content-encoding: gzip
x-name: ngA1
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/img/lfb/sound_off.svg
200 OK 1.4 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/img/lfb/sound_off.svg
IP
ASN #212882 dnx network sarl
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cff4d2459be9f563a1401f3349b2bf83
525a19fddff63b67442ef06d383db378d1b0e0f3
5b7f77cf946942c1fb7e61bfe32a2d99adcda1f2a4c5f129880694546b485141
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/img/lfb/sound_off.svg HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/svg+xml
content-length: 1392
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "570-5dee00854c99c"
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
hl.pc161021.com/js/8.js?anc=547&_=1664995425278
200 OK 10 kB URL HTTP/2 hl.pc161021.com/js/8.js?anc=547&_=1664995425278
IP
File type ASCII text, with very long lines (1580), with CRLF line terminators
Hash 91b1d2a2579e5e55ef54a9aa985d6bf0
8f4ab723ec312ebb8c896ed2d8c00705efe97430
2c203bf00852bc36605279653227af9870b6ed135ef559f2f3a8f83dda339564
GET /js/8.js?anc=547&_=1664995425278 HTTP/1.1
Host: hl.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: application/javascript
content-length: 10197
server: nginx/1.20.2
last-modified: Wed, 05 Oct 2022 18:43:32 GMT
vary: Accept-Encoding
etag: "633dd054-27d5"
content-encoding: gzip
x-name: ngA2
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.lexozfldkklgvc.com/assets/cp/img/lfb/loader_x_wl.svg
200 OK 32 kB URL HTTP/2 www.lexozfldkklgvc.com/assets/cp/img/lfb/loader_x_wl.svg
IP
ASN #212882 dnx network sarl
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 19ce291633d64ff161095b2cadc96302
a64a5c41bf49db3c1d6883eb5cfcd1441ab638a0
e94015a33117c5f9753a2c8a66476666c8d9578d3e1df0b08815d7326462ba13
Analyzer Verdict Alert fortinet Phishing
GET /assets/cp/img/lfb/loader_x_wl.svg HTTP/1.1
Host: www.lexozfldkklgvc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lexozfldkklgvc.com/cp/lfb/index.php?submitconfig=0&promo=xcams&product_id=3&subid1=&subid2=&wl_cf1=&brand=xcams&ur=aHR0cHM6Ly93d3cueGNhbXMuY29t&cf0=pc2&cf2=&cfsa2=&li=1&lia=1&lg=1&use_lg=1&sound=0&btn=0&ctac=A80293&ctatc=FFFFFF&ctarc=C60AC2&ctartc=FFFFFF&ctacc=FFD300&ctactc=121019&ct=eyJlbiI6IkNoYXQgbm93ISIsImZyIjoiVGNoYXRlciAhIiwiZGUiOiJKZXR6dCBjaGF0dGVuISIsIm5sIjoiQ2hhdCBudSEiLCJlcyI6Ilx1MDBhMWNoYXRlYXIhIiwiaXQiOiJDaGF0dGFyZSEifQ%3D%3D&modelSex=M&modelLanguage=EN&modelAge=18%2A60&fi=0&comfrom=932931
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:45 GMT
content-type: image/svg+xml
content-length: 31611
last-modified: Fri, 13 May 2022 07:57:57 GMT
etag: "7b7b-5dee00854c99c"
server: TurboProxy
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3de74da8-9c15-4010-a6fb-c1e0b5fd8804.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3de74da8-9c15-4010-a6fb-c1e0b5fd8804.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42ab91a02aa34dbcc6d56e75fd0d7fc5
32a3ebb440b3d770c446bef75c39ce788ffeb034
397373a17846231eb149c3a207574b79c5ca6c7832ffd48da9c8f1e8e0aa9f69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3de74da8-9c15-4010-a6fb-c1e0b5fd8804.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13615
x-amzn-requestid: 6635532f-5d43-42e5-9dbe-5079ac7be2d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJdwFpLIAMF67Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55f1-464bb65c46245f634944dfe6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xRVEEqZk2DyTmLLfzyBu48EO2agvkzqc00YJI4zDIQXTHOsd8niY3A==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 18:59:44 GMT
