r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Sat, 28 Jan 2023 17:35:30 GMT
Date: Sat, 28 Jan 2023 15:22:25 GMT
Connection: keep-alive
sexgayplus.com/2019/06/ns-142/
104.21.235.166301 Moved Permanently 0 B URL HTTP/1.1 sexgayplus.com/2019/06/ns-142/
IP 104.21.235.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2019/06/ns-142/ HTTP/1.1
Host: sexgayplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 15:22:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://sexgayplus.com/2019/06/ns-142/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhCLnSPgXGvbMupT5fUGwemXxseN6Srt1pgpBYuBmJ6o9dYXGZnARJr0mhaqH3YyVAB7EAYWAsqsrU%2F9SZZSH1NFjpXMua8hURIIZ5ciIaVvXHt31WFNZe3f5t%2BD8lOWXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790ab935bf0ddc6f-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7880
Expires: Sat, 28 Jan 2023 17:33:45 GMT
Date: Sat, 28 Jan 2023 15:22:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 14:43:05 GMT
content-type: application/json
age: 2360
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2452
Expires: Sat, 28 Jan 2023 16:03:17 GMT
Date: Sat, 28 Jan 2023 15:22:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IMOTiTjbuMuWQYmeIr9MxyPNXNbAULFw/Oe8xzENVfypz0zBrXQjKgpz1rYmGCJGSUtM5Btk7f4=
x-amz-request-id: 6ZZX0PR4GNHCNJSS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 14:49:56 GMT
age: 1949
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:25 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Sat, 28 Jan 2023 15:22:26 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3a8009a5341494164af095f1d6da2135
88c78ab8317a5ed3471a7ea9373b324bfbcc2247
6923c67f06351d02fd0a0400dcfdc9e7f31e785d8003f176ac8a14c8fb1f161c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 02:35:30 GMT
Expires: Sat, 04 Feb 2023 02:35:29 GMT
Etag: "88c78ab8317a5ed3471a7ea9373b324bfbcc2247"
Cache-Control: max-age=558182,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790ab939b96eb51d-OSL
poweredby.jads.co/js/jads.js
185.94.236.246301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 28 Jan 2023 15:22:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.buypass.com/
23.36.76.200200 OK 1.7 kB IP 23.36.76.200:0
ASN #20940 Akamai International B.V.
Hash 9912109d71537313196553b132f3343e
8a69fb93f914b57f0a4be74163c912f361113fd3
fc9328b644ebb3e91c26980c2ede31aa19afb773abb7cf6f2bda13b2dc5ab75e
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 0ad97829-84d4-4452-a424-c1d5182b1577
Content-Length: 1701
Date: Sat, 28 Jan 2023 15:22:26 GMT
Connection: keep-alive
poweredby.jads.co/js/jads2.js
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.246:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sexgayplus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:26 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic
142.250.74.106200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic
IP 142.250.74.106:0
Hash fc757772de4af0c9238e70911879bf2a
dc11335f099ba1ad387944ca491801d602378cdb
88e8e3e91df9a066d6464ef446f76eb96636d6af3374fd722f0d845eddbae242
GET /css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 15:22:26 GMT
date: Sat, 28 Jan 2023 15:22:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 56 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
Hash 9270c9489b7bc1ab8e74cf6e2b95cfd0
2aa70fb646efc6b2d27c2d281eeb72bf03a1ba3b
5906e15796f7fdc0ee85bb576c84d6ecdb78d65aed3f4a316613c1e67e90fd54
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 419385
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.227200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:19 GMT
expires: Wed, 24 Jan 2024 09:41:19 GMT
cache-control: public, max-age=31536000
age: 366067
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leonodikeu9sj10.com/solid.gif?z=1798067&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 leonodikeu9sj10.com/solid.gif?z=1798067&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1798067&abvar=0 HTTP/1.1
Host: leonodikeu9sj10.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.popcash.net/show.js
151.139.128.11200 OK 36 kB IP 151.139.128.11:0
File type ASCII text, with very long lines (65387)
Hash d1ab55af8330aada9fc2c20157968dbc
6a710f3e293d4347d6180c2bd469500ff1f6e0be
393329c5fded65db84ec577fffcded18810ba0338e83e23d7cce822bb15a3229
GET /show.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-encoding: br
content-length: 36492
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 15:55:59 GMT
accept-ranges: bytes
etag: W/"6362930f-1b189"
cache-control: max-age=2592000, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqpR6Csgpv67J8iRhPF%2Fk4I%2FcSspfCip1CysP7NSuVOhjOvzzVC5CSWkMOcnP0qDjGEchtV8BKhtH2fQa7eq3spccD4%2B14vAyS1cCvIPGno%2FXgl%2F8HgVISCs0Q%2BR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d31f2b1e12b4e8-OSL
vary: Accept-Encoding
x-hw: 1674919346.cds228.sk1.hn,1674919346.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 14:41:40 GMT
age: 2446
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 28 Jan 2023 15:22:26 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
hedgehoghugsyou.com/solid.gif?z=1798067&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 hedgehoghugsyou.com/solid.gif?z=1798067&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1798067&abvar=0 HTTP/1.1
Host: hedgehoghugsyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.intelligenceadx.com/jquery.reel-min.js
185.76.9.15200 OK 10 kB URL HTTP/2 www.intelligenceadx.com/jquery.reel-min.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
Hash a2e0a21dc85baa117a364832a53889a2
c5f0c9c19087ccca2965c2c04433c6e3cdede67c
e7d0b7eb65715c21a427878138a3055a343fb68a805a4f24b7147b74a84e5e68
GET /jquery.reel-min.js HTTP/1.1
Host: www.intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Thu, 02 Feb 2023 20:53:44 GMT
access-control-allow-origin: *
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1675371224
server: CDN77-Turbo
x-77-nzt: AblMCQ3JQmH/WlUCAA
x-77-nzt-ray: c0a4cc283b416d29b23dd563ce7dee34
x-cache: HIT
x-age: 152922
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
unpkg.com/jquery@2.2.4/dist/jquery.min.js
