r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6809
Expires: Wed, 29 Mar 2023 17:04:42 GMT
Date: Wed, 29 Mar 2023 15:11:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2163
Expires: Wed, 29 Mar 2023 15:47:16 GMT
Date: Wed, 29 Mar 2023 15:11:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 14:15:56 GMT
content-type: application/json
age: 3317
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15666
Expires: Wed, 29 Mar 2023 19:32:19 GMT
Date: Wed, 29 Mar 2023 15:11:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: HaG0+vsmdj/+nKjVJd6GpKvY3slcOD8wBO7MthbPE/78iJAb0VBYrg9Z3LRtR1Y8/EWSHQMEJaDkshB+ACqDjQ==
x-amz-request-id: WVTRZ8AZDDN2GT6Q
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 15:02:32 GMT
age: 521
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 15:11:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sexyhotmalemodels.blogspot.ca/
172.217.21.161302 Moved Temporarily 182 B URL HTTP/1.1 sexyhotmalemodels.blogspot.ca/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 953acc4bb990fe97587112ee23352daa
38a148cae6e0fc032bc206c6b89c248dfbae5c3c
ff5df973b08b3ce46c1d29071cf142a89b836f489ab8716ccc5e8e3c41cd1002
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sexyhotmalemodels.blogspot.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://sexyhotmalemodels.blogspot.com/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 29 Mar 2023 15:11:13 GMT
Expires: Wed, 29 Mar 2023 15:11:13 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 182
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 14:17:26 GMT
age: 3227
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2476
Expires: Wed, 29 Mar 2023 15:52:30 GMT
Date: Wed, 29 Mar 2023 15:11:14 GMT
Connection: keep-alive
push.services.mozilla.com/
44.238.134.247101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.134.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vPdvfCIWmWclZrHWKXWVig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CHvfq9anWDDgF1eBtHU5pLCrbqs=
sexyhotmalemodels.blogspot.com/
172.217.21.161200 OK 29 kB URL HTTP/1.1 sexyhotmalemodels.blogspot.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2706)
Hash aaa046255dd8adff009ad2d2b60701ea
609102abb51a32ba1ed7608a68f810cbd96b455b
e97d6349a598e0190245af68f29f3be91e1e55c7b3c30008250ef8242c7e0b70
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: sexyhotmalemodels.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 29 Mar 2023 15:11:14 GMT
Date: Wed, 29 Mar 2023 15:11:14 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 17 Mar 2023 06:07:43 GMT
ETag: W/"e67e11401ddcba5d3ab874619bd7a71471b5a34e9f1d2bc9bc8baac7b004081b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 28588
Server: GSE
www.google.com/cse/api/branding.css
142.250.74.132301 Moved Permanently 240 B URL HTTP/1.1 www.google.com/cse/api/branding.css
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 45d8b9287efe893be2350ff89f991c63
aff877b245649e7f02f940b70d1fb51728782ce2
8419b15bd2324a0463f4ee81576bf262cfd32e584337586ca02fc18f68f01408
GET /cse/api/branding.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://cse.google.com/cse/api/branding.css
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 240
X-XSS-Protection: 0
Date: Wed, 29 Mar 2023 15:08:22 GMT
Expires: Wed, 29 Mar 2023 15:38:22 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 172
pagead2.googlesyndication.com/pagead/show_ads.js
142.250.74.162200 OK 35 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/show_ads.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (4129)
Hash 765b12997b57457993cc45c80cd19aae
e3dddd4f455d2624f0b80dda124b048f0c769ff2
5d17bcd3c1e12f30fbc1c10c819349820e556c534999a06305e1bb5ad49f9689
GET /pagead/show_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Wed, 29 Mar 2023 15:11:14 GMT
Expires: Wed, 29 Mar 2023 15:11:14 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 6544079868526595020
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 34853
X-XSS-Protection: 0
www.e-referrer.com/link.js
104.26.0.2301 Moved Permanently 0 B URL HTTP/1.1 www.e-referrer.com/link.js
IP 104.26.0.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /link.js HTTP/1.1
Host: www.e-referrer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 16:11:14 GMT
Location: https://www.e-referrer.com/link.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H927pb%2FPEcNxP1%2FCXzq8cuzNHZb5M0OkSre8hsJ%2FYTBzvoE7gGqx1y0TtSPlSXOU1wwpBSvx6fNgWlEjbBYTOhTAuo885Iqq%2FzCwli1MYheTqZDLUC6wCDXZtVxBFonMHH9nfw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b563c0ab4f7-OSL
alt-svc: h2=":443"; ma=60
www.google.com/friendconnect/script/friendconnect.js
142.250.74.132404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Wed, 29 Mar 2023 15:11:14 GMT
www.google.com/reader/ui/publisher-en.js
142.250.74.132301 Moved Permanently 233 B URL HTTP/1.1 www.google.com/reader/ui/publisher-en.js
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 736b567a1b70a67b06608f062431b32d
0631616a1e476a01ef1ed1819b4b3ca7ff304a6a
773f7f80897e7c3e17b6626afd340e1b2df337a280359a99a42b766c40873874
GET /reader/ui/publisher-en.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.google.com/reader/about/
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:14 GMT
Expires: Wed, 29 Mar 2023 15:41:14 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 233
X-XSS-Protection: 0
www.google.com/reader/public/javascript/user/04557943967814531778/label/Gay%20feeds?n=10&callback=GRC_p(%7Bc%3A%22slate%22%2Ct%3A%22Posts%20from%20other%20great%20blogs%22%2Cs%3A%22true%22%2Cb%3A%22false%22%7D)%3Bnew%20GRC
142.250.74.132301 Moved Permanently 233 B URL HTTP/1.1 www.google.com/reader/public/javascript/user/04557943967814531778/label/Gay%20feeds?n=10&callback=GRC_p(%7Bc%3A%22slate%22%2Ct%3A%22Posts%20from%20other%20great%20blogs%22%2Cs%3A%22true%22%2Cb%3A%22false%22%7D)%3Bnew%20GRC
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 736b567a1b70a67b06608f062431b32d
0631616a1e476a01ef1ed1819b4b3ca7ff304a6a
773f7f80897e7c3e17b6626afd340e1b2df337a280359a99a42b766c40873874
GET /reader/public/javascript/user/04557943967814531778/label/Gay%20feeds?n=10&callback=GRC_p(%7Bc%3A%22slate%22%2Ct%3A%22Posts%20from%20other%20great%20blogs%22%2Cs%3A%22true%22%2Cb%3A%22false%22%7D)%3Bnew%20GRC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.google.com/reader/about/
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:14 GMT
Expires: Wed, 29 Mar 2023 15:41:14 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 233
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da5881230c9caa8ce119f6d09987f94f
c9d790e3232282c7aaac70ffbb4d771964359561
055183b5e85764c678363620aa813083f41ad7bfd07c1efd1b474d536ddeded2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4bbc94d51dd0d8ddbeb3d5010fd7430b
eb72275770dc8bc2537401ae205a6d0c6be77af7
29538d9c3349a0e867d22b42d90ecf0a52ded19b45617b1f6dbe53b1e249d0e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sexyhotmalemodels.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 sexyhotmalemodels.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: sexyhotmalemodels.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 29 Mar 2023 15:11:14 GMT
Expires: Wed, 05 Apr 2023 15:11:14 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 29 Mar 2023 14:49:53 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Mar 2023 10:34:40 GMT
expires: Mon, 25 Mar 2024 10:34:40 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 25 Mar 2023 21:51:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 275795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgets.wowzio.net/widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes
213.227.149.201429 Too Many Requests 17 B URL HTTP/1.1 widgets.wowzio.net/widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes
IP 213.227.149.201:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash eeb13468b73d93fa8bcbe3ebae6df720
1f55c90d5ce61c6447e923443d496b137be35c63
802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca
GET /widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes HTTP/1.1
Host: widgets.wowzio.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 17
date: Wed, 29 Mar 2023 15:11:14 GMT
server: nginx
set-cookie: sid=f2d70c0a-ce43-11ed-a983-fb0e4765650d; path=/; domain=.wowzio.net; expires=Mon, 16 Apr 2091 18:25:22 GMT; max-age=2147483647; HttpOnly
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 3161bcab6d00af494c239ab853923a64
3a9c842aa0b2fc894aea7a308a56cc09fce0def3
2b5444c3782c761e5ddb30bd733e9f746f49b3442c5d787b0a7b0c10434fe81f
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Wed, 29 Mar 2023 15:11:15 GMT
expires: Wed, 29 Mar 2023 15:11:15 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a817d6f6a95ec85f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/229717095-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/229717095-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash dc7c06f82a42a33e70846ce719f66afe
df92f5b616d8ccd0c8ec7a28cf93b3723f622aaa
b91be7bfb94fddea66f6051c7b795f4571b23390c44ceacff91ed5f5046769dc
GET /static/v1/widgets/229717095-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56922
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 02:29:22 GMT
expires: Tue, 26 Mar 2024 02:29:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Mar 2023 01:49:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 218513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f963800b69e4efd29c7389de243002ae