etag: "32a3ebb440b3d770c446bef75c39ce788ffeb034"
content-type: image/jpeg
age: 85441
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.9b823bb2f723.js
IP
GET /CACHE/js/output.9b823bb2f723.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"1360376b8f5657814f662391b765d655"
last-modified: Tue, 24 May 2022 17:14:17 GMT
x-amz-id-2: KTWJY/HCZAzfCN7zvoTtoCRDkjCDtsx43npe+RSp0Ebo2HF6WHgess4Ct9QL7Zi8XExzaRuhmCw=
x-amz-meta-s3cmd-attrs: md5:1360376b8f5657814f662391b765d655
x-amz-request-id: M1HHWCFNA8C6CV81
cf-cache-status: HIT
age: 68998
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWbjisuvssX%2B4yPU1OANPhxLuntztwT5MDoMzbq5Hh35fpyPKMTQa8e6SMg7I8rpY9ipJQYTEdBKl%2Bb00Z142iE6XEQG8JN6lFLQPXOxf6psHb2440eU%2Bow9Zvgp7wv%2FNgpMMwZDg%2Bki%2B%2BoejyiTgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df8fd5ab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.cbmiocw.com/cams_widget_css.css?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs%3B0%2Fhtml.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_xlovegayblog.blogspot.com%3BBLOC_CamsWidget
200 OK 0 B URL HTTP/2 www.cbmiocw.com/cams_widget_css.css?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs%3B0%2Fhtml.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_xlovegayblog.blogspot.com%3BBLOC_CamsWidget
IP
GET /cams_widget_css.css?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs%3B0%2Fhtml.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&fileID=undefined&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=%5B%5D&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_xlovegayblog.blogspot.com%3BBLOC_CamsWidget HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cbmiocw.com/?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-6f151e82fc8d7bf5a6665db89879c3a6-e542358c72582288-00
content-encoding: gzip
X-Firefox-Spdy: h2
static.pc161021.com/scripts/noui/StatProvider.js
200 OK 0 B URL HTTP/2 static.pc161021.com/scripts/noui/StatProvider.js
IP
GET /scripts/noui/StatProvider.js HTTP/1.1
Host: static.pc161021.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
awssrv: 01
last-modified: Thu, 24 Mar 2022 13:42:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-encoding: gzip
cache-control: max-age=50400, no-cache="set-cookie"
date: Wed, 05 Oct 2022 08:30:14 GMT
etag: W/"bb5c91f853fd81:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qTVmbkQqTzdwVZVO3iVtgB8qCSn-Q8PacGHIOM4-Dxtb-T9NAqFWSw==
age: 36788
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/js/output.09a0bf741d47.js
IP
GET /CACHE/js/output.09a0bf741d47.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
etag: W/"bb81bca2482741d6c4dcf148cb33a79d"
last-modified: Wed, 17 Aug 2022 00:26:59 GMT
x-amz-id-2: 3dz298/kgeP1Pq/aBz8wop8Gas15qR9oG1wjU5FgYthy7g6Z9MZpPydhaAydlHaKkHGU8KIJbDw=
x-amz-meta-s3cmd-attrs: md5:bb81bca2482741d6c4dcf148cb33a79d
x-amz-request-id: RGGA1ZRYYYSSRXHH
cf-cache-status: HIT
age: 1707210
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5R4bfdshQH%2FOeAO1vsLY%2B7Db2t5RmMR700CQtuOSIRzGNqhGLZTPN%2BXYrp4fA4ZMcWwHnWURLsVAw%2FBPYklyN4demv9NpXLT%2BU2hpnkZOSkBd923nA%2BluoTaeBmXoQB0kF5aGvzMFulTgEgssRlAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df8fd5eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cbmiocw.com/script?providers=bongacash&genders=c%2Cff%2Cmf%2Cg&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&showOnline=0&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&AuxiliaryCSS=.cw-info-ctn%7B%0A%20%20display%3A%20%20none%3B%0A%7D&token=38758730-49a5-11eb-a165-17a4dc8b58f5