104.16.124.175200 OK 31 kB URL HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP 104.16.124.175:0
File type ASCII text, with very long lines (32065)
Hash b188fddabf243d3bb02565322e0bd1d5
16b7fa6a3f35b4a4d497a4a9d8fa9bf6bee15821
47900b15f03536d058b0b4cd876602216982ed80f6dc93b2513df3404b935a08
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01G754SVY4BFC19MXYRYRMED91-fra
cf-cache-status: HIT
age: 17962848
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790ab93f0ec30b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/ad/api/popunder.js
190.115.19.71200 OK 21 B URL HTTP/2 hqq.tv/ad/api/popunder.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with no line terminators
Hash 533a813ddb8f84d7e018bf8e6296c44d
8c95af23d5dc502f1bc3395a6d2e339e696c0d3e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/api/popunder.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
104.16.124.175200 OK 36 kB URL HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP 104.16.124.175:0
File type ASCII text, with very long lines (29325)
Hash f3f22640b56c82b68c22ae582c7af5d1
b816d3861672f3b03963007918429707855bc5d4
6eb15db1aacc555161e413385ad2f64c957fe147b011cead43c15d6b349d2e1e
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01F3YGTHVETVB9B7TG2TW5GR8F
cf-cache-status: HIT
age: 24230111
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790ab93f0ebf0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65c2eff97e3799b6f1c624a85dde039a
995326151fa5f40b770ebe642d3529726421e9ad
8270566bd20404dd486bba624319fb67f7d1e97b308db4939478fea79aeb64e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8270566BD20404DD486BBA624319FB67F7D1E97B308DB4939478FEA79AEB64E9"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9808
Expires: Sat, 28 Jan 2023 18:05:55 GMT
Date: Sat, 28 Jan 2023 15:22:27 GMT
Connection: keep-alive
hqq.tv/js/d_check.js?34
190.115.19.71200 OK 1.1 kB IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (821)
Hash e76c47177c2f11fd4b208f908d0f3861
ec29c73286308328b4e20512b32b486a91d7ed30
79f1ba1d9cbb1420c53d7c78bbfd99313a6be30da1718ef728ce2dce4aaec77b
GET /js/d_check.js?34 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 27 Feb 2020 14:57:53 GMT
etag: W/"5e57d8f1-d8a"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash f5795488c88525f522969c016a20053d
449973d73466581fa7cd7dac3062dc7083aa85c8
11b8d2bdbdcec6922b650b5a3ee3e471ac1b0e95b4d83ee0097dc823cc8030dc
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 01 Feb 2023 12:11:57 GMT
ETag: "449973d73466581fa7cd7dac3062dc7083aa85c8"
Last-Modified: Sat, 28 Jan 2023 12:11:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 389
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790ab9400f53fac4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b601055278a5322132b1ae63d3a801ab
772a60c2b0eacc47765f872044704d5d36a8c79f
098ae28f9e472ef1db338290a3890c052d49fb2ba3a25e74af26f8b53d5b4c19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 555
Cache-Control: max-age=95387
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:27 GMT
Etag: "63d40d23-117"
Expires: Sun, 29 Jan 2023 17:52:14 GMT
Last-Modified: Fri, 27 Jan 2023 17:42:59 GMT
Server: ECS (amb/6B84)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.216.86.11101 Switching Protocols 129 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.86.11:0
Hash dfdeafb3b1e5d2bc112791c73ff72b19
5bbfc434b8a10435745f00093473593781683bf2
74d2fdc94ad70403eea3a8886c6b674adabac2cbf856333e84a2178d44ebc133
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t84xViDWFfvfUUmnc+QG7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3RSBbuZzLKuyt32WsJkCIqOOQdA=
hedgehoghugsyou.com/get/1798067?zoneid=1798067&jp=_cl1yvnoto4zbeunxnuwnk1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=4050417188423872
62.122.171.6200 OK 1.5 kB URL HTTP/2 hedgehoghugsyou.com/get/1798067?zoneid=1798067&jp=_cl1yvnoto4zbeunxnuwnk1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=4050417188423872
IP 62.122.171.6:0
Hash edffce407613eaae1ac91aa6f1d390d4
52cf12dba9cb3a958493283e126e507f9fee0ee3
a8794a0b3fa9e71fa4f859986b1ab2e2cd3bf3072408f00cc54a3319963bd2f5
GET /get/1798067?zoneid=1798067&jp=_cl1yvnoto4zbeunxnuwnk1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=4050417188423872 HTTP/1.1
Host: hedgehoghugsyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301281022de61b589e9fd4386b10e196a6c; Path=/; Expires=Sun, 28 Jan 2024 15:22:26 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2301281022d1fcde4de94e4babb418893a0b; Path=/; Expires=Sun, 28 Jan 2024 15:22:27 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
hqq.tv/cdn-cgi/trace
190.115.19.71404 Not Found 146 B IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Cookie: uid=ULPrlr8zl9KQYf8uAblJkRGjplfHTAUI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/html; charset=UTF-8
content-length: 146
x-origin-location: /
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: /
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
3.222.40.224204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 3.222.40.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 15:22:27 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b601055278a5322132b1ae63d3a801ab
772a60c2b0eacc47765f872044704d5d36a8c79f
098ae28f9e472ef1db338290a3890c052d49fb2ba3a25e74af26f8b53d5b4c19
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 555
Cache-Control: max-age=95387
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:27 GMT
Etag: "63d40d23-117"
Expires: Sun, 29 Jan 2023 17:52:14 GMT
Last-Modified: Fri, 27 Jan 2023 17:42:59 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
poweredby.jads.co/adshow.php?adzone=773308
185.94.236.246200 OK 1.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=773308
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1615), with CRLF, LF line terminators
Hash 778126ba02a06c973893ffe04ae89c1d
9ef41cb99e56d0a4466675cc3d29a57ceb4bc359
13ce13577bd3f73d9e24ded57b3b8995d4510d97f8c7060395da8d76c43f7c68
GET /adshow.php?adzone=773308 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; expires=Sun, 28-Jan-2024 15:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps27494=1; expires=Sun, 29-Jan-2023 15:22:26 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjY0NDQ4OTtpOjE2NzUxNzg1NDY7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=822877