24d5d79582fc3d78e1e7fdd40ea8713083605cf3
ce00c7bfaed0249e80deca031fefb6074f803d85b81086705f868c0e7e89ca57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.162200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.162:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Tue, 28 Mar 2023 17:55:45 GMT
Expires: Tue, 11 Apr 2023 17:55:45 GMT
Cache-Control: public, max-age=1209600
Age: 76530
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
172.217.21.174200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
IP 172.217.21.174:0
File type ASCII text, with very long lines (1530)
Hash 36a46584cf5844d36f358524bdb8f81c
bdffe8f2e18bbb8209fdfa54149728a8d5244e41
1ae488515a1c92a1c028bad7172b69b96f0a03dd921ea3c2baafac1345cfdef3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 61154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 17:31:26 GMT
expires: Tue, 26 Mar 2024 17:31:26 GMT
cache-control: public, max-age=31536000
age: 164389
last-modified: Thu, 09 Mar 2023 16:31:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4bbc94d51dd0d8ddbeb3d5010fd7430b
eb72275770dc8bc2537401ae205a6d0c6be77af7
29538d9c3349a0e867d22b42d90ecf0a52ded19b45617b1f6dbe53b1e249d0e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/reader/about/
142.250.74.132404 Not Found 1.6 kB URL HTTP/2 www.google.com/reader/about/
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 9e8d87e047a68722df2b9d50409c5551
d91385aa8243c108d00ec0011a915c24ace0c6ce
d50798b3e9ae6b2fea48d82618cd0973a7fee89a792f633bf27a662ef92bc6ba
GET /reader/about/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:11:15 GMT
server: sffe
content-length: 1574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dc0cf0275c44e5495e8f323c00b9d588
f7f19e521a439f85915f7582797a060629b879c6
abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/reader/about/
142.250.74.132404 Not Found 1.6 kB URL HTTP/2 www.google.com/reader/about/
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 9e8d87e047a68722df2b9d50409c5551
d91385aa8243c108d00ec0011a915c24ace0c6ce
d50798b3e9ae6b2fea48d82618cd0973a7fee89a792f633bf27a662ef92bc6ba
GET /reader/about/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:11:15 GMT
server: sffe
content-length: 1574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6674c1bff1cd533fa4a8992632d6d4e3
a2ca2162800e1401ac9a13d854faaa022997d823
c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/friendconnect/script/friendconnect.js
142.250.74.132404 Not Found 1.6 kB URL HTTP/1.1 www.google.com/friendconnect/script/friendconnect.js
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8dc494040a252b9a3a9ea04255941cd6
663805a606e28589d28362cc1d8fa19a5bc56860
24d511499e91216fa0deefaf1c2875a378f83b01b170f2dfc50d27f2a4978a0a
GET /friendconnect/script/friendconnect.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1598
Date: Wed, 29 Mar 2023 15:11:15 GMT
www.intensedebate.com/widgets/acctComment/57143/5
192.0.123.247301 Moved Permanently 162 B URL HTTP/1.1 www.intensedebate.com/widgets/acctComment/57143/5
IP 192.0.123.247:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /widgets/acctComment/57143/5 HTTP/1.1
Host: www.intensedebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.intensedebate.com/widgets/acctComment/57143/5
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=pub-4081450217422511&plah=sexyhotmalemodels.blogspot.com
142.250.74.162200 OK 120 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=pub-4081450217422511&plah=sexyhotmalemodels.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with very long lines (4362)
Size 120 kB (119865 bytes)
Hash 667dc8546c21aed07761a4bfe29850d1
e9b92da2566245f1979ef2c4cba12e8256f15000
9e92266117fd6f2959e6eb2df35fc3e2beb74d0336fe48166df2e15de8290020
GET /pagead/managed/js/adsense/m202303230101/show_ads_impl_with_ama_fy2021.js?client=pub-4081450217422511&plah=sexyhotmalemodels.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Mar 2023 15:11:15 GMT
expires: Wed, 29 Mar 2023 15:11:15 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 10296029140893382747
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
referer.org/list.js
194.9.94.86200 OK 5.6 kB IP 194.9.94.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (302)
Hash f8c8a6213fff3b85fe6fcbb2ff0f6950
0a40057c2dce8c8f0d48b38b2f84677602434eb0
fe52ddb15ee064195d87bcb98c8976b2fb961297167640a1d4a9bb754ed6552f
GET /list.js HTTP/1.1
Host: referer.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8
192.0.123.247301 Moved Permanently 162 B URL HTTP/1.1 www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8
IP 192.0.123.247:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8 HTTP/1.1
Host: www.intensedebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 62f4ae291e4f545342687d27f50f2f8d
abcad5ddca3d2b0daecac01fa4f19639a87d47a5
86fcae8aba71ce5c157220afebfb5ce719bc497a74fbc73ac1ed0551aed28b2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spicypage.com/inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0
172.67.171.201301 Moved Permanently 0 B URL HTTP/1.1 www.spicypage.com/inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0
IP 172.67.171.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0 HTTP/1.1
Host: www.spicypage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 16:11:15 GMT
Location: https://www.spicypage.com/inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTFgzdrMyNDeu6E8LMyj7%2F%2B%2Fh72KHXngAjOv%2FTdn6V3G%2FZKu%2Bgfy9H6%2FS%2F3TP984j0ndJtu9LeZYPafKgZxoR3vWlslijlugtgo22HtwPKdFm29f8vXsjZmvN6QfTMt42CpAbg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b593fbeb51e-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/urchin.js
142.250.74.110200 OK 6.8 kB URL HTTP/1.1 www.google-analytics.com/urchin.js
IP 142.250.74.110:0
Hash b2a53ddd32fa730ace44acf796ced69d
248293a9e5a5a062c17517d115a4f59396db6833
d816d84a12f8cebe9ffaaca1b804894f9e46882a6719605359db2aad44afab85
GET /urchin.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 6847
Date: Tue, 28 Mar 2023 18:09:04 GMT
Expires: Tue, 11 Apr 2023 18:09:04 GMT
Cache-Control: public, max-age=1209600
Age: 75731
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 69d033c232e94b122a0b66e4733f1d57
dca98865e28271c9eafc7307850dbce5126c1a86
d80b57ddab8c2898af0939a454bb1296abd2f964c3bf3eaea2bab7c225d73490
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cse.google.com/cse/api/branding.css
142.250.74.174200 OK 322 B URL HTTP/2 cse.google.com/cse/api/branding.css
IP 142.250.74.174:0
Hash eb44259f9eed170ffd1b7293b57ca0f8
3099cbdc7f7ac67ec5863ae5f1a669163b56c6c4
7ddb01d9a89048ea77b75c1fc966e14c3c6c3bfe5d45b5b372f3d93ccc9670f4
GET /cse/api/branding.css HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: pfe
content-length: 322
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 29 Mar 2023 14:51:56 GMT
expires: Wed, 29 Mar 2023 15:21:56 GMT
cache-control: public, max-age=1800
age: 1159
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bestmaleblogs.com/banners/bmb_banner.gif
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 www.bestmaleblogs.com/banners/bmb_banner.gif
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/bmb_banner.gif HTTP/1.1
Host: www.bestmaleblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 16:11:15 GMT
Location: https://www.gaydemon.com/directory/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBaR%2FvIuncnbxZb7sWQ82zJUscxueezf%2Fl7xrdLE4BVDRTyIp4l3QUjBVwNboUYUYNUo1c1JMjPiPsWKCodEmjVb%2FwWCKzeFcXjR1R%2B5vR16RQidDA8P6qhv8NflKosb04TU%2FAZOMgk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b59f8b40b69-OSL
alt-svc: h2=":443"; ma=60
referer.org/referer.gif
194.9.94.86200 OK 5.6 kB IP 194.9.94.86:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (302)
Hash f8c8a6213fff3b85fe6fcbb2ff0f6950
0a40057c2dce8c8f0d48b38b2f84677602434eb0
fe52ddb15ee064195d87bcb98c8976b2fb961297167640a1d4a9bb754ed6552f
GET /referer.gif HTTP/1.1
Host: referer.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/8.1.13
www.bestmaleblogs.com/banners/bmb_button2.gif
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 www.bestmaleblogs.com/banners/bmb_button2.gif
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/bmb_button2.gif HTTP/1.1
Host: www.bestmaleblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 16:11:15 GMT
Location: https://www.gaydemon.com/directory/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q85gJihAdV3U5DPbSebkiQyhfaQY5Mhxfs%2FMusNhRbTPmP%2B8J2oqFiTnKB0Qp9DhuVjXHRBdiPDo6DXOEhf%2BzCfqX%2BiE4HEJ9h5PJlDR5SrAj%2FSy2oupaQWnXBAkrAWh%2FMMz9peTcB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b59fa8cb51d-OSL
alt-svc: h2=":443"; ma=60
www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif
142.250.74.132200 OK 488 B URL HTTP/1.1 www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif
IP 142.250.74.132:0
File type GIF image data, version 89a, 56 x 20\012- data
Hash 7759990ff12382cab2e362e8de465c92
bf76285ae03b5544f889580113334d302f055c2b
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
GET /images/poweredby_transparent/poweredby_FFFFFF.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 488
Date: Wed, 29 Mar 2023 15:11:15 GMT
Expires: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.bestmaleblogs.com/banners/bmb_button1.gif
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 www.bestmaleblogs.com/banners/bmb_button1.gif
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/bmb_button1.gif HTTP/1.1