200 OK 0 B URL HTTP/2 www.cbmiocw.com/script?providers=bongacash&genders=c%2Cff%2Cmf%2Cg&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&showOnline=0&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&AuxiliaryCSS=.cw-info-ctn%7B%0A%20%20display%3A%20%20none%3B%0A%7D&token=38758730-49a5-11eb-a165-17a4dc8b58f5
IP
GET /script?providers=bongacash&genders=c%2Cff%2Cmf%2Cg&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&showOnline=0&infoTopLeftContent=-&infoTopRightContent=-&infoBottomLeftContent=-&infoBottomRightContent=-&AuxiliaryCSS=.cw-info-ctn%7B%0A%20%20display%3A%20%20none%3B%0A%7D&token=38758730-49a5-11eb-a165-17a4dc8b58f5 HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-f3af1d61e1fb39fa6714c736134072ae-a0b00c4a74840450-00
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.cbmiocw.com/?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget
200 OK 0 B URL HTTP/2 www.cbmiocw.com/?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget
IP
GET /?skin=1&verticalSpace=10px&horizontalSpace=10px&infoTopLeftContent=name&infoTopRightContent=gender,age,room_subject&infoBottomLeftContent=-&infoBottomRightContent=-&infoWritePos=after&infoPos=inside&infoBackgroundColor=rgba(0,%200,%200,%20.6)&infoTextColor=%23fff&infoHeight=1.2em&infoTopWritePos=after&infoTopPos=outside&infoTopBackgroundColor=%23000&infoTopTextColor=%23fff&infoTopHeight=68px&infoTopLineHeight=50px&infoBottomWritePos=after&infoBottomPos=inside&infoBottomBackgroundColor=rgba(0,%200,%200,%20.6)&infoBottomTextColor=%23fff&infoBottomHeight=1.2em&infoBottomLineHeight=1.2em&fontFamily=sans-serif&fontFamilyQuery=&fontSize=15px&showOnline=true&background=transparent&ratio=1.7777&targetResponsiveWidth=300&thumbsWidth=&thumbsHeight=&containerAlignment=center&iframeWidth=500px&iframeHeight=300px&cardsBorderTop=0px&cardsBorderLeft=0px&cardsBorderRight=0px&cardsBorderBottom=0px&cardsBorderRadius=7px&cardsBorderColor=%23000&thumbsBorderTop=0px&thumbsBorderLeft=0px&thumbsBorderRight=0px&thumbsBorderBottom=0px&thumbsBorderRadius=0px&thumbsBorderColor=%23000&CTAContent=FREE%20VIDEO%20CHAT&CTABottom=10px&CTABackground=linear-gradient(%2350d350,%20%2300bd00,%20%23008d00)&CTAColor=%23fff&CTABackgroundHover=linear-gradient(%2350d350,%20%2300bd00,%20%2300bd00)&CTAColorHover=&CTABorderRadius=3px&CTAWidth=calc(100%25%20-%2070px)&CTAHeight=36px&CTAFontSize=15px&CTAFontWeight=700&genderStyle=long&bubblePos=0.75&desktopsz=60&tabletsz=60&mobilesz=60&desktopy=-1&tablety=0.75&mobiley=0.75&canHide=false&msg1=Hey%20there!&msg2=I%27m%20live%20now!%20Join%20my%20room%20if%20you%20want%20to%20talk%20with%20me&genderColor=%23fff&useFeed=true&animateFeed=true&smoothAnimation=true&animationSpeed=500&colorFilter=false&colorFilterStrength=0&providers=imlive&refererFile=script%2Fjs.ejs&muted=0&vlm=false&vlmi=false&vlmd=v.vfgta.com&vlmcid=&isLive=true&url=http%3A%2F%2Fwww.cbmiocw.com&autoReloadChaturbate=false&cols=1&rows=1&number=1&categories=&genders=m,mm&generator=camswidget&token=40737f20-49a3-11eb-a165-17a4dc8b58f5&referer=xlovegayblog.blogspot.com&aff_sub2=PUB_unspecified%3BBLOC_CamsWidget HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-dfab1aa467b36f824c4e84ddc7ae9b34-c0c50dd0c8766b37-01
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banners.cams.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:43:42 GMT