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=822877
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (431), with CRLF, LF line terminators
Hash 8ddc52b106b92941127679172f65e532
27580d4b8041855c01052e52d3f834db9503633f
22f5edc30818c0605df44e4f335a67012552c4a315d1f526a2fd2fce18dd9f41
GET /adshow.php?adzone=822877 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; expires=Sun, 28-Jan-2024 15:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps43756=1; expires=Sun, 29-Jan-2023 15:22:26 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEyMDY4MzM7aToxNjc1MTc4NTQ2O30%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
testingmetriksbre.ru/netu.php
104.21.50.109200 OK 563 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.21.50.109:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 081cf8d1e2b33b8cb3c607b7d303da5a
ae721689a2931e50dfd6b038e85b5e0b4f091185
21a87b46098de35b4948ce9172bddc1989bbeaaf846ef3730b4fdea357287f05
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmzMjrDmuIDt6uXuG9RL3w5tUeS98OC1lj60PcoJn8e37b5DxLMDb0tdAwT1O33U82ss7N1TmynLK92UolFieRQmXyL8wT0cNeqgNojueTR3ZamGgV3IJKbf4gUnxVMJ1Bu249BDfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790ab93f6cb5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=775122
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=775122
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (406), with CRLF, LF line terminators
Hash 0e44e123eda669e76ff110f5690d47aa
db81b41b78e1612ac791b64c3227ae17abbbf624
019e16161b9e2b7fe1b8f00c7000a504e8fa89b42da2bb58632c865defaa10ad
GET /adshow.php?adzone=775122 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; expires=Sun, 28-Jan-2024 15:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps32298=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1ODA0NjtpOjE2NzUxNzg1NDY7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=895132
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=895132
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Hash 45fa7613300807b43bc7193a61bbd514
45d082524b2fc4e2c8c084c120d0887af926e6be
f5c0c2c5920cb006e99a911221734f43fd6b66d26a98f2506c27d665fd8c0cc1
GET /adshow.php?adzone=895132 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; expires=Sun, 28-Jan-2024 15:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps32298=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e517537aac970652caf496177313c20b
ef5b281b9e4d8a39eeaa6c3fb331d4b28d081ab7
ac56e1b45c26e17634c41651b75da3d66e752cf51dfb536a6f258261f1e8ed61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AC56E1B45C26E17634C41651B75DA3D66E752CF51DFB536A6F258261F1E8ED61"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4010
Expires: Sat, 28 Jan 2023 16:29:17 GMT
Date: Sat, 28 Jan 2023 15:22:27 GMT
Connection: keep-alive
hqq.tv/js/adv/fuckadblock.js?2
190.115.19.71200 OK 4.0 kB URL HTTP/2 hqq.tv/js/adv/fuckadblock.js?2
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with CRLF line terminators
Hash 57564172bf3f9dc66df2c8b2e9164955
d4e31aa6cdbd3a8eb2fbf2b127cc3766d18a7d2c
211329db1f7c2e099ec85ad2f2da22dad870a8bcdf533106bea9423123f005b2
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23012810222d61dba8ace74417b6b1d94488; Path=/; Expires=Sun, 28 Jan 2024 15:22:27 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
5s0ilstnnr1x.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 5s0ilstnnr1x.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5s0ilstnnr1x.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=ss7fpi65sif2rOA4QqJGVYyXQCpnuigQ83xsKrPNdg-jIssKp_Hsh9lw3-XfBiOhStFbnjzPPOZpxaqBdGtf_uWN-ahAzN8C06Xp27zhzHmAB32TtO-mLA-dt7g6bxSsQuShRb8LzTR237V4pFBQZLpnfjevAxinCCb1PgTR9EkEXdvj1zqIjg2jjhdF99tR6_dX-JiaqQrNjVLpBQhe9_42PUjcP0Dw-pnEjQKkARvqJXUR7Oynw6hOL3hqGkXenqRpB41j5vqAoTFJnd651N1vyMmFGmBOtILN8Lg0h6XGAlY16_loRD6kvvWPWCTpvhfqVAVguTjHHnYziWijk3kpYwPNOrabdEPPQVQUxx3LRPu-j1jmD2n2jDzTVegb5rtSdHqATdJWZjERywh3lK_FbYHsliY--pb0s0qXU559heMxnOQqzyckuOUjclQkMAX7yR2prAac45DMmEi7RlXtaVPIS0_Owe-SengMUEAw7agvl1mdQGjIh26UpFe0A3km598RtOsZsmAZy-EYIWzdHmhrgZ_GBPoZ2mo1Vw5GVY9_TKe0SNq82QVzl1GMabaLnDKgOhcRTaIQ4BEtv_O5sJHbzWSWV2_T1xucuGWMxuxYeBJS2A97fI0Vjl7lRdmA96dzxy3p3X9EDSRzUDoIWHFev20lBQ_rxWmyVpMFIFYGQPAmtXG4kV2YRFO5PMbEMamRg8xsngz3&cb=_clh5bbnl0ycdpgv4320ti1&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=23012810226c74d8f3f0cd4d2fa2e80b8315; Path=/; Expires=Sun, 28 Jan 2024 15:22:27 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=36082
date: Sat, 28 Jan 2023 15:22:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 986086aa202637c16710e03d8f40b6ff
ecc337bedc03fdb45cb206c824e7af77026a90f5
edd36e6b93b6885e977be169fe2a7e2310c839501bb03bc737fea511198099c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2212
Cache-Control: max-age=151746
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:27 GMT
Etag: "63d4e2d1-1d7"
Expires: Mon, 30 Jan 2023 09:31:33 GMT
Last-Modified: Sat, 28 Jan 2023 08:54:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/vi_VN/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/vi_VN/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 85c14aa6cccd57dc4da3c4984e09d30f
8a348acac6143f3b7252d715c4734b57642b5f54
92f7db3aeac49993874f8b34d0c1fc143d0d11478133dc7d2c2f599bade4b9f0
GET /vi_VN/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e142100baf9194930ead614cfa0fd6a6
etag: "bbe48d8a8d4d02f78ac5a03bc2f415f6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 28 Jan 2023 15:33:07 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hcFKpszNV9xNo8SYTgnTDw==
x-fb-debug: 2AzkZGmURFeVW8T6BWbSgySN7Ti7ak9b8iLG99QIkliOoDbOQWGeAnRAVOrxDKWLKlKD5Y+k1VL6mGRzzjiG8w==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 15:22:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=689946
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=689946
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (431), with CRLF, LF line terminators
Hash 7ae18d2264de1da615f85386c306004c
91b1e2d85982eadceabe2aad1a1f2c85b7de1871