Host: www.bestmaleblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 16:11:15 GMT
Location: https://www.gaydemon.com/directory/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppI%2FcT%2BlputgaCAsmgRLU7Fan4QJrrFRsbiMSiLF5EeDFc2w%2BjSUN42RrmLLHKuyCsyDkkZiAJHTdjntMwSC7rWQW8uIvr93shlU3NpLuIkzvHtDgiMqXwmGixBzL6VFdwWm4TxnzoI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b5a0a64b4ff-OSL
alt-svc: h2=":443"; ma=60
bp0.blogger.com/_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg
216.58.207.206301 Moved Permanently 298 B URL HTTP/1.1 bp0.blogger.com/_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 50c5569fbb17f520f5b71f6835aacdb8
4a9aa1321c95c4e97b92fa985a1f7e4bca5e33a2
f7134ad91c48808443be4c44ffe56a6b65a72e998d0af1d1845c1e58f9d884d5
GET /_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg HTTP/1.1
Host: bp0.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://1.bp.blogspot.com/_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Mar 2023 15:11:15 GMT
Expires: Fri, 28 Apr 2023 15:11:15 GMT
Cache-Control: public, max-age=2592000
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 298
X-XSS-Protection: 0
bp3.blogger.com/_OMLYyLC8HTo/SBc3natt_MI/AAAAAAAAHAk/-xL_z_GUut0/s400/banner_gs_square.jpg
216.58.207.206301 Moved Permanently 297 B URL HTTP/1.1 bp3.blogger.com/_OMLYyLC8HTo/SBc3natt_MI/AAAAAAAAHAk/-xL_z_GUut0/s400/banner_gs_square.jpg
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ed4cd2e756b5e6155a6f54697d094838
60713517780bdf83849a03084091d3aa088b6c1c
81c235523ab1a586b58164b40ba0901eab14f9075a4fa3bfbc0f649a5cf98b5b
GET /_OMLYyLC8HTo/SBc3natt_MI/AAAAAAAAHAk/-xL_z_GUut0/s400/banner_gs_square.jpg HTTP/1.1
Host: bp3.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://1.bp.blogspot.com/_OMLYyLC8HTo/SBc3natt_MI/AAAAAAAAHAk/-xL_z_GUut0/s400/banner_gs_square.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Mar 2023 15:11:15 GMT
Expires: Fri, 28 Apr 2023 15:11:15 GMT
Cache-Control: public, max-age=2592000
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 297
X-XSS-Protection: 0
bp3.blogger.com/_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg
216.58.207.206301 Moved Permanently 285 B URL HTTP/1.1 bp3.blogger.com/_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1d6f8e582d2f5ac990004a9ab2224494
4ea26eff5fbac5cecffc75adc2c03e000600e011
57957973ad50ae07f21e49659eb4ef5e9363b100e9b9be667126f2144ac5f898
GET /_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg HTTP/1.1
Host: bp3.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://1.bp.blogspot.com/_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Mar 2023 15:11:15 GMT
Expires: Fri, 28 Apr 2023 15:11:15 GMT
Cache-Control: public, max-age=2592000
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 285
X-XSS-Protection: 0
bp3.blogger.com/_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg
216.58.207.206301 Moved Permanently 290 B URL HTTP/1.1 bp3.blogger.com/_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg
IP 216.58.207.206:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 52f62cee3ed14a2fed3703ff9b51aa07
6c3c606e6d31ba3f9050a211f1b0fc97599df935
fced9f2dcbe011c0580303e806ecb4f441c32973b8ce2b84a7be8c6380a4912a
GET /_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg HTTP/1.1
Host: bp3.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://1.bp.blogspot.com/_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 Mar 2023 15:11:15 GMT
Expires: Fri, 28 Apr 2023 15:11:15 GMT
Cache-Control: public, max-age=2592000
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 290
X-XSS-Protection: 0
www.bestgayblogs.com/wp-content/uploads/2008/08/proudly.gif
15.197.142.173404 Not Found 125 B URL HTTP/1.1 www.bestgayblogs.com/wp-content/uploads/2008/08/proudly.gif
IP 15.197.142.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 2995357b538ef792ce59b1b7cca539c4
d33d8ce38719b45d0731f075f71593351023318c
aef27e8433e35954afe1798da5bde96145b020160cc2f16b1424425253fb545b
GET /wp-content/uploads/2008/08/proudly.gif HTTP/1.1
Host: www.bestgayblogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 125
Connection: keep-alive
Server: ip-100-74-3-20.eu-west-2.compute.internal
X-Request-Id: 5c65c1ca-7a32-49b5-b878-7e88ee06bd97
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b8b71e463fbb59d8e887536da0d257fc
d5a6d495f87af910d18859273097d92fde1d90fd
c4be6fd51e3951fcb0ae4c139718320ebcc1e09aaa824215a523ed72f9229e0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 29 Mar 2023 15:11:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f161a33a46c303fe6941d93b84aa0db4
44f5db5883e92d3ced3250ef1af279ca6cd21ef6
106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogarama.com/images/button.gif
172.66.40.190301 Moved Permanently 171 B URL HTTP/1.1 www.blogarama.com/images/button.gif
IP 172.66.40.190:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e536c5996b8f3de6a397254bd5c1a8f1
259198bb9df26b8e309b1a9773fef9029d2bd9df
dd7a864eaeaf3352e31fdcfaecb72224580537deb82dfe83d5c083cfcc9537de
GET /images/button.gif HTTP/1.1
Host: www.blogarama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://blogarama.com/images/button.gif
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRfk2OaLpPHk874B6M2rAYKWTf4h%2F3KrtYWvkdM2WUar2AvEGVop99ANJbPKEAFvU8SgrrGyrmzKZhkz1xOkwZBN6gUEhcu%2F6QYMVe4hTz4DQh8SRoAvb2l82pp8yKZgt4FLgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b59f9afb4f3-OSL
alt-svc: h2=":443"; ma=60
partner.googleadservices.com/gampad/cookie.js?domain=sexyhotmalemodels.blogspot.com&callback=_gfp_s_&client=ca-pub-4081450217422511
142.250.74.34200 OK 255 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=sexyhotmalemodels.blogspot.com&callback=_gfp_s_&client=ca-pub-4081450217422511
IP 142.250.74.34:0
File type ASCII text, with very long lines (391), with no line terminators
Hash e0f75d04e271b7a274a86001621ebeea
af012999e7b15c2b3edcd42d49ed5945fb9bf659
6f838746c548cad500c42ee402c591a9483d7c2081c7aee3970addf4e43c20f9
GET /gampad/cookie.js?domain=sexyhotmalemodels.blogspot.com&callback=_gfp_s_&client=ca-pub-4081450217422511 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 29 Mar 2023 15:11:15 GMT
server: cafe
cache-control: private
content-length: 255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 29 Mar 2023 15:11:15 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh6.ggpht.com/pukkap/SKxm-Ey1g5I/AAAAAAAAMGg/uRhHATWHBQ4/toolb.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SKxm-Ey1g5I/AAAAAAAAMGg/uRhHATWHBQ4/toolb.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SKxm-Ey1g5I/AAAAAAAAMGg/uRhHATWHBQ4/toolb.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SPY-ZMzBV4I/AAAAAAAAOPQ/siBRi0Iku5Q/buttonslide.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPY-ZMzBV4I/AAAAAAAAOPQ/siBRi0Iku5Q/buttonslide.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-ZMzBV4I/AAAAAAAAOPQ/siBRi0Iku5Q/buttonslide.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SP84NB0wB1I/AAAAAAAASTE/UYOVTcS9G9I/sports.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SP84NB0wB1I/AAAAAAAASTE/UYOVTcS9G9I/sports.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SP84NB0wB1I/AAAAAAAASTE/UYOVTcS9G9I/sports.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SPZUXYLEqXI/AAAAAAAAORg/BywbI7vmI50/ulisses2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPZUXYLEqXI/AAAAAAAAORg/BywbI7vmI50/ulisses2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUXYLEqXI/AAAAAAAAORg/BywbI7vmI50/ulisses2.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SPY-ZG4hGHI/AAAAAAAAOPI/hZCjlhNQmOM/buttongoss.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPY-ZG4hGHI/AAAAAAAAOPI/hZCjlhNQmOM/buttongoss.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-ZG4hGHI/AAAAAAAAOPI/hZCjlhNQmOM/buttongoss.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SPY-ZhMzmWI/AAAAAAAAOPg/6Xcoq6mp1R8/buttonsmdvids.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPY-ZhMzmWI/AAAAAAAAOPg/6Xcoq6mp1R8/buttonsmdvids.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-ZhMzmWI/AAAAAAAAOPg/6Xcoq6mp1R8/buttonsmdvids.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SHD0m8-I-iI/AAAAAAAAJyk/xhhA7VvgLSE/agd-link-image-2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SHD0m8-I-iI/AAAAAAAAJyk/xhhA7VvgLSE/agd-link-image-2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SHD0m8-I-iI/AAAAAAAAJyk/xhhA7VvgLSE/agd-link-image-2.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh3.ggpht.com/pukkap/SPZUW1w51OI/AAAAAAAAORA/LFpGmaAspv8/musclemodels2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh3.ggpht.com/pukkap/SPZUW1w51OI/AAAAAAAAORA/LFpGmaAspv8/musclemodels2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUW1w51OI/AAAAAAAAORA/LFpGmaAspv8/musclemodels2.jpg HTTP/1.1
Host: lh3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh3.ggpht.com/_OMLYyLC8HTo/SQ97ggb1j0I/AAAAAAAASsI/RQDT0dCT3TI/ashwood4.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh3.ggpht.com/_OMLYyLC8HTo/SQ97ggb1j0I/AAAAAAAASsI/RQDT0dCT3TI/ashwood4.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/SQ97ggb1j0I/AAAAAAAASsI/RQDT0dCT3TI/ashwood4.jpg HTTP/1.1