date: Wed, 05 Oct 2022 18:43:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m1.nsimg.net//media/1/3/0/13048708.png
200 OK 0 B URL HTTP/1.1 m1.nsimg.net//media/1/3/0/13048708.png
IP
GET //media/1/3/0/13048708.png HTTP/1.1
Host: m1.nsimg.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://as.sexad.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 05 Oct 2022 18:43:45 GMT
Content-Type: image/png
Content-Length: 98970
Connection: keep-alive
Last-Modified: Thu, 28 Jul 2022 17:49:32 GMT
ETag: "62e2cc2c-1829a"
Expires: Wed, 13 Sep 2023 18:49:17 GMT
Cache-Control: max-age=31536000
X-Varnish: 305824111 236965619
Age: 1899691
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
www.cbmiocw.com/script?providers=chaturbate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=5d975650-49a6-11eb-b2f8-fd589179aa14
200 OK 0 B URL HTTP/2 www.cbmiocw.com/script?providers=chaturbate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=5d975650-49a6-11eb-b2f8-fd589179aa14
IP
GET /script?providers=chaturbate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=5d975650-49a6-11eb-b2f8-fd589179aa14 HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-8881c28985e2ece6f43f17ae6dae5e94-87fe6b2897693603-00
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
pt-static1.ptwmstcnt.com/npe/cifra/styles/cifra-v807590.css
200 OK 0 B URL HTTP/2 pt-static1.ptwmstcnt.com/npe/cifra/styles/cifra-v807590.css
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /npe/cifra/styles/cifra-v807590.css HTTP/1.1
Host: pt-static1.ptwmstcnt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pt.protawe.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/css
last-modified: Wed, 05 Oct 2022 13:56:17 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"633d8d01-35cb"
access-control-allow-origin: *
server: unknown
x-cdn-node: sesto
x-cache-status: R-HIT
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
pt.protawe.com/cifra?psid=elitecampromos&psprogram=revs&pstool=212_1&site=cmb&cobrandid=&campaign_id=&category=gay&row=3&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=0&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}&legacyRedirect=1
200 OK 0 B URL HTTP/2 pt.protawe.com/cifra?psid=elitecampromos&psprogram=revs&pstool=212_1&site=cmb&cobrandid=&campaign_id=&category=gay&row=3&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=0&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}&legacyRedirect=1
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /cifra?psid=elitecampromos&psprogram=revs&pstool=212_1&site=cmb&cobrandid=&campaign_id=&category=gay&row=3&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=0&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=random&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 HTTP/1.1
Host: pt.protawe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:42 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:42 GMT; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
bngpt.com/promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=750&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=4&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male
200 OK 0 B URL HTTP/2 bngpt.com/promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=750&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=4&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male
IP
ASN #48684 Viking Host B.V.