0a8d619d923edb9db5b8aa37d44585a342ad92906e1c209e024b12588306255a
GET /adshow.php?adzone=689946 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; expires=Sun, 28-Jan-2024 15:22:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps43756=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEyMDY4MzY7aToxNjc1MTc4NTQ2O30%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:26 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00f26c78e5a8029c5a5dd730d95272d0
ae1592d154dce3ad4433fed8ace1120900701dc0
c4c80cfb42f03c7481f1ab10b5b708b045ddfb8fbf4947d777da77ebfbd21a29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4C80CFB42F03C7481F1AB10B5B708B045DDFB8FBF4947D777DA77EBFBD21A29"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Sat, 28 Jan 2023 16:30:14 GMT
Date: Sat, 28 Jan 2023 15:22:27 GMT
Connection: keep-alive
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=13204541
190.115.19.71200 OK 2 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=13204541
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=13204541 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Cookie: uid=ULPrlr8zl9KQYf8uAblJkRGjplfHTAUI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-58ed4522449372ba/_ate.track.config_resp
23.38.200.123200 OK 670 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-58ed4522449372ba/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (2779), with no line terminators
Hash 120989da0b1bd08c9c3d36bd55dea743
d4d4f3e967949acd0c1344e5d5abc4f4eb9c5934
679a46762d22ffe2617831ff37d9be82d744adf33fa07dbecbc84b0d6cb63797
GET /live/boost/ra-58ed4522449372ba/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 670
etag: -757856772--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=15, s-maxage=86400
date: Sat, 28 Jan 2023 15:22:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 376 B URL HTTP/2 limurol.com/ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
Hash 90ff383a801b206af556b035334c9b09
44233393bed9ab8ef88ab169d81c4d09dcef1702
49aec359861f8a22e85660ae108b2b65205ca5533cf5b33e4a67e3f481b7c3dd
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1798067/?pb=34b6f545f53bccb75e53a2d1f23f63da1674926546&psp=9hlafgFsz0wx3OlOfR_rw4YxtIO6PqXyQ9zkEugwmgqP9v1Mk5itUjnglLryJJYYpcCK9uvUZE2t-MFCrJOTosx6XpIKN79j8onrhC2PBNoojpaGiKOXydBdyqMGL1Sqzk6Gy2J5HK8UnFE7OnXgZcz3NALQ-Rz3ssjs6qY9w391s_6SDnxlXFGJYgDniC_PV2gq2uRkLa07ag90MVHr4T6l5gvEkDGKFDWwEPNbElI7AAl1inKaXs8YBrk4QL0ZAz4nGTf4vHfLZMl4Tb2KfN6k8ZNZpla2WDw0wYyKiEXNUaqvNKzyfBPEOx8ZbqIKA93wt58sfkYdkOO4UVJOEZ1yn41qU5Rt55mAFfee32RhO8m6vS3UkUIHfKfi2p1ZNcVbFN7464aXzgckUBCQlcMREYx80SMjTMmWLszR4RTmO4LzhNxTIOn2Q2zPFe27L0pF5rWEejEasuXWT_y0Vcak__oaMStd9oDQt2jmzH1xNCD5CXk3wV3hHL-h4MzY_GP_qd3s6mx7Ow_jSUCV74gB1TBowbr82-I3lYQKNSyIH89tV8QsO9z-N82Ikg_EnpDn96HxQ_v5rCbp5aqrnpoR2JTIqcbJAqLojfxS8Y6wGVf_NrfVMrN8wNiN8IhXGQ-oJjFKQTpjynUNLuQOyLuI0dQEwtkM9vY6N4fRM6zzutt6rLW3ExE7tPUkJ6T_asugJLN5JFNI157i&cb=_cl9nieoxi419mm0ivtsn7f&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Cookie: UID=23012810226c74d8f3f0cd4d2fa2e80b8315
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=86256081
190.115.19.71200 OK 2 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=86256081
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=86256081 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Cookie: uid=ULPrlr8zl9KQYf8uAblJkRGjplfHTAUI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
hqq.tv/js/script-2.12.5.js
190.115.19.71200 OK 5.1 kB URL HTTP/2 hqq.tv/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash 737ce52ce35cdd84bfd903f37996f1ed
bde45c0b129a247fb9815070650de55667f7879a
57aaf411b3d0dc590f4ab778e0b02e29a637f289e39782d2f1378d15cde9c142
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Cookie: uid=ULPrlr8zl9KQYf8uAblJkRGjplfHTAUI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63d53db5dca70e8d&bkl=0&bl=1&pdt=485&sid=63d53db5dca70e8d&pub=ra-58ed4522449372ba&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=sexgayplus.com&fp=2019%2F06%2Fns-142%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1674919349956&jsl=1&uvs=63d53db5c7b3e9a9000&skipb=1&callback=addthis.cbs.jsonp__16456997150810460
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63d53db5dca70e8d&bkl=0&bl=1&pdt=485&sid=63d53db5dca70e8d&pub=ra-58ed4522449372ba&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=sexgayplus.com&fp=2019%2F06%2Fns-142%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1674919349956&jsl=1&uvs=63d53db5c7b3e9a9000&skipb=1&callback=addthis.cbs.jsonp__16456997150810460
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 640837e5a57c517b2a91440a2297ec58
2531f29914cb023512e97a7f69cd9997572c86a7
de66456c2f9737d2f64122cd46cab693aef0b8b12662c61e7171ab0244429a6e
GET /live/red_lojson/300lo.json?si=63d53db5dca70e8d&bkl=0&bl=1&pdt=485&sid=63d53db5dca70e8d&pub=ra-58ed4522449372ba&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=sexgayplus.com&fp=2019%2F06%2Fns-142%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1674919349956&jsl=1&uvs=63d53db5c7b3e9a9000&skipb=1&callback=addthis.cbs.jsonp__16456997150810460 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 28 Jan 2023 15:22:27 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 986086aa202637c16710e03d8f40b6ff
ecc337bedc03fdb45cb206c824e7af77026a90f5
edd36e6b93b6885e977be169fe2a7e2310c839501bb03bc737fea511198099c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2212
Cache-Control: max-age=151746
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 15:22:27 GMT
Etag: "63d4e2d1-1d7"
Expires: Mon, 30 Jan 2023 09:31:33 GMT
Last-Modified: Sat, 28 Jan 2023 08:54:41 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sat, 28 Jan 2023 15:22:27 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
i.jads.co/network/user42393/43756-1625531293-0617533001625531293.jpg
69.16.175.42200 OK 25 kB URL HTTP/2 i.jads.co/network/user42393/43756-1625531293-0617533001625531293.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash 00845d85147a2d8aa7c7c961b2833784
585428147ec82e2244d66ba8bc39543d749d7e4e
4667cea26af8489930a292efae0fd2b70d245dd2692a1c532fd7cf86ebdf4419