Host: lh3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh6.ggpht.com/pukkap/SPZAlf52CjI/AAAAAAAAOQQ/qkBr1xgiCbA/buttongayguide.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SPZAlf52CjI/AAAAAAAAOQQ/qkBr1xgiCbA/buttongayguide.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZAlf52CjI/AAAAAAAAOQQ/qkBr1xgiCbA/buttongayguide.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh6.ggpht.com/_OMLYyLC8HTo/STPiAfblq4I/AAAAAAAAULA/PA_u8nuZ8kk/TOOLBAROWN.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/_OMLYyLC8HTo/STPiAfblq4I/AAAAAAAAULA/PA_u8nuZ8kk/TOOLBAROWN.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/STPiAfblq4I/AAAAAAAAULA/PA_u8nuZ8kk/TOOLBAROWN.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh6.ggpht.com/pukkap/SPY-ZmOB74I/AAAAAAAAOPo/1gPEupNSGA4/buttonmodels.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SPY-ZmOB74I/AAAAAAAAOPo/1gPEupNSGA4/buttonmodels.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-ZmOB74I/AAAAAAAAOPo/1gPEupNSGA4/buttonmodels.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh6.ggpht.com/pukkap/SK3b7Q-DJyI/AAAAAAAAMI4/7kitXvN4JQs/gaymoney2.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SK3b7Q-DJyI/AAAAAAAAMI4/7kitXvN4JQs/gaymoney2.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SK3b7Q-DJyI/AAAAAAAAMI4/7kitXvN4JQs/gaymoney2.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh6.ggpht.com/pukkap/SPZUdnnx2kI/AAAAAAAAORo/GMF2ZAqK6Zo/wallpapers2.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SPZUdnnx2kI/AAAAAAAAORo/GMF2ZAqK6Zo/wallpapers2.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUdnnx2kI/AAAAAAAAORo/GMF2ZAqK6Zo/wallpapers2.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
i52.photobucket.com/albums/g7/vinayak06/BetaBlog4Dummies150x50.gif
54.230.111.106301 Moved Permanently 167 B URL HTTP/1.1 i52.photobucket.com/albums/g7/vinayak06/BetaBlog4Dummies150x50.gif
IP 54.230.111.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/g7/vinayak06/BetaBlog4Dummies150x50.gif HTTP/1.1
Host: i52.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i52.photobucket.com/albums/g7/vinayak06/BetaBlog4Dummies150x50.gif
X-Cache: Redirect from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YH4MhWb4BrdvjaY43ZmwncLnuHnnRNyO58UFZWQMRruKs0d5QBAMNA==
Vary: Origin
www.charmants.com/wp-content/promo/widget/charmants160600.jpg
185.83.214.222302 Found 0 B URL HTTP/1.1 www.charmants.com/wp-content/promo/widget/charmants160600.jpg
IP 185.83.214.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/promo/widget/charmants160600.jpg HTTP/1.1
Host: www.charmants.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Powered-By: PHP/7.1.33-52+ubuntu20.04.1+deb.sury.org+1
Cache-Control: max-age=2592000
Access-Control-Allow-Origin: http://www.charmants.com
Location: http://charmants.com/wp-content/promo/widget/charmants160600.jpg
www.blogthishere.com/button.png
45.33.50.203200 OK 299 B URL HTTP/1.1 www.blogthishere.com/button.png
IP 45.33.50.203:0
File type PNG image data, 80 x 15, 8-bit/color RGB, non-interlaced\012- data
Hash f1f5bdb2de1dbb28ef8b647d7b187096
5a6b1641bd1f592df5de11f0b21a7ad88f4bbdd8
ff10817baaeb62598fd5af85c327a1ba9234f8b035b4379ca06501bb886cdf62
GET /button.png HTTP/1.1
Host: www.blogthishere.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 05 Mar 2017 09:52:16 GMT
ETag: "1c712-12b-549f8bbdd44ee"
Accept-Ranges: bytes
Content-Length: 299
Cache-Control: max-age=31536000
Expires: Thu, 28 Mar 2024 15:11:15 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.latinboyz.com/images/banner160x232d.jpg
135.148.2.200301 Moved Permanently 341 B URL HTTP/1.1 www.latinboyz.com/images/banner160x232d.jpg
IP 135.148.2.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 31a5cf9ca3aff8b1a2ab2521792efdc1
e456579da49fa39d392d61ae417f45b492814371
81b44032d6fd2fb4f3e0be6f841a15cb40b77ede4de73b191ff17be01e6edb2a
GET /images/banner160x232d.jpg HTTP/1.1
Host: www.latinboyz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: Apache/2.4.6 (CentOS)
Location: https://www.latinboyz.com/images/banner160x232d.jpg
Content-Length: 341
Connection: close
Content-Type: text/html; charset=iso-8859-1
lh5.ggpht.com/_OMLYyLC8HTo/SSBEUR2rSLI/AAAAAAAATU0/EtZma3bD9sI/next_hot_model.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/_OMLYyLC8HTo/SSBEUR2rSLI/AAAAAAAATU0/EtZma3bD9sI/next_hot_model.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/SSBEUR2rSLI/AAAAAAAATU0/EtZma3bD9sI/next_hot_model.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh5.ggpht.com/pukkap/SPY-3H6677I/AAAAAAAAOPw/w7YMDDTINDg/buttonsports.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPY-3H6677I/AAAAAAAAOPw/w7YMDDTINDg/buttonsports.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-3H6677I/AAAAAAAAOPw/w7YMDDTINDg/buttonsports.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
simpletricksblog.googlepages.com/blogger-widgets.gif
142.250.74.147301 Moved Permanently 262 B URL HTTP/1.1 simpletricksblog.googlepages.com/blogger-widgets.gif
IP 142.250.74.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 06dc239503f8a2f4f0eee7e9de0841d4
03d4997361bc49b4ea6a42766ca60568a8c2e50f
21758435f548db3d55408612180952ecca3b105d98e8dc8a0563eb62ef688cda
GET /blogger-widgets.gif HTTP/1.1
Host: simpletricksblog.googlepages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: http://sites.google.com/site/simpletricksblog/blogger-widgets.gif
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 262
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh5.ggpht.com/pukkap/SPY-3U7ls1I/AAAAAAAAOQA/90bOpDhnPSo/buttonblack.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPY-3U7ls1I/AAAAAAAAOQA/90bOpDhnPSo/buttonblack.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-3U7ls1I/AAAAAAAAOQA/90bOpDhnPSo/buttonblack.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh5.ggpht.com/pukkap/SPZUK77nD4I/AAAAAAAAOQ4/Qrn6bzTbOx8/jocks2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPZUK77nD4I/AAAAAAAAOQ4/Qrn6bzTbOx8/jocks2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUK77nD4I/AAAAAAAAOQ4/Qrn6bzTbOx8/jocks2.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh5.ggpht.com/pukkap/SPZUKBSK4GI/AAAAAAAAOQg/slt4VK3f_Gg/blackwhite2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPZUKBSK4GI/AAAAAAAAOQg/slt4VK3f_Gg/blackwhite2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUKBSK4GI/AAAAAAAAOQg/slt4VK3f_Gg/blackwhite2.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:15 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
www.linkreferral.com/images/linkreferal/linkbutton.gif
167.114.57.160404 Not Found 231 B URL HTTP/1.1 www.linkreferral.com/images/linkreferal/linkbutton.gif
IP 167.114.57.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 93f34028d003c9e64874abbb21743cea
5f3f41ef614e3600996158934deb0b72b48e5c6c
2d3dba476391f322c5f43acb52b82ba60d71084c773bb1524c13c6bf873015bd
GET /images/linkreferal/linkbutton.gif HTTP/1.1
Host: www.linkreferral.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
track.hunkdujour.com/hdjtoday150.jpg
63.135.105.121404 Not Found 4.9 kB URL HTTP/1.1 track.hunkdujour.com/hdjtoday150.jpg
IP 63.135.105.121:0
ASN #203 CENTURYLINK-LEGACY-LVLT-203
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash 0b079200b02299461053d0c4fa64f751
8241ee07d475ecc64835f782684e19b3b5081617
48c2b3ca58b42d7068cdd77ed8d699887b69a9fbf391531dffd23647ca931f38
GET /hdjtoday150.jpg HTTP/1.1
Host: track.hunkdujour.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Length: 4861
track.hunkdujour.com/hdjtoday250.jpg
63.135.105.121404 Not Found 4.9 kB URL HTTP/1.1 track.hunkdujour.com/hdjtoday250.jpg
IP 63.135.105.121:0
ASN #203 CENTURYLINK-LEGACY-LVLT-203
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash a2c4d9fe4c20248fc810c808e3301058
75ae85834a58d722c61c5cfa191a656a2f92acca
3681699138790a3948976792160676b46deaa54c97fe6f13af510ab6332bddce
GET /hdjtoday250.jpg HTTP/1.1
Host: track.hunkdujour.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Length: 4861
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 79c4684c6aca40f3d6a33652d6bac03b
98eb6366e0debe0c54fb5a16c1544d20c4d487af
9659c10cb67aa664051fe714d156cf64739f08481f951739e33e5ec83c0148c1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5263
Cache-Control: max-age=124555
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Etag: "64238410-1d7"
Expires: Fri, 31 Mar 2023 01:47:11 GMT
Last-Modified: Wed, 29 Mar 2023 00:19:28 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
widgets.wowzio.net/widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes
213.227.149.201429 Too Many Requests 17 B URL HTTP/1.1 widgets.wowzio.net/widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes
IP 213.227.149.201:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash eeb13468b73d93fa8bcbe3ebae6df720
1f55c90d5ce61c6447e923443d496b137be35c63
802600d124464157037a2519acb3cff90b97670fd04809ea902fbb95497a12ca
GET /widgets/jscript?wtype=simphoto&w=390&h=500&bc=000000&lc=FFFFFF&ap=yes&ps=6&sb=no&sv=3&cid=31&ef=fade&ids=42180&ti=Sexy%20Black%20Dudes HTTP/1.1
Host: widgets.wowzio.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 429 Too Many Requests
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 17
date: Wed, 29 Mar 2023 15:11:15 GMT
server: nginx
set-cookie: sid=f36d981e-ce43-11ed-b134-fb0ef90b1371; path=/; domain=.wowzio.net; expires=Mon, 16 Apr 2091 18:25:23 GMT; max-age=2147483647; HttpOnly
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=89fbf4cf-e09f-44a9-8e3c-4a50a1d2cd41
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=89fbf4cf-e09f-44a9-8e3c-4a50a1d2cd41
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=89fbf4cf-e09f-44a9-8e3c-4a50a1d2cd41 HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Tue, 10 Jan 2023 21:36:12 GMT
etag: "63bdda4c-9d"
accept-ranges: bytes
connection: close