GET /promo.php?c=345596&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=750&db%5Bheight%5D=300&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=4&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=male HTTP/1.1
Host: bngpt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin:
expires: Wed, 05 Oct 2022 18:43:41 GMT
x-bcs: ded7383
strict-transport-security: max-age=0;
cache-control: no-cache, public
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
s1.wlresources.com/xlove/sp/js/playerHls.js?13210892
200 OK 0 B URL HTTP/2 s1.wlresources.com/xlove/sp/js/playerHls.js?13210892
IP
GET /xlove/sp/js/playerHls.js?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 09:14:00 GMT
etag: W/"60488dd8-39b7"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BHqEbXPNbbb7ZTxyPsqG9ZOBGJy05Ho1%2BCPzCmRXroDUqi2iybf6VlxfLqm1Rgz3do5HtiliBLzyDMdRdUAHq7%2Bx8cOH9MUDawv6KWlm3y8vT1MKamBm0b7AtzArvyU%2BETX4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584ddfdd59b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/cachebust/theatermode-react-122996e3c575.js
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/cachebust/theatermode-react-122996e3c575.js
IP
GET /cachebust/theatermode-react-122996e3c575.js HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: application/javascript
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=193979
etag: W/"679f9c28611053d552ee74dc3fe1afad"
last-modified: Wed, 05 Oct 2022 03:15:43 GMT
x-amz-id-2: 85uV1p/0xnelumln6OOlbyqbcqBY1vpHbrQ16s6GF2EdmxFABFt+mB0uClUvt7XTIzkF3SPGb9I=
x-amz-meta-s3cmd-attrs: md5:679f9c28611053d552ee74dc3fe1afad
x-amz-request-id: W6FH95QD9NJ9BJPN
cf-cache-status: HIT
age: 55473
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWLpARpnZu8jqNbtdh4OgISXwTsqYuAUeNrDg9rHJ%2BYN4PYu9INU2Qv8iooWnOGEBqe72w1MxI%2FoqzqyfbNGNnI8XlnKS1mugVlqGFNqWcBUMqCVAMnC%2FGc1oV%2FPd7cz4quOrmtzeumTzA05ZgLnPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df90d6eb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:41 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995421
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?lang=no&family=Product+Sans|Roboto:400,700
IP
GET /css?lang=no&family=Product+Sans|Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:43:42 GMT
date: Wed, 05 Oct 2022 18:43:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cbmiocw.com/script?providers=streamate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=ecd63410-49a3-11eb-85e4-493407965257
200 OK 0 B URL HTTP/2 www.cbmiocw.com/script?providers=streamate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=ecd63410-49a3-11eb-85e4-493407965257
IP
GET /script?providers=streamate&genders=m%2Cmm&skin=1&containerAlignment=center&iframeHeight=300px&iframeWidth=500px&cols=1&rows=1&number=1&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1.7777&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=ecd63410-49a3-11eb-85e4-493407965257 HTTP/1.1
Host: www.cbmiocw.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.10
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, elastic-apm-traceparent
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-apm-trace-id: 00-82d342a6788e6ecdef97e4b0cfe327a2-fb424e4845fc5884-00
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
static-assets.highwebmedia.com/CACHE/css/output.b426af5a929f.css
200 OK 0 B URL HTTP/2 static-assets.highwebmedia.com/CACHE/css/output.b426af5a929f.css
IP
GET /CACHE/css/output.b426af5a929f.css HTTP/1.1
Host: static-assets.highwebmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chaturbate.com/
Connection: keep-alive
Cookie: _cfuvid=yIItevLaY5bWgLoD6XbMpDuHj5KRle4tJI5XufxM4So-1664995418088-0-604800000
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:44 GMT
content-type: text/css
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=246636
etag: W/"6b1dcc472418d7ea205323a0c204d457"
last-modified: Mon, 03 Oct 2022 22:40:04 GMT