GET /network/user42393/43756-1625531293-0617533001625531293.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjEyMDY4MzY7aToxNjc1MTc4NTQ2O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1625531293"
cache-control: max-age=9395948
content-length: 24772
content-type: image/jpeg
last-modified: Tue, 06 Jul 2021 00:28:13 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds017.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/23973-1505576750.gif
69.16.175.42200 OK 119 kB URL HTTP/2 i.jads.co/network/user500/23973-1505576750.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Size 119 kB (118940 bytes)
Hash 1fec81bfc799dc9842e17e942590d37e
89e92fe82343c2cdbdebf090fe2028ea7e91f33d
d638b0209244bdf4dc2c0c7067a2c85022865e5728105f3ab51ee88310f12530
GET /network/user500/23973-1505576750.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1505576750"
cache-control: max-age=24650011
content-length: 118940
content-type: image/gif
last-modified: Sat, 16 Sep 2017 15:45:50 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds069.sk1.c
X-Firefox-Spdy: h2
i.jads.co/1x1.gif
69.16.175.42200 OK 130 B IP 69.16.175.42:0
Hash 14322503102e669306e6461fd14f3924
41ed65f84f37bf3042bf908553e82e0973af834f
5edc5e8a30dcb776028ea7d4c9b359f0d0dad4d9ed3656c69a24069cf8dc189c
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1457030838"
cache-control: max-age=12305919
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds264.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/27462-1545642470-0920497001545642470.jpg
69.16.175.42200 OK 27 kB URL HTTP/2 i.jads.co/network/user500/27462-1545642470-0920497001545642470.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash d918fc059023cc566ac5699e5edaf18b
66fc68ef6200f5b9efcb78c35cc8242b905128d3
f271886934f33d09fc577a48dda6d11ef13f3338887daa3fe16e3eb94e7e25c7
GET /network/user500/27462-1545642470-0920497001545642470.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1545642470"
cache-control: max-age=13844237
content-length: 27117
content-type: image/jpeg
last-modified: Mon, 24 Dec 2018 09:07:50 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds236.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user42393/43756-1625531292-0553006001625531292.jpg
69.16.175.42200 OK 27 kB URL HTTP/2 i.jads.co/network/user42393/43756-1625531292-0553006001625531292.jpg
IP 69.16.175.42:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash 9c163b1c1a5c3394d30e42d65071a4e1
c56ad1673c73f1a40a0d65da691e8944abeb16e3
a0346be77d58ea0f77b4f7449df1223b6ceeb6c824473e529dde9e5914703e77
GET /network/user42393/43756-1625531292-0553006001625531292.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1625531292"
cache-control: max-age=9395940
content-length: 27132
content-type: image/jpeg
last-modified: Tue, 06 Jul 2021 00:28:12 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds023.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/23973-1520066002.gif
69.16.175.42200 OK 353 kB URL HTTP/2 i.jads.co/network/user500/23973-1520066002.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 353 kB (352974 bytes)
Hash 53287730c6173ecae56fcb80c109fa79
4216719807533cc1ddfb1ca0bc84be3ee9d59d0f
800879fa9c01e5ddcedff021c3122b040ab42574b6d316d6f0c3fa206a3fe6a9
GET /network/user500/23973-1520066002.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=0e13bfeb02c7f72aca97c7b53f3dea08; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk1ODtpOjE2NzUxNzg1NDY7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
etag: "1520066002"
cache-control: max-age=12306353
content-length: 352974
content-type: image/gif
last-modified: Sat, 03 Mar 2018 08:33:22 GMT
accept-ranges: bytes
x-hw: 1674919347.dop002.sk1.t,1674919347.cds016.sk1.hn,1674919347.cds211.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=773308
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=773308
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Hash c270c45afe8280fe0ae6e0741b28a74c
28198c47e8dbe070ccc8f68c04c7ec53a758116a
0e92be9a12b69f2ca38c1a8e031fa26536df85695899bd4f70ef2a15faacf36a
GET /adshow.php?adzone=773308 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e4ae610eec34d41f6d587896cc094900; expires=Sun, 28-Jan-2024 15:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps27494=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjY0NDQ4OTtpOjE2NzUxNzg1NDc7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=775122
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=775122
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (406), with CRLF, LF line terminators
Hash 2fd009a08335410072f9dcd16254767a
e487dea142d96d179f17a51753726480291185cc
d70b837e4ca84502c1cfd1a0abee0175e50d31959a73032c6511bb61a25054ad
GET /adshow.php?adzone=775122 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e4ae610eec34d41f6d587896cc094900; expires=Sun, 28-Jan-2024 15:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps32298=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1ODA0NjtpOjE2NzUxNzg1NDc7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
5s0ilstnnr1x.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 5s0ilstnnr1x.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5s0ilstnnr1x.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
poweredby.jads.co/adshow.php?adzone=822877
185.94.236.246200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=822877
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (431), with CRLF, LF line terminators
Hash 8e9216e282fcedc8d0080b2717ba980e
ed3571a9633fba1cd9697b5072207a5a8bc62b54
6111ae9935ac1cc0de1ef9d012a58f8b4c624f80cce4eb3024703df974f0dcc3
GET /adshow.php?adzone=822877 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e4ae610eec34d41f6d587896cc094900; expires=Sun, 28-Jan-2024 15:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps43756=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEyMDY4MzM7aToxNjc1MTc4NTQ3O30%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=773308
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=773308
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Hash 29f7a9d55fed81519a78bc2e32d9b942
74b93554d984b496493261b7a1eaa9e02a84dfb4
09ffabdc81e6eec4b0700fdd4878f71f73a04950b2b395c5fe5efab8f3c70c3f