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=dd745e56-5e0e-457b-95bd-cd53e721b042
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=dd745e56-5e0e-457b-95bd-cd53e721b042
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=dd745e56-5e0e-457b-95bd-cd53e721b042 HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Wed, 07 Mar 2018 18:30:37 GMT
etag: "5aa02fcd-9d"
accept-ranges: bytes
connection: close
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=8a6646c0-a89f-43a7-81fb-4d5b354d8ba3
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=8a6646c0-a89f-43a7-81fb-4d5b354d8ba3
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=8a6646c0-a89f-43a7-81fb-4d5b354d8ba3 HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Mon, 09 Jan 2023 20:56:33 GMT
etag: "63bc7f81-9d"
accept-ranges: bytes
connection: close
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=08b57e3a-4725-4272-a7e6-970b091cf6da
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=08b57e3a-4725-4272-a7e6-970b091cf6da
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=08b57e3a-4725-4272-a7e6-970b091cf6da HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Wed, 07 Mar 2018 18:30:37 GMT
etag: "5aa02fcd-9d"
accept-ranges: bytes
connection: close
cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
96.126.123.244200 OK 157 B URL HTTP/1.1 cdn.widgetserver.com/syndication/subscriber/InsertWidget.js
IP 96.126.123.244:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
GET /syndication/subscriber/InsertWidget.js HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Tue, 10 Jan 2023 21:36:11 GMT
etag: "63bdda4b-9d"
accept-ranges: bytes
connection: close
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=437a8705-f4a1-4bce-8d87-f68ef8be22df
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=437a8705-f4a1-4bce-8d87-f68ef8be22df
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=437a8705-f4a1-4bce-8d87-f68ef8be22df HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Tue, 10 Jan 2023 21:36:12 GMT
etag: "63bdda4c-9d"
accept-ranges: bytes
connection: close
widgetserver.com/syndication/subscriber/InsertWidget.js?appId=fdefee52-575b-4973-8b9e-309d1cbe4993
45.33.2.79200 OK 157 B URL HTTP/1.1 widgetserver.com/syndication/subscriber/InsertWidget.js?appId=fdefee52-575b-4973-8b9e-309d1cbe4993
IP 45.33.2.79:0
Hash 67e216a27dda24bdcb086c2385b0cb99
17141c80f5d32bec3691c5ab24741d8b7dd5f0c6
9dc433b2142d3ba0803fcffa53f19d34da26996d20c829df6d694bc887325dd7
Analyzer Verdict Alert fortinet Malware
GET /syndication/subscriber/InsertWidget.js?appId=fdefee52-575b-4973-8b9e-309d1cbe4993 HTTP/1.1
Host: widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: application/javascript
content-length: 157
last-modified: Tue, 10 Jan 2023 21:36:11 GMT
etag: "63bdda4b-9d"
accept-ranges: bytes
connection: close
lh6.ggpht.com/pukkap/SPZUW-mk8yI/AAAAAAAAORI/FdEJg9BBXuo/quentin2.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SPZUW-mk8yI/AAAAAAAAORI/FdEJg9BBXuo/quentin2.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUW-mk8yI/AAAAAAAAORI/FdEJg9BBXuo/quentin2.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 01d49106047319b070b7e064dc041a69
c6fbd3d1bec3e52d8dce314b062396f9f6ccd3b5
489d062d2f9cb79c1e07aef79e29f11ea60d063868247bf73f4214ae00a1becd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh6.ggpht.com/pukkap/SPY-ZTaO6KI/AAAAAAAAOPY/CPX9ybnnNmY/buttonsmdudes.jpg
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh6.ggpht.com/pukkap/SPY-ZTaO6KI/AAAAAAAAOPY/CPX9ybnnNmY/buttonsmdudes.jpg
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPY-ZTaO6KI/AAAAAAAAOPY/CPX9ybnnNmY/buttonsmdudes.jpg HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh5.ggpht.com/pukkap/SPZUJ-YDC2I/AAAAAAAAOQY/ySGZ8dKpfnk/black2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPZUJ-YDC2I/AAAAAAAAOQY/ySGZ8dKpfnk/black2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUJ-YDC2I/AAAAAAAAOQY/ySGZ8dKpfnk/black2.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b8b71e463fbb59d8e887536da0d257fc
d5a6d495f87af910d18859273097d92fde1d90fd
c4be6fd51e3951fcb0ae4c139718320ebcc1e09aaa824215a523ed72f9229e0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh5.ggpht.com/pukkap/SPZUKB8yjSI/AAAAAAAAOQo/hdo-VE9iELA/candid%20jocks2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh5.ggpht.com/pukkap/SPZUKB8yjSI/AAAAAAAAOQo/hdo-VE9iELA/candid%20jocks2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUKB8yjSI/AAAAAAAAOQo/hdo-VE9iELA/candid%20jocks2.jpg HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64c7d444c4c8b93058114731c99ee367
4b297ff99ea09b548ed3a9e1f7ffd42a19116ddd
5f668034ac98f2d63ccc3986e5e566295adeb113d7e745af3e6a94c4765cdb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paypal.com/en_GB/i/scr/pixel.gif
151.101.1.21301 Moved Permanently 0 B URL HTTP/2 www.paypal.com/en_GB/i/scr/pixel.gif
IP 151.101.1.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_GB/i/scr/pixel.gif HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
accept-ch: Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
location: https://www.paypalobjects.com/en_GB/i/scr/pixel.gif
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f2192720e175a
set-cookie: ts=vreXpYrS%3D1774797076%26vteXpYrS%3D1680104476%26vr%3D2dec56901870ad04c4ded191fb18e2ec%26vt%3D2dec56901870ad04c4ded191fb18e2eb%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sat, 28 Mar 2026 15:11:16 GMT; HttpOnly; Secure
ts_c=vr%3D2dec56901870ad04c4ded191fb18e2ec%26vt%3D2dec56901870ad04c4ded191fb18e2eb; Path=/; Domain=paypal.com; Expires=Sat, 28 Mar 2026 15:11:16 GMT; Secure
traceparent: 00-0000000000000000000f2192720e175a-95d8e89d92d429ce-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Wed, 29 Mar 2023 15:11:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220068-HHN, cache-bma1636-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1680102676.029435,VS0,VE159
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sexyhotmalemodels.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 29 Mar 2023 15:11:16 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.allamericanguys.com/images/aagbanners/aagverticalban2.jpg
172.67.72.147301 Moved Permanently 548 B URL HTTP/1.1 www.allamericanguys.com/images/aagbanners/aagverticalban2.jpg
IP 172.67.72.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385), with CRLF, LF line terminators
Hash b16b4910c8fca1ed891ea03c943e7b73
cf41220a1287401360e980fe1f6432335051d34b
ad27fe54a448503f37fecdcfe7cf67144c64ab269ad37ddb75ee88a8c516ce58
GET /images/aagbanners/aagverticalban2.jpg HTTP/1.1
Host: www.allamericanguys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 15:11:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.allamericanguys.com/images/aagbanners/aagverticalban2.jpg
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEDu2i95oBCCP%2BZ1oPqgBwb%2FpRto709MfbaBdl5Dmk81b5Gjso4GwROElayHchsKGb2HxGCsvxIRnVF4CIlgnF4yOr8fq098oxwkBlMukF4lJ6UaYI9mTl1tjECexBfAC8FIqTYAIUXu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af90b5c186f0b51-OSL
alt-svc: h2=":443"; ma=60
1.bp.blogspot.com/_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg
142.250.74.161404 Not Found 832 B URL HTTP/2 1.bp.blogspot.com/_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/R6dOEMI_mvI/AAAAAAAAEdc/VWWFLVs4cU0/s400/jsc-n2n-denim-sky.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:11:16 GMT
server: fife
content-length: 832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh4.ggpht.com/pukkap/SPZUKS_kw6I/AAAAAAAAOQw/JJDTsnfSpmU/james%20e2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPZUKS_kw6I/AAAAAAAAOQw/JJDTsnfSpmU/james%20e2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUKS_kw6I/AAAAAAAAOQw/JJDTsnfSpmU/james%20e2.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
lh4.ggpht.com/pukkap/SPZUXLPpzLI/AAAAAAAAORQ/0ZpURkos5bU/sports%20celebs2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPZUXLPpzLI/AAAAAAAAORQ/0ZpURkos5bU/sports%20celebs2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUXLPpzLI/AAAAAAAAORQ/0ZpURkos5bU/sports%20celebs2.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
img221.imageshack.us/img221/5033/bonerlz8.jpg
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img221.imageshack.us/img221/5033/bonerlz8.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img221/5033/bonerlz8.jpg HTTP/1.1
Host: img221.imageshack.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Wed, 29 Mar 2023 15:11:16 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
img137.imageshack.us/img137/7204/googlelogode0.png
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img137.imageshack.us/img137/7204/googlelogode0.png
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img137/7204/googlelogode0.png HTTP/1.1
Host: img137.imageshack.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Wed, 29 Mar 2023 15:11:16 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
1.bp.blogspot.com/_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg
142.250.74.161404 Not Found 832 B URL HTTP/2 1.bp.blogspot.com/_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/R_KbHZKuQ-I/AAAAAAAAGJA/NpFg8Q5CIkc/S660/5340.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:11:16 GMT
server: fife
content-length: 832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh4.ggpht.com/pukkap/SPZUXC0R0lI/AAAAAAAAORY/iEhxNCaT1tY/sportsnakedcause2.jpg