x-amz-id-2: VquBUJVgiQrUVhoRL22NzifHtuqr5zaUrf7eWurLQNmH+5UcBYC8pobFmn/hJzVKpGR3JbVRjS4=
x-amz-meta-s3cmd-attrs: md5:6b1dcc472418d7ea205323a0c204d457
x-amz-request-id: F1KW7XJ8K28T8C46
cf-cache-status: HIT
age: 158350
expires: Fri, 04 Nov 2022 18:43:44 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnmqgl%2B%2BgpeLoFY5IfYusT3VRc3ousrDBsRHuGDELz8wJhZlpzeSKKLicLWODhiPFySO84ulRURNHUASwjJKmeiW3xo4jwfWkbvhglBisnoJgTkvDB2RopWjfo0OzZWUgtCKwvRi9Cuqh2H6g%2Ffb7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75584df95deab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300
IP
GET /css?family=Open+Sans:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 18:43:42 GMT
date: Wed, 05 Oct 2022 18:43:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.pcstatic21.com/js/lp_plugins/lp_framework.js?d=10/5/2022%206:43:42%20PM
200 OK 0 B URL HTTP/2 i1.pcstatic21.com/js/lp_plugins/lp_framework.js?d=10/5/2022%206:43:42%20PM
IP
GET /js/lp_plugins/lp_framework.js?d=10/5/2022%206:43:42%20PM HTTP/1.1
Host: i1.pcstatic21.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 26 Oct 2021 12:26:04 GMT
x-amz-meta-cb-modifiedtime: Tue, 26 Oct 2021 12:25:17 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 05 Oct 2022 11:43:06 GMT
etag: W/"0d5139263711a70b8308916135e84a66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fVeGMBoyKVzauW0R-ROA7-BFkAokwli8dm8NOGspuA51QygU2KiOZg==
age: 25691
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
aweproto.com/embed/lf?c=object_container&site=cmb&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=true&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
200 OK 0 B URL HTTP/2 aweproto.com/embed/lf?c=object_container&site=cmb&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=true&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID}
IP
ASN #34655 DuoDecad IT Services Luxembourg S.a r.l.
GET /embed/lf?c=object_container&site=cmb&cobrandId=&psid=elitecampromos&pstool=202_1&psprogram=revs&campaign_id=&category=gay&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=true&vp[showPerformerName]=true&vp[showPerformerStatus]=true&filters=&ms_notrack=1&subAffId={SUBAFFID} HTTP/1.1
Host: aweproto.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
cache-control: no-cache
date: Wed, 05 Oct 2022 18:43:38 GMT
server: unknown
set-cookie: psui=c11170dca089cc3d7eb6d01a7f1a1068; Path=/; Expires=Fri, 04-Nov-22 18:43:38 GMT; SameSite=None; Secure
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
i1.pcstatic21.com/js/lp_plugins/lp_flc.js
200 OK 0 B URL HTTP/2 i1.pcstatic21.com/js/lp_plugins/lp_flc.js
IP
GET /js/lp_plugins/lp_flc.js HTTP/1.1
Host: i1.pcstatic21.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pc180101.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Tue, 26 Oct 2021 12:26:08 GMT
x-amz-meta-cb-modifiedtime: Tue, 26 Oct 2021 12:19:51 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 05 Oct 2022 14:26:03 GMT
etag: W/"3d96a750188f29b01fcaedc87163b1f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6NMmsTloo2ztY6q_bWe3yCu-YksPIRCS3uDYcO7Nmwt7Qe9kJdsJfQ==
age: 17672
X-Firefox-Spdy: h2
stream-url.camshq.info/imlive?model_id=1472194&model_name=MARKUUXX&working_server=cdnnc%3A%2F%2Fc-t6-bintu-stream~nanocosmos~de%2Flive.fly225&room_id=53&muted=0
404 Not Found 0 B URL HTTP/2 stream-url.camshq.info/imlive?model_id=1472194&model_name=MARKUUXX&working_server=cdnnc%3A%2F%2Fc-t6-bintu-stream~nanocosmos~de%2Flive.fly225&room_id=53&muted=0
IP
GET /imlive?model_id=1472194&model_name=MARKUUXX&working_server=cdnnc%3A%2F%2Fc-t6-bintu-stream~nanocosmos~de%2Flive.fly225&room_id=53&muted=0 HTTP/1.1
Host: stream-url.camshq.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cbmiocw.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
last-modified: Mon, 24 Aug 2020 17:47:04 GMT
etag: W/"723f06c399d7ab17b707e67036d23de2"
x-amz-error-code: NoSuchKey
x-amz-error-message: The specified key does not exist.