GET /adshow.php?adzone=773308 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e4ae610eec34d41f6d587896cc094900; expires=Sun, 28-Jan-2024 15:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps27494=1; expires=Sun, 29-Jan-2023 15:22:27 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjY0NDQ4OTtpOjE2NzUxNzg1NDc7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
connect.facebook.net/vi_VN/sdk.js?hash=02e049841a1d2bc4d0f3e7db57df0aa4
157.240.200.14200 OK 87 kB URL HTTP/2 connect.facebook.net/vi_VN/sdk.js?hash=02e049841a1d2bc4d0f3e7db57df0aa4
IP 157.240.200.14:0
File type ASCII text, with very long lines (13192)
Hash 2a1de1cba1e3203608992197bd498c1b
9e74876d4dc776f14ebe32639c1905470bd8b0f1
46f2096b377bb54d0f8abf523c08b6fc89657610fd72003e3aeeb840f7665af5
GET /vi_VN/sdk.js?hash=02e049841a1d2bc4d0f3e7db57df0aa4 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3365b44c0124d460c0182b5271766078
etag: "f0e105835cec978d913da2a066738a11"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 28 Jan 2024 14:20:36 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Kh3hy6HjIDYImSGXvUmMGw==
x-fb-debug: DEdooGYclqxMT4P4gMYK4NBlQD1huut6Fnf2efjWvkoMxDZ4Ez1dXOZxJkAmzZ5B8AeRqGzvPYTjClWosfV3ag==
priority: u=3,i
content-length: 87091
x-fb-trip-id: 1679558926
date: Sat, 28 Jan 2023 15:22:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.tv/js/websocket_ip.min.js
190.115.19.71200 OK 3.1 kB URL HTTP/2 hqq.tv/js/websocket_ip.min.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (4292), with CRLF, LF line terminators
Hash dc09d4107a7d4e2cfc713079e0f426b1
0c5c7b623779a973f54a234ac41bc63b95ae205d
741b0dda8c42c5eb884c557282e2baae047968ec83e0cdbce8db1ae9b87d5a8a
GET /js/websocket_ip.min.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f32a7006b8b40885116dbfb75f96ccb8
cb015cec60fb4bc33aa7a3750fbb1ddf41ae3bc7
9c3d0bf41e413722c40827d8f7762e70ff324bee00e3f2e6049666b13cfab328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C3D0BF41E413722C40827D8F7762E70FF324BEE00E3F2E6049666B13CFAB328"
Last-Modified: Thu, 26 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4579
Expires: Sat, 28 Jan 2023 16:38:47 GMT
Date: Sat, 28 Jan 2023 15:22:28 GMT
Connection: keep-alive
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_h690
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_h690
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash d4a1fdc6ecbf704a222d9a50ef7495c9
ea2658c5f0d8841347acb33d47ae5960cae889d6
aa5acccec477dbabc8e1831adbc7511bffd933e87a6807d0446eff782ca28daf
GET /url/shares.json?url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_h690 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: sexgayplus.com/2019/06/ns-142/
last-modified: Sat, 28 Jan 2023 15:22:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Sat, 28 Jan 2023 15:22:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_ghmu0
23.38.200.123200 OK 54 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_ghmu0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 172347796ce997c94bb4f709ade37681
9f8219108f4214050acebd3a78a9d7bebf49ed07
2800424ca058069021cea8580668bed744cb3a310e2aeb368a2f584cb323d59d
GET /url/shares.json?url=http%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F&callback=_ate.cbs.rcb_ghmu0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: sexgayplus.com/2019/06/ns-142/
last-modified: Sat, 28 Jan 2023 15:22:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 54
date: Sat, 28 Jan 2023 15:22:28 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fsexgayplus.com%2F2019%2F06%2Fns-142%2F HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://sexgayplus.com/2019/06/ns-142/
last-modified: Sat, 28 Jan 2023 15:00:00 GMT
access-control-allow-origin: https://sexgayplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 28 Jan 2023 15:22:28 GMT
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=895132
185.94.236.246200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=895132
IP 185.94.236.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (386), with CRLF, LF line terminators
Hash d9a27f4c0867088f24ed5e6c84351058
b35bfa41cafbb9760b1160ccb6920b665511b94e
2fc0e4b44fc377f5a6238263aad012b720d944c4e2561a75222ba3d2f37a2705
GET /adshow.php?adzone=895132 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=e4ae610eec34d41f6d587896cc094900; expires=Sun, 28-Jan-2024 15:22:27 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps32298=1; expires=Sun, 29-Jan-2023 15:22:28 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjc1Nzk0ODtpOjE2NzUxNzg1NDc7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Tue, 31-Jan-2023 15:22:27 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
190.115.19.71200 OK 40 kB URL HTTP/2 hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5181)
Hash 3ff7a977d76d53fc343189e0ea690791
6f96ffd7b6ff50d2b059bc879139ca14703c5de4
fb7b5790cd7a502eb5a30beab2de693dd2cf9735810add47cd52cbc3c06a5648
GET /player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
i.jads.co/network/user500/23973-1505576633.gif
69.16.175.42200 OK 93 kB URL HTTP/2 i.jads.co/network/user500/23973-1505576633.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 160 x 600\012- data
Hash 2bebb29c666411ec2c89cf4d5c04e919
748c0f1a1013bc79a7607e1ef44d1195da5d7000
1997412a060694a278dacd156e15b66a7d23fbc8672df206097591e147600d77
GET /network/user500/23973-1505576633.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=e4ae610eec34d41f6d587896cc094900; imps27494=1; juicy_data_1=YToxOntpOjc1Nzk0ODtpOjE2NzUxNzg1NDc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:28 GMT
etag: "1505576633"
cache-control: max-age=27665632
content-length: 92705
content-type: image/gif
last-modified: Sat, 16 Sep 2017 15:43:53 GMT
accept-ranges: bytes
x-hw: 1674919348.dop002.sk1.t,1674919348.cds016.sk1.hn,1674919348.cds245.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user500/23973-1528691019.gif
69.16.175.42200 OK 354 kB URL HTTP/2 i.jads.co/network/user500/23973-1528691019.gif
IP 69.16.175.42:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 354 kB (354178 bytes)
Hash 308a414fcbd8afa59a6b5647f8a102f3
43b3109c1aad34e26e4ee3e614a466606d8945a0