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SPZUXC0R0lI/AAAAAAAAORY/iEhxNCaT1tY/sportsnakedcause2.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SPZUXC0R0lI/AAAAAAAAORY/iEhxNCaT1tY/sportsnakedcause2.jpg HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:11:16 GMT
Connection: keep-alive
lh4.ggpht.com/_OMLYyLC8HTo/Sk0B1Bh2IbI/AAAAAAAAnbQ/a9T-f1GnsxU/blogads-blog-button2.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/_OMLYyLC8HTo/Sk0B1Bh2IbI/AAAAAAAAnbQ/a9T-f1GnsxU/blogads-blog-button2.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/Sk0B1Bh2IbI/AAAAAAAAnbQ/a9T-f1GnsxU/blogads-blog-button2.png HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
1.bp.blogspot.com/_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg
142.250.74.161404 Not Found 832 B URL HTTP/2 1.bp.blogspot.com/_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /_OMLYyLC8HTo/R_KJ0ZKuQ7I/AAAAAAAAGIg/t9tNaAZK5CQ/S220/image0011.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
content-type: image/png
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 15:11:16 GMT
server: fife
content-length: 832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:11:16 GMT
Connection: keep-alive
lh4.ggpht.com/pukkap/SLQ-6uFlqSI/AAAAAAAAMNM/YRy64CppMmI/bent14_100x50.gif
142.250.74.161404 Not Found 832 B URL HTTP/1.1 lh4.ggpht.com/pukkap/SLQ-6uFlqSI/AAAAAAAAMNM/YRy64CppMmI/bent14_100x50.gif
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /pukkap/SLQ-6uFlqSI/AAAAAAAAMNM/YRy64CppMmI/bent14_100x50.gif HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 29 Mar 2023 15:11:16 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
track.hunkdujour.com/hdjtoday250.jpg
63.135.105.121404 Not Found 4.9 kB URL HTTP/1.1 track.hunkdujour.com/hdjtoday250.jpg
IP 63.135.105.121:0
ASN #203 CENTURYLINK-LEGACY-LVLT-203
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (365)
Hash a2c4d9fe4c20248fc810c808e3301058
75ae85834a58d722c61c5cfa191a656a2f92acca
3681699138790a3948976792160676b46deaa54c97fe6f13af510ab6332bddce
GET /hdjtoday250.jpg HTTP/1.1
Host: track.hunkdujour.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 29 Mar 2023 15:11:15 GMT
Content-Length: 4861
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 62379
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:11:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7eab896f53d7ca1a189653169772ce89
cc772d886fbb45c549b78f8ba2d5dd2ae2821834
63415e3dc9dc5b3d22d16b97dae274a6650fc26a0bf434b41447396090fe1198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 62116
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee9c83faa5fdb77ba988a41207800b0e
4ac4c600767de39c5134cb97f78fcb29a681ee18
9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11894
x-amzn-requestid: 8b0857c4-1333-45b7-84de-cf3ea7a3240e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdburGzXoAMF2Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc4-005cc42d48948a3e0ef56b08;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: fw1M0poEZrxuB51jVwizwBuvn_JY1jaEFXGsRor3wj-OSCfU-lUuIQ==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:06:08 GMT
age: 61508
etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 01d49106047319b070b7e064dc041a69
c6fbd3d1bec3e52d8dce314b062396f9f6ccd3b5
489d062d2f9cb79c1e07aef79e29f11ea60d063868247bf73f4214ae00a1becd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 62448
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9b904645a97752fd0cd185af9f33b13
06b9705ae857def62553d8ef6c5380d656a94805
5c80b9c2ba29659bcf7be241a1e54343711882433668d4105ca668fc11e2ce6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8878
x-amzn-requestid: c0674742-96aa-4fe9-bc66-f9c952d8a920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CORKVFOPoAMFX8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfbdb-0555f3c75321ad1e42f06c8f;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:12:27 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: zx44rtiZRjKKLeG1qM3ABJYWg1TWDF0t6W33AzJoucdH6G4DABBqMg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:53:21 GMT
age: 58675
etag: "06b9705ae857def62553d8ef6c5380d656a94805"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 62379
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.widgetserver.com/
173.255.194.134200 OK 22 kB IP 173.255.194.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash 2e76233e3ac5ed2457296fbcc948158d
c2d5c3262f1c0485b9272dde3f6f8b428a1d6967
e0146bbb4d1706d0c0e0fdb4807ea3d64b1fea9dee630951285ba28333d8c9f7
GET / HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:16 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
cdn.widgetserver.com/?gp=1&js=1&uuid=1680102676.0051132933&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogImh0dHA6Ly9zZXh5aG90bWFsZW1vZGVscy5ibG9nc3BvdC5jb20vIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=
198.58.118.167302 Found 0 B URL HTTP/1.1 cdn.widgetserver.com/?gp=1&js=1&uuid=1680102676.0051132933&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogImh0dHA6Ly9zZXh5aG90bWFsZW1vZGVscy5ibG9nc3BvdC5jb20vIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=
IP 198.58.118.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?gp=1&js=1&uuid=1680102676.0051132933&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogImh0dHA6Ly9zZXh5aG90bWFsZW1vZGVscy5ibG9nc3BvdC5jb20vIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0= HTTP/1.1
Host: cdn.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Wed, 29 Mar 2023 15:11:17 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 4
x-mtm-prov: 1:5.36;70:0.00
x-mtm-rd: 0.88
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJjZG4ud2lkZ2V0c2VydmVyLmNvbSIsImh0dHA6Ly93d3cxLndpZGdldHNlcnZlci5jb20vP3RtPTEmc3ViaWQ0PTE2ODAxMDI2NzYuMDQyODc0MDAwMCZLVzE9RXVyb3BlJTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzI9Tm9yd2F5JTIwRGVkaWNhdGVkJTIwU2VydmVycyZLVzM9T3NsbyUyMENvdW50eSUyMERlZGljYXRlZCUyMFNlcnZlcnMmS1c0PU9zbG8lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJktXNT1DdXN0b20lMjBEZWRpY2F0ZWQlMjBTZXJ2ZXJzJnNlYXJjaGJveD0wJmJhY2tmaWxsPTAiLDEsIjIwMjMtMDMtMjkgMTU6MTE6MTciLDEsIjE2ODAxMDI2NzYuMDQyODc0MDAwMCIsMSxudWxsLG51bGxd:1phXSH:H_AiEWh6NaX3MisLX5MEcOIvs0k; expires=Wed, 29-Mar-2023 16:11:17 GMT; Max-Age=3600; Path=/
connection: close
www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
99.83.136.84200 OK 1.4 kB URL HTTP/1.1 www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
IP 99.83.136.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (441)
Hash 3f36af222e72f1d99f1aeb4d61671163
71c941e52773ad7de0f37be290fa76e1d581de44
7cfe59f4e02094558fbedb51e5aa329f9316e85981ad574a0f55336d2601d91c
GET /?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 15:11:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Buckets: bucket011
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YU01F/BK+10iJkz5d9iQ7s1cMBNizMUcKY9yLzr6yMWzGlMLK5hmwOcNlOLIDSxobXyW9CRGkvvX2qDLed0PDQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: widgetserver.com
X-Subdomain: www1
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
54.230.245.130200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP 54.230.245.130:0
File type ASCII text, with very long lines (468)
Hash a66b149a7ebc798955373415d683f32a
15ceaba8cfae8368600620ae97aa26ae7331d626
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1096
Connection: keep-alive
Server: nginx
Date: Wed, 29 Mar 2023 04:12:57 GMT
Last-Modified: Mon, 23 Jan 2023 11:12:07 GMT
Accept-Ranges: bytes
ETag: "63ce6b87-448"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hJIPQHdK0F3IBMnCU0jN6vAC8P4OKtdaYP5o6X4teoHlJWSS7LaEdg==
Age: 39501
www1.widgetserver.com/track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D
99.83.136.84200 OK 20 B URL HTTP/1.1 www1.widgetserver.com/track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D
IP 99.83.136.84:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=widgetserver.com&toggle=browserjs&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 15:11:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.widgetserver.com/ls.php?t=64245516&token=53b718380d0f806b4b6a9feb78931fed868f7c47
99.83.136.84201 Created 16 B URL HTTP/1.1 www1.widgetserver.com/ls.php?t=64245516&token=53b718380d0f806b4b6a9feb78931fed868f7c47
IP 99.83.136.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /ls.php?t=64245516&token=53b718380d0f806b4b6a9feb78931fed868f7c47 HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 201 Created
Date: Wed, 29 Mar 2023 15:11:19 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 64245517a389de580f038f1c
Charset: utf-8
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_bjpGI44LfxsEgbjzkwrzIBo/XDZBomfs+ArfjpbG7vYeNmbmOmPZqjpklSY2/IZpAwHAwG4hkY6RDhMUFXvt4g==
www1.widgetserver.com/track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=widgetserver.com&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDI0NTUxNjU5ODZmfHx8MTY4MDEwMjY3OC42NDcxfDY2MDI1ZjFiN2JjZGY4NWJiMTY4ZTI4ODE1OTU3M2IwNDkwNzJiYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZ3dNVEF5TmpjMkxqQTBNamczTkRBd01EQWlmUT09fDUzYjcxODM4MGQwZjgwNmI0YjZhOWZlYjc4OTMxZmVkODY4ZjdjNDd8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off