x-amz-error-detail-key: imlive
date: Wed, 05 Oct 2022 18:43:45 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fv-Z3B-zDQrC3iPlj7QpFheYt3A_B2nOobh1ttQv0E6wmdGkf_4ctg==
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/resource/browseCdnConfig
200 OK 0 B URL HTTP/2 prm03.wlresources.com/resource/browseCdnConfig
IP
ASN #47836 SC Web Software Development SRL
GET /resource/browseCdnConfig HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/json
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995422
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
200 OK 0 B URL HTTP/2 prm03.wlresources.com/livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ==
IP
ASN #47836 SC Web Software Development SRL
GET /livewebcamiframe?d=eyJ1aSI6eyJpZF9hZmZpbGllIjoiMTE2OTIiLCJjZiI6IkUwRjJGQSIsImNjIjoiNTVDNkY2IiwiY3QiOiI3NTVCNkUiLCJpZnJhbWVWZXJzaW9uIjp0cnVlLCJ0cmFuc3BhcmVuY3kiOmZhbHNlLCJjcm9wVmlkZW8iOmZhbHNlLCJzaXplIjoxLCJjYXQiOiI3IiwidHJpIjoxMH0sImRvbUlkIjoiZG9tVG9JbmplY3RUaGVXaWRnZXQzOThzYnI0b2l6byIsInJlc291cmNlc1VybCI6Imh0dHBzOi8vczEud2xyZXNvdXJjZXMuY29tIiwicHJvbW90b29sVXJsIjoiaHR0cHM6Ly9wcm0wMy53bHJlc291cmNlcy5jb20ifQ== HTTP/1.1
Host: prm03.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xlovegayblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 18:43:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: script-src 'self' *.wlresources.com https://www.google-analytics.com https://www.googletagmanager.com https://prm03.wlresources.com *.xlovecam.com *.acwebconnecting.com; worker-src blob:; connect-src 'self' *.acwebconnecting.com *.wlresources.com https://prm03.wlresources.com; report-uri /err0r/js?ts=1664995419
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-cdn-region: eu-nl
content-encoding: gzip
X-Firefox-Spdy: h2
s1.wlresources.com/vendor/internal/iconxl/v1/css/main.css?13210892
200 OK 0 B URL HTTP/2 s1.wlresources.com/vendor/internal/iconxl/v1/css/main.css?13210892
IP
GET /vendor/internal/iconxl/v1/css/main.css?13210892 HTTP/1.1
Host: s1.wlresources.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://prm03.wlresources.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:40 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 14 Jan 2022 15:58:58 GMT
etag: W/"61e19dc2-2c0e"
expires: Thu, 10 Nov 2022 13:16:10 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-cache-status: HIT
timing-allow-origin: *
cf-cache-status: HIT
age: 7277250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2DwzE04zrSyCdiIuK8FQJRZm36YXXim732V0rkQFjG7KIAEA8nstnPOvvxvDozFsKiJF02On87Mh1a%2BYvbkREJFntLnn0D5SHjrpA2cT3ax4OVig7AERczjZseboc7U5YeTuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75584de02dc0b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
i.bcprm.com/dynamic_banner/jquery.tools.min.js
200 OK 0 B URL HTTP/2 i.bcprm.com/dynamic_banner/jquery.tools.min.js
IP