3b15d01cb957c2fc1ecd6396ce86bdc9301ae6814fc8c8700588451f1e89376f
GET /network/user500/23973-1528691019.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=e4ae610eec34d41f6d587896cc094900; imps27494=1; juicy_data_1=YToxOntpOjY1MTU4OTtpOjE2NzUxNzg1NDc7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps43756=1; imps32298=1; imps27462=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:28 GMT
etag: "1528691019"
cache-control: max-age=12308416
content-length: 354178
content-type: image/gif
last-modified: Mon, 11 Jun 2018 04:23:39 GMT
accept-ranges: bytes
x-hw: 1674919348.dop002.sk1.t,1674919348.cds016.sk1.hn,1674919348.cds071.sk1.c
X-Firefox-Spdy: h2
5s0ilstnnr1x.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 5s0ilstnnr1x.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 5s0ilstnnr1x.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sexgayplus.com
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2246
Expires: Sat, 28 Jan 2023 15:59:54 GMT
Date: Sat, 28 Jan 2023 15:22:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2246
Expires: Sat, 28 Jan 2023 15:59:54 GMT
Date: Sat, 28 Jan 2023 15:22:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2246
Expires: Sat, 28 Jan 2023 15:59:54 GMT
Date: Sat, 28 Jan 2023 15:22:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 35sWCIsACAhQvXkJvBn0LGf2m9OTklgDprONw5CDUoXD97TUpJ9j5Q==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:35 GMT
age: 62813
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:20:03 GMT
age: 36145
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 62706
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 61588
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 62806
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 62742
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash aee147f507450e129ed9b490384a24fc
46420f6505750e4a75265affaf4eb21a90972de2
7351c78aa6b3a8392dfe70fbca4bb0a1c9288e8795b35b6b3cafa5891911ddd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 09:23:12 GMT
Expires: Wed, 01 Feb 2023 09:23:11 GMT
Etag: "46420f6505750e4a75265affaf4eb21a90972de2"
Cache-Control: max-age=323442,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790ab94a38e0b51d-OSL
intelligenceadx.com/lugv.php?_=BQFiAAAAAAAACZUAAkSgJnhO8SPbg_w0LStNP2Bmzt-uzIpvMjSJbrQ9FrpSC8NS9LYrgUb5DCmtVKLxH3Z0FFy3IUs_gMNkyz_9KwTr6Gf9AnYbJFNe-LgspaEKDFxeUs3KRb5FFIqLe9DjcwVPssvWush0zvj7SdmtqMJNAIkTWTYrRMVk3TVsN4otIOsE3nAD45hkys_tsRwS5pkhB76XDbetp3S1NE2e2MW7fMHaFbkgviPs3ZLv5aqEcZIzpWmEP3G5jEGvUV0q2kv9EKMapzwtzGVkrSvNJRsIXlSaxjm2uxp4uWrqp7lj0fUkr_lWY4SMp1zeZ43JkqVMLLmXw3gapf3ZyuIDy66cBLj1IHFhHZNdl5x_QOHBvHqE7zXaKhgLvMU_5gmY30tvLNUB4XXKro5ZsYv90o9W_8xxaNBkDAl-e_m94IzOOGufycEm6qyPTWAaA2Fmd541mGnziPvcvMXvlrO53XA&v=4&rMVlcbNQ=2571454&minBid=&wWSPTcqu=0,0&IEznwSJU=&qDOTtYdk=&s=1280,1024,1,1280,1024,0
208.95.114.100200 OK 44 B URL HTTP/2 intelligenceadx.com/lugv.php?_=BQFiAAAAAAAACZUAAkSgJnhO8SPbg_w0LStNP2Bmzt-uzIpvMjSJbrQ9FrpSC8NS9LYrgUb5DCmtVKLxH3Z0FFy3IUs_gMNkyz_9KwTr6Gf9AnYbJFNe-LgspaEKDFxeUs3KRb5FFIqLe9DjcwVPssvWush0zvj7SdmtqMJNAIkTWTYrRMVk3TVsN4otIOsE3nAD45hkys_tsRwS5pkhB76XDbetp3S1NE2e2MW7fMHaFbkgviPs3ZLv5aqEcZIzpWmEP3G5jEGvUV0q2kv9EKMapzwtzGVkrSvNJRsIXlSaxjm2uxp4uWrqp7lj0fUkr_lWY4SMp1zeZ43JkqVMLLmXw3gapf3ZyuIDy66cBLj1IHFhHZNdl5x_QOHBvHqE7zXaKhgLvMU_5gmY30tvLNUB4XXKro5ZsYv90o9W_8xxaNBkDAl-e_m94IzOOGufycEm6qyPTWAaA2Fmd541mGnziPvcvMXvlrO53XA&v=4&rMVlcbNQ=2571454&minBid=&wWSPTcqu=0,0&IEznwSJU=&qDOTtYdk=&s=1280,1024,1,1280,1024,0
IP 208.95.114.100:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /lugv.php?_=BQFiAAAAAAAACZUAAkSgJnhO8SPbg_w0LStNP2Bmzt-uzIpvMjSJbrQ9FrpSC8NS9LYrgUb5DCmtVKLxH3Z0FFy3IUs_gMNkyz_9KwTr6Gf9AnYbJFNe-LgspaEKDFxeUs3KRb5FFIqLe9DjcwVPssvWush0zvj7SdmtqMJNAIkTWTYrRMVk3TVsN4otIOsE3nAD45hkys_tsRwS5pkhB76XDbetp3S1NE2e2MW7fMHaFbkgviPs3ZLv5aqEcZIzpWmEP3G5jEGvUV0q2kv9EKMapzwtzGVkrSvNJRsIXlSaxjm2uxp4uWrqp7lj0fUkr_lWY4SMp1zeZ43JkqVMLLmXw3gapf3ZyuIDy66cBLj1IHFhHZNdl5x_QOHBvHqE7zXaKhgLvMU_5gmY30tvLNUB4XXKro5ZsYv90o9W_8xxaNBkDAl-e_m94IzOOGufycEm6qyPTWAaA2Fmd541mGnziPvcvMXvlrO53XA&v=4&rMVlcbNQ=2571454&minBid=&wWSPTcqu=0,0&IEznwSJU=&qDOTtYdk=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: intelligenceadx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 28 Jan 2023 15:22:28 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 16d321441df759be865e48b7cebf701b
114dbee2b94b6019064303802b44e84bdb61d2f5
05eb799f8fc1b25b1cf7036761d479a3602b934835b6e2856f8b08ad6b317d83
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 12:50:24 GMT
ETag: "114dbee2b94b6019064303802b44e84bdb61d2f5"
Last-Modified: Sat, 28 Jan 2023 12:50:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1405
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790ab9607c81b512-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash c83caa9e463ba1a6b9b29ab0d4256d93
1ae0989ddcc19ccf146b59889e35826e61d6d74b
88bb3a85e9c7d0bfdb726bc252c7d6c6bff70e7ff1cc99b1edcace9c3a9b0edb
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 15:22:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 01 Feb 2023 13:26:39 GMT
ETag: "1ae0989ddcc19ccf146b59889e35826e61d6d74b"
Last-Modified: Sat, 28 Jan 2023 13:26:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 903
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790ab960783efac4-OSL
counter.yadro.ru/hit?rhttps%3A//sexgayplus.com/;s1280*1024*24;uhttps%3A//hqq.tv/player/embed_player.php%3Fvid%3DYTZ0bEhNVVdWandSd3JBTmZKeWJCQT09%26autoplay%3Dno;0.5270665189798401
88.212.201.204200 OK 43 B URL HTTP/1.1 counter.yadro.ru/hit?rhttps%3A//sexgayplus.com/;s1280*1024*24;uhttps%3A//hqq.tv/player/embed_player.php%3Fvid%3DYTZ0bEhNVVdWandSd3JBTmZKeWJCQT09%26autoplay%3Dno;0.5270665189798401
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit?rhttps%3A//sexgayplus.com/;s1280*1024*24;uhttps%3A//hqq.tv/player/embed_player.php%3Fvid%3DYTZ0bEhNVVdWandSd3JBTmZKeWJCQT09%26autoplay%3Dno;0.5270665189798401 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 28 Jan 2023 15:22:32 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Thu, 27 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
hqq.tv/js/video.counters.2.js?117