99.83.136.84200 OK 20 B URL HTTP/1.1 www1.widgetserver.com/track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=widgetserver.com&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDI0NTUxNjU5ODZmfHx8MTY4MDEwMjY3OC42NDcxfDY2MDI1ZjFiN2JjZGY4NWJiMTY4ZTI4ODE1OTU3M2IwNDkwNzJiYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZ3dNVEF5TmpjMkxqQTBNamczTkRBd01EQWlmUT09fDUzYjcxODM4MGQwZjgwNmI0YjZhOWZlYjc4OTMxZmVkODY4ZjdjNDd8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP 99.83.136.84:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=widgetserver.com&uid=MTY4MDEwMjY3OC4zNjY3OmExYTIzNmQ3NjE5YjlmNTkzMjIxMTMyYTM3MTlmZTU0Yjc3NzNlZGE1NzU3YzJhZWE3Y2Q5YjNkOWQ1OTk4MWQ6NjQyNDU1MTY1OTg4Yg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NDI0NTUxNjU5ODZmfHx8MTY4MDEwMjY3OC42NDcxfDY2MDI1ZjFiN2JjZGY4NWJiMTY4ZTI4ODE1OTU3M2IwNDkwNzJiYjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE5qZ3dNVEF5TmpjMkxqQTBNamczTkRBd01EQWlmUT09fDUzYjcxODM4MGQwZjgwNmI0YjZhOWZlYjc4OTMxZmVkODY4ZjdjNDd8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www1.widgetserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/?tm=1&subid4=1680102676.0428740000&KW1=Europe%20Dedicated%20Servers&KW2=Norway%20Dedicated%20Servers&KW3=Oslo%20County%20Dedicated%20Servers&KW4=Oslo%20Dedicated%20Servers&KW5=Custom%20Dedicated%20Servers&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 15:11:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ishku-wbq.com/zcvisitor/f4e74007-ce43-11ed-9633-0a5cfab1b851/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f1c752-ce43-11ed-9633-0a5cfab1b851
3.92.171.111200 1.1 kB URL HTTP/1.1 ishku-wbq.com/zcvisitor/f4e74007-ce43-11ed-9633-0a5cfab1b851/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f1c752-ce43-11ed-9633-0a5cfab1b851
IP 3.92.171.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bc1f936a5a759ca482507414e3716837
0a940be63d9de3e200999a89da5ce4c69d603736
671c3a092fbf0ca563b297e03800d028e70aefefd3fc89209767773ffd44a496
GET /zcvisitor/f4e74007-ce43-11ed-9633-0a5cfab1b851/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=f4f1c752-ce43-11ed-9633-0a5cfab1b851 HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.widgetserver.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 29 Mar 2023 15:11:20 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: gtDcfrpr
www.spicypage.com/inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0
172.67.171.201404 Not Found 14 kB URL HTTP/2 www.spicypage.com/inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0
IP 172.67.171.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 6789e9f8cd94faa1c753e9bb262c252f
0be5a41aab8d7d8842dfa7d838d9fd36c572633f
d78b61f48fa9f5eafc09898213531f0e28800d6113a866f3556fc07ebad68e29
GET /inc/widget_x.asp?sid=16872&text_color=AFCCAF&border_color=000000&bg_color=000000&font_size=17&font_weight=bold&font_style=normal&font_transform=none&font_align=center&font_deco=none&width=100&height=160&display=2&show_voters=0 HTTP/1.1
Host: www.spicypage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 29 Mar 2023 15:11:16 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.spicypage.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIa6cYhPIc1blpHnprDesbKZ4M%2BKqhvh9ojRH27wb2hhftI25oCUDTgEbNVEEJ8PZO1pJX8frgEl44vK4TfRFwCICVSd9tUeR9d8uQFjjiTYybC4eF2A1jo89Ci%2FPqD3%2BaTWkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af90b599b1a1c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
ishku-wbq.com/favicon.ico
3.92.171.111404 653 B URL HTTP/1.1 ishku-wbq.com/favicon.ico
IP 3.92.171.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcredirect?visitid=f4e74007-ce43-11ed-9633-0a5cfab1b851&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Wed, 29 Mar 2023 15:11:20 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: fSpjZUgF
xml-v4.frdjs-2.co/click?seat=2113743&i=qs8ptp-leXY_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml-v4.frdjs-2.co/click?seat=2113743&i=qs8ptp-leXY_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?seat=2113743&i=qs8ptp-leXY_0 HTTP/1.1
Host: xml-v4.frdjs-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://main.proffering.xyz/15GtWZ?zoneid=12293994169&pubfeed=397303/397303.12293994169&campaign=670550&cost=0.00031
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0472836214d188378fb61ec9df57a578
1c2e6917277d096fa9d91c8b1645ae84dd514c57
54152aa36851e39e69e098fafdb23ac6bd8297ec6b0160325f56c8e6ab6166bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54152AA36851E39E69E098FAFDB23AC6BD8297EC6B0160325F56C8E6AB6166BC"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9680
Expires: Wed, 29 Mar 2023 17:52:40 GMT
Date: Wed, 29 Mar 2023 15:11:20 GMT
Connection: keep-alive
main.proffering.xyz/15GtWZ?zoneid=12293994169&pubfeed=397303/397303.12293994169&campaign=670550&cost=0.00031
20.113.187.208302 Found 366 B URL HTTP/1.1 main.proffering.xyz/15GtWZ?zoneid=12293994169&pubfeed=397303/397303.12293994169&campaign=670550&cost=0.00031
IP 20.113.187.208:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (366), with no line terminators
Hash 96432f59eee5a456d5fbf749adee65b4
f4afef3319321f3df6a3112e4a3881d23a11dca8
05e4fc411a61d8165efcc2dc8e871c8844a0f45a8209ff4f2a39a5df12f0355e
GET /15GtWZ?zoneid=12293994169&pubfeed=397303/397303.12293994169&campaign=670550&cost=0.00031 HTTP/1.1
Host: main.proffering.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Wed, 29 Mar 2023 15:11:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 366
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GtWZo=20230329181680103151627; domain=.main.proffering.xyz; path=/;expires=Thu, 30 Mar 2023 15:11:21 GMT; httpOnly=true;SameSite=None; Secure;
_pc_lc_id=15GtWZ; domain=.main.proffering.xyz; path=/;expires=Thu, 30 Mar 2023 15:11:21 GMT; httpOnly=true;SameSite=None; Secure;
peerclickcid=c753cd8ae57a361ed01f2fe57a829c24-11246-0329; domain=.main.proffering.xyz; path=/;expires=Thu, 30 Mar 2023 15:11:21 GMT; httpOnly=true;SameSite=None; Secure;
_norg=1; domain=.main.proffering.xyz; path=/;expires=Thu, 30 Mar 2023 15:11:21 GMT; httpOnly=true;SameSite=None; Secure;
Location: https://go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=c753cd8ae57a361ed01f2fe57a829c24-11246-0329
Vary: Accept
go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=c753cd8ae57a361ed01f2fe57a829c24-11246-0329
172.255.248.105302 Found 350 B URL HTTP/1.1 go.gkrtmc.com/aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=c753cd8ae57a361ed01f2fe57a829c24-11246-0329
IP 172.255.248.105:0
File type HTML document, ASCII text, with very long lines (350), with no line terminators
Hash 0ab044daa8834277f8ab5c4effb62120
983f5de570ce9c9158744e71cc891c51cf759b9b
61293e7bc3daca8194da163947d1c6b463e962f76bf5f5a91aa59982d97fc592
GET /aff_c?offer_id=7826&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=c753cd8ae57a361ed01f2fe57a829c24-11246-0329 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 29 Mar 2023 15:11:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 350
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Fri, 28 Apr 2023 15:11:21 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
7826=37_64923_7826_ada7892ea1edaad6a2616671ff4f488d; Domain=go.gkrtmc.com; Path=/; Expires=Fri, 28 Apr 2023 15:11:21 GMT
op_7826=0; Domain=go.gkrtmc.com; Path=/; Expires=Fri, 28 Apr 2023 15:11:21 GMT
user_id=d4074e4a-be7d-468c-8d5b-21d484beb962_0b14aad0b3ffd400905a095c3b83d76d; Domain=go.gkrtmc.com; Path=/; Expires=Mon, 27 Mar 2028 15:11:21 GMT; Secure; SameSite=None
Location: https://trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_ada7892ea1edaad6a2616671ff4f488d
Vary: Accept
Cache-Control: no-store, no-cache
trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_ada7892ea1edaad6a2616671ff4f488d
104.18.24.64302 Found 0 B URL HTTP/2 trk.cloudtraff.com/9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_ada7892ea1edaad6a2616671ff4f488d
IP 104.18.24.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9031cb30-13d0-4ee2-af2b-acedf34ce775?o=2791&subPublisher=64923&clicktag=37_64923_7826_ada7892ea1edaad6a2616671ff4f488d HTTP/1.1
Host: trk.cloudtraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Cookie: vcid=%7B%22id%22%3A%22a99d2416-3eb7-4ebb-9f7f-2bfb8b8a3fca%22%2C%22firstTime%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22visitCount%22%3A1%2C%22firstTimeDay%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22visitDays%22%3A1%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A0%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 29 Mar 2023 15:11:21 GMT
content-length: 0
location: https://ww2.teenfinder.com/landing/wf8000?clickId=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tp_redirect_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: attrk=yes;Version=1;Max-Age=86400
vcid=%7B%22id%22%3A%22a99d2416-3eb7-4ebb-9f7f-2bfb8b8a3fca%22%2C%22firstTime%22%3A%22Jun+6%2C+2022+2%3A04%3A21+PM%22%2C%22lastTime%22%3A%22Mar+29%2C+2023+3%3A11%3A21+PM%22%2C%22visitCount%22%3A2%2C%22firstTimeDay%22%3A%22Mar+29%2C+2023+3%3A11%3A21+PM%22%2C%22visitDays%22%3A2%2C%22origin%22%3A%22routing%22%2C%22lastLocation%22%3A%22routing%22%2C%22ageInSecs%22%3A25578420%7D;Version=1;Domain=cloudtraff.com;Path=/;Max-Age=2147483647;Expires=Mon, 16 Apr 2091 18:25:28 GMT
__cf_bm=rbCTmK11HeBWT2UIVB4._VdAw8L73aKRaDWIG8XEJbQ-1680102681-0-AUW8QK2ffeFL6wgu4vEvznZKnDpY/fCcwiLT8rE9DL8+RzMTVYADGJg/pGuNU1+L1sFfDx6mC4YGuh0C/w04uJ8=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.cloudtraff.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b7e9ddf1bfe-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user1.jpg
104.18.11.149200 OK 3.3 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user1.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 19d21e926a6316481bf00025e2e8d1b6
b0b3e7506e706fd4fd1e097987291f142fc474c7