GET /dynamic_banner/jquery.tools.min.js HTTP/1.1
Host: i.bcprm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bngpt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 18:43:42 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jun 2019 13:44:19 GMT
expires: Sat, 14 Nov 2020 07:18:40 GMT
cache-control: max-age=2592000
content-encoding: gzip
vary: Accept-Encoding
x-cdn-diag: ams5-7740-1-38162-h-0-0---;7099-40-13665----0-0-0
X-Firefox-Spdy: h2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiODYiLCJzaWQiOiIxMDAwMjgxMSIsIm5pZHMiOiIzNTM1MiIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTAzNzU2OCIsInN2IjoiNDc0MSIsInJlZl9kbW4iOiJ4bG92ZWdheWJsb2cuYmxvZ3Nwb3QuY29tIiwiZXh0X2NpZCI6IiIsInRzbmFtZSI6IkFGRiIsImNyYyI6IjQiLCJjbiI6IjMwMFgyNTBfR0FZX1MyMDIwX3JvbiIsIm5pZCI6IjM1MzUyIiwiZXh0X3B1YiI6IiIsImNycCI6IjE2LjY3IiwidGlkIjoiMiIsIml0IjoiMDVcL09jdFwvMjAyMjoxODo0MzozOSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiOTI1MjMiLCJjaWQiOiIzNTYzMSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5Mzk5NTMiLCJpaWQiOiJlY2IwOThjOWYyZjc1YTQwMWI5M2Q4NmNhZDRhMTQyZSIsImV4dF9paWQiOiIifQ==?unique_view=1
200 OK 0 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiODYiLCJzaWQiOiIxMDAwMjgxMSIsIm5pZHMiOiIzNTM1MiIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTAzNzU2OCIsInN2IjoiNDc0MSIsInJlZl9kbW4iOiJ4bG92ZWdheWJsb2cuYmxvZ3Nwb3QuY29tIiwiZXh0X2NpZCI6IiIsInRzbmFtZSI6IkFGRiIsImNyYyI6IjQiLCJjbiI6IjMwMFgyNTBfR0FZX1MyMDIwX3JvbiIsIm5pZCI6IjM1MzUyIiwiZXh0X3B1YiI6IiIsImNycCI6IjE2LjY3IiwidGlkIjoiMiIsIml0IjoiMDVcL09jdFwvMjAyMjoxODo0MzozOSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiOTI1MjMiLCJjaWQiOiIzNTYzMSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5Mzk5NTMiLCJpaWQiOiJlY2IwOThjOWYyZjc1YTQwMWI5M2Q4NmNhZDRhMTQyZSIsImV4dF9paWQiOiIifQ==?unique_view=1
IP
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiODYiLCJzaWQiOiIxMDAwMjgxMSIsIm5pZHMiOiIzNTM1MiIsImR5bl9kbW4iOiIiLCJjcmlkIjoiMTAzNzU2OCIsInN2IjoiNDc0MSIsInJlZl9kbW4iOiJ4bG92ZWdheWJsb2cuYmxvZ3Nwb3QuY29tIiwiZXh0X2NpZCI6IiIsInRzbmFtZSI6IkFGRiIsImNyYyI6IjQiLCJjbiI6IjMwMFgyNTBfR0FZX1MyMDIwX3JvbiIsIm5pZCI6IjM1MzUyIiwiZXh0X3B1YiI6IiIsImNycCI6IjE2LjY3IiwidGlkIjoiMiIsIml0IjoiMDVcL09jdFwvMjAyMjoxODo0MzozOSArMDAwMCIsImNjIjoiMSIsInNuY2lkIjoiOTI1MjMiLCJjaWQiOiIzNTYzMSIsImV4dF91aWQiOiIiLCJjcCI6IjEwMCIsInNuY2NpZCI6IjE5Mzk5NTMiLCJpaWQiOiJlY2IwOThjOWYyZjc1YTQwMWI5M2Q4NmNhZDRhMTQyZSIsImV4dF9paWQiOiIifQ==?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10002811?ata=EliteCamPromos
Cookie: adtool_guid=Ch5KGmM90FuhM3uwrerCAg==; RNLBSERVERID=ded7077
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Wed, 05 Oct 2022 18:43:43 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
x-request-id: 633DD05E-42FE72AB01BB5F90-1F56D74
X-Firefox-Spdy: h2
142.250.74.161
162.19.88.68
91.208.175.119
23.36.77.32
93.93.51.191
93.184.220.29
104.18.32.68
195.85.23.30