190.115.19.71200 OK 74 kB URL HTTP/2 hqq.tv/js/video.counters.2.js?117
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
Hash df4f09d025b094e932d719b314888864
856208c463f3c54a4d3025688001ecc6c95bcf0b
77b8d3cf67f6445c88bb9ee30e124c044f0f3a6d015ac56a995eba292b996c17
GET /js/video.counters.2.js?117 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Cookie: uid=ULPrlr8zl9KQYf8uAblJkRGjplfHTAUI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 28 Jan 2023 15:22:32 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 28 Jan 2023 16:22:32 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hqq.tv/styles/global/embed_player.3.css?130
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/styles/global/embed_player.3.css?130
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hydrax.net/players/player.min.js
104.21.235.160404 Not Found 0 B URL HTTP/2 hydrax.net/players/player.min.js
IP 104.21.235.160:0
GET /players/player.min.js HTTP/1.1
Host: hydrax.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
cf-cache-status: HIT
age: 76202
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQB6AjyWyHjun7qoshHiqR7pY0qrJ%2FQ0UnJ%2Fba24dQiZZYOi4bNt26Cks9g%2Fl942gDPGw0ggo185YC8hLIrnlHaGpIcANUkZPtHFqXH%2FiEqB38Ru1p88U8FD10IR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790ab9407bda76cc-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sexgayplus.com/2019/06/ns-142/
104.21.235.165200 OK 0 B URL HTTP/2 sexgayplus.com/2019/06/ns-142/
IP 104.21.235.165:0
GET /2019/06/ns-142/ HTTP/1.1
Host: sexgayplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 25 Jan 2023 02:42:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XAXkhCEetDK7U7wtMSab0A1Ju7A8YdnO9h6uwNoPEf3iPGs%2F3ZZNx3RkZrryJtlgN3QtKzBEDvAzwa1r6wDzIZbZgMaUKKue2kpFqdZ%2FMbg5BTEa4zAIhkqvDc3iM0mDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790ab9379f86dd7b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
leonodikeu9sj10.com/apu.php?zoneid=1798067
62.122.171.6200 OK 0 B URL HTTP/2 leonodikeu9sj10.com/apu.php?zoneid=1798067
IP 62.122.171.6:0
GET /apu.php?zoneid=1798067 HTTP/1.1
Host: leonodikeu9sj10.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-10d38"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=3474x2w2u224u4q2q274x29414&u=http%3A%2F%2Fwww.juicyads.rocks
54.230.111.84200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=3474x2w2u224u4q2q274x29414&u=http%3A%2F%2Fwww.juicyads.rocks
IP 54.230.111.84:0
GET /jp.php?c=3474x2w2u224u4q2q274x29414&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Sat, 28 Jan 2023 15:13:55 GMT
expires: Sat, 28 Jan 2023 15:28:55 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PEaNtOjloDAit2-bl8FEe3Hc_BEP9MvLevKDoY0MBZRHnaY84taxBw==
age: 511
X-Firefox-Spdy: h2
leonodikeu9sj10.com/get/1798067?zoneid=1798067&jp=_cllx7dhf3cxlb818srof7q&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7428116908934355
62.122.171.6200 OK 0 B URL HTTP/2 leonodikeu9sj10.com/get/1798067?zoneid=1798067&jp=_cllx7dhf3cxlb818srof7q&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7428116908934355
IP 62.122.171.6:0
GET /get/1798067?zoneid=1798067&jp=_cllx7dhf3cxlb818srof7q&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7428116908934355 HTTP/1.1
Host: leonodikeu9sj10.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301281022051297b1459b43d68cdd0985dc; Path=/; Expires=Sun, 28 Jan 2024 15:22:26 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 28 Feb 2023 15:22:27 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2309308
vary: Accept-Encoding
server: cloudflare
cf-ray: 790ab93fcfd61c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP 104.16.124.175:0
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:27 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01G75513388K1MR4R8RW1AYXTV-fra
cf-cache-status: HIT
age: 17962848
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790ab93f0ec20b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/js/embed.205.js?736
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/embed.205.js?736
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/embed.205.js?736 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 04 Aug 2022 18:07:34 GMT
etag: W/"62ec0ae6-298ce"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed%7CRoboto%7CSource+Sans+Pro&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic%2Cgreek-ext%2Cgreek&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%7CRoboto%7CSource+Sans+Pro&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic%2Cgreek-ext%2Cgreek&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto+Condensed%7CRoboto%7CSource+Sans+Pro&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic%2Cgreek-ext%2Cgreek&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 15:22:26 GMT
date: Sat, 28 Jan 2023 15:22:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hedgehoghugsyou.com/aas/r45d/vki/1798067/d286ee1e.js
62.122.171.6200 OK 0 B URL HTTP/2 hedgehoghugsyou.com/aas/r45d/vki/1798067/d286ee1e.js
IP 62.122.171.6:0
GET /aas/r45d/vki/1798067/d286ee1e.js HTTP/1.1
Host: hedgehoghugsyou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-10d38"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
hqq.tv/js/video.jquery_plugs/modernizr.js?12
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/js/video.jquery_plugs/modernizr.js?12
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=YTZ0bEhNVVdWandSd3JBTmZKeWJCQT09&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
sexgayhd.com/player.php?id=-pdOX1MK6
104.21.233.197200 OK 0 B URL HTTP/2 sexgayhd.com/player.php?id=-pdOX1MK6
IP 104.21.233.197:0
GET /player.php?id=-pdOX1MK6 HTTP/1.1
Host: sexgayhd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexgayplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 15:22:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-rocket-nginx-serving-static: No
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKC6IKFB%2BheDtBsTtO0pEWmSA5tSvb4mRz3mWmc6FQyov%2F67kBkpgZIgh%2FXwUgQCO46CYd6aFNLoQbNjxWJiPV%2FqajNjF5Jm6PcWiFdKHaGN82olz5KWmQMmySsvubw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790ab93c881774a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2