80a99edbb513083b448cd9230bbef25d6400c18813c9c8636971ef63de508bf4
GET /img/_pictures/fsk16/s/tp-user1.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/jpeg
content-length: 3325
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "64229096-cfd"
last-modified: Tue, 28 Mar 2023 07:00:38 GMT
cf-cache-status: HIT
age: 49634
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=nzFkMa0X9Fd2K86F4BRvh4KAe0.TFQ_ouob7BnTCHEY-1680102681-0-Ad+UgBeLUbl/vJoRjSoaWv5ugIop1k7eNnlVrDCAnBVqB5llDEFaS/BoM8pGCnEqtF98Q/rJlXshg/ril5pRMoU=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b8219651c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user3.jpg
104.18.11.149200 OK 3.8 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user3.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash b1573824205edcfb57924327770ea896
67c9b83cebfd4c7053ec91c2e328abf5ffa8142d
365ef474b4427e72b0258725c16607f7587f491fca093dbaa9b8220338b76c88
GET /img/_pictures/fsk16/s/tp-user3.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/jpeg
content-length: 3791
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "641968fd-ecf"
last-modified: Tue, 21 Mar 2023 08:21:17 GMT
cf-cache-status: HIT
age: 480851
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=_fdt_sNyiW6jrszIICULsWcI3RyRKFdTzxBvnB1_hy0-1680102681-0-AVOSlqygVdVxFELNJufIg6kzIhipr3uxEyo3uV93qRr+1EN4ITDZI980n2mNgPaE4INBw+zkFlunbLbB9+dp3Tw=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b8219691c0e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d4fd78e1925a923742815feb55c9dab0
1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb
88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user2.jpg
104.18.11.149200 OK 3.2 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user2.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash f90369fe77fe98af208e24a88cd2d4e9
c70e8630a35cd87b2a8a8afff37856b34778712f
c5cc1d1a7cf1f319770b5947041766dd5436893a91b6eb3f421266811c3e9d52
GET /img/_pictures/fsk16/s/tp-user2.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/jpeg
content-length: 3239
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "64229096-ca7"
last-modified: Tue, 28 Mar 2023 07:00:38 GMT
cf-cache-status: HIT
age: 49634
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=EvWR7huA2Z.XZmdTCUxM.wwxxaPmRY3malTnuM64xp4-1680102681-0-AeRd4m9ATNNoPcPdGkli/QZQN13SBEM0sBbu0Y5uVQXlG4bMQOrq24ftmolsXelZikpwTvaFSvffqwzKTDoeOTQ=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b8219671c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user5.jpg
104.18.11.149200 OK 4.3 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user5.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 62c02e97bf2f1577397b8985a301b8a1
0d2be17069760b09d173d8c43d46d570e082aee1
c95f60442971650937f952b540f43b7f524c1a226e62f86a8076e9fd5e906e6b
GET /img/_pictures/fsk16/s/tp-user5.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/jpeg
content-length: 4328
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "6411830c-10e8"
last-modified: Wed, 15 Mar 2023 08:34:20 GMT
cf-cache-status: HIT
age: 597314
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=euoSint4gNSl0QllNNg_WzJI8B4.u05zojb2Iq0xsvA-1680102681-0-Ae4ZqVcw2wYAD2YUDE7ZBYeT/9AmWvBIpvidG/UH5A1K0IxqSTq11lXPyD/KXYQS8PWUVGTH1eXYz+wyHnuJqNc=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b8229771c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user4.jpg
104.18.11.149200 OK 4.8 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/fsk16/s/tp-user4.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash e62b6bade36ae04281c8a255b83c6827
1cc0b6b4dd182c25479ccb3257bf404567519b55
a0b74eda7670dfd1722d8da27578425adc378f22bb29312f388ab6a23f6c95bb
GET /img/_pictures/fsk16/s/tp-user4.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/jpeg
content-length: 4819
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "641968fd-12d3"
last-modified: Tue, 21 Mar 2023 08:21:17 GMT
cf-cache-status: HIT
age: 547319
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=.OBkx.Xvb_baobY9FdKdM8Og4IkfnAofgpIC8LAJP4U-1680102681-0-AcradQmG8XBnB69M+JlpAj07+xuBU9DKPRQtF11+j+8jvDUou2qLI3bJ/KUDXZzzwBdt/LCxoFgMVSWr3K4tE9g=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b8219711c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_pictures/cougarLife/icon-chat.png
104.18.11.149200 OK 2.5 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_pictures/cougarLife/icon-chat.png
IP 104.18.11.149:0
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 58d7cd4d0f96deb538b103d2d18e14ba
932efd0bcc0840b8a19df04867f0ea73283619a2
18ab1b4f231eea7d4ba13e60309d23aec98eb846efcac914f8d5d0b7989859ed
GET /img/_pictures/cougarLife/icon-chat.png HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: image/png
content-length: 2468
last-modified: Tue, 28 Mar 2023 07:00:08 GMT
etag: "64229078-9a4"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 88583
expires: Thu, 06 Apr 2023 15:11:21 GMT
accept-ranges: bytes
set-cookie: __cf_bm=0LJcniAs5pAGHupFn9HBU7_KPu3piFZHLtAXz9sQbzc-1680102681-0-AbiVVwUkfAHLjIyb8YYtirfvPhr8UrtuUaz6n7tVBZvlb+y5HM7o/CzZn0ouNNSAEB5q9+aejMIYcJDJ4BkDJy0=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82499a1c0e-OSL
X-Firefox-Spdy: h2
imedia.servefilesonly.com/2f19e89f-8f57-497e-9c99-ccd06e201a7c_tp-user7.jpg
104.18.11.149200 OK 48 kB URL HTTP/2 imedia.servefilesonly.com/2f19e89f-8f57-497e-9c99-ccd06e201a7c_tp-user7.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash 5deecb0fe840c881e2aa250fc6bf37fc
a3324d10f63b9f952abcf20fe8af7384200a51f5
a35b0421df0b3aaaa6b9c4e333db07971e36094ff4f05a2098bd679ceae95c50
GET /2f19e89f-8f57-497e-9c99-ccd06e201a7c_tp-user7.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 47790
cf-bgj: h2pri
etag: "5deecb0fe840c881e2aa250fc6bf37fc"
last-modified: Thu, 15 Oct 2020 02:23:56 GMT
via: 1.1 210fa10efb175d891774d170436663b0.cloudfront.net (CloudFront)
x-amz-cf-id: ZCIvE9pGLkVLsjGcRb23LLYlJfBuibjPQeZm7c607lGRjI7WIavvcg==
x-amz-cf-pop: ARN1-C1
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 523891
expires: Thu, 06 Apr 2023 15:11:22 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
set-cookie: __cf_bm=EEPEWP1wT4ZVDLsUlJdXAfX3br6_lq_3BJ0RECgwhDw-1680102682-0-ASrg3EuAbNkfokXK1FiWFGXifjTQq+uuj65UrBQ4MRTxwuTZKJT2xyhuSiXRsPVS8DvP4A3H/RbtSOSRBdtbU5I=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba1c1c0e-OSL
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
216.58.211.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 12:52:51 GMT
expires: Sun, 24 Mar 2024 12:52:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 353911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imedia.servefilesonly.com/15729c58-4e60-4e4f-b639-76b7465957c6_tp-user8.jpg
104.18.11.149200 OK 37 kB URL HTTP/2 imedia.servefilesonly.com/15729c58-4e60-4e4f-b639-76b7465957c6_tp-user8.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash a838b627290afee3d3a88fee44bf55bc
0719871d67e1ab25a5a223927bd98038c0795b6a
a11ae7e34e1556e37c719d3e4862bf8dd2b495a4baecc2d4543dd46e63e67eb8
GET /15729c58-4e60-4e4f-b639-76b7465957c6_tp-user8.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 37397
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "a838b627290afee3d3a88fee44bf55bc"
last-modified: Thu, 15 Oct 2020 02:23:57 GMT
x-hw: 1654671392.cds219.sk1.hn,1654671392.cds228.sk1.c
cf-cache-status: HIT
age: 523891
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=pyyqOvtrpWszpfEuWdL6aS4cfF.3pfQE2CJDzkMmPO4-1680102682-0-ASjr9Y6YuNFNn0eMvkD17pCGzfrY3rR9835VHfMKIXKwtSrLbsF2qiheoc/r2Ed2U4OibpAtWoR4iGeQRvoidb8=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba1d1c0e-OSL
X-Firefox-Spdy: h2
www.queerlisting.com/images/banners/linkback01.jpg
103.224.212.221403 Forbidden 40 kB URL HTTP/1.0 www.queerlisting.com/images/banners/linkback01.jpg
IP 103.224.212.221:0
ASN #133618 Trellian Pty. Limited
Hash 6c2bbfe846d22963ded5c80fea89ff5a
2bd2ca484e96c5b8ef391b7a23100706ac944603
495dc40be6f512c0595caaf9e159647999a46fa76d12e4918c13b2061bbbada1
GET /images/banners/linkback01.jpg HTTP/1.1
Host: www.queerlisting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sexyhotmalemodels.blogspot.com/
HTTP/1.0 403 Forbidden
cache-control: no-cache
content-type: text/html
imedia.servefilesonly.com/16f3553f-9740-4a84-88d3-a6269447d3a1_tp-user11.jpg
104.18.11.149200 OK 34 kB URL HTTP/2 imedia.servefilesonly.com/16f3553f-9740-4a84-88d3-a6269447d3a1_tp-user11.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash bafea047002ca1290014a43ce4f0dc2e
08f4c34d49d1ed0ea68337bdf3f4f77c3420e96b
1174aaa10479c83f91af2f05f83a69225fd73d2b3768d366ceb23f2e4d2e191d
GET /16f3553f-9740-4a84-88d3-a6269447d3a1_tp-user11.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 34435
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "bafea047002ca1290014a43ce4f0dc2e"
last-modified: Thu, 15 Oct 2020 02:23:55 GMT
x-hw: 1654671392.cds072.sk1.hn,1654671392.cds262.sk1.c
cf-cache-status: HIT
age: 23123
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=uxxYhlBW0FZjIM.u4J5xT880e0d7BuamnUgAa6ZrohQ-1680102682-0-AV0B8RUU90RkK+sjupGOfTsU43Kr1i1rYb8mZQXt24V/lG+nQVGDsQwSOu0VlgDW5M9wBx8cA18NTX3qK8ibnxE=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba211c0e-OSL
X-Firefox-Spdy: h2
imedia.servefilesonly.com/ec4e861f-060f-4adb-ae43-dc810694983c_tp-user10.jpg
104.18.11.149200 OK 47 kB URL HTTP/2 imedia.servefilesonly.com/ec4e861f-060f-4adb-ae43-dc810694983c_tp-user10.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash e3b76cdf947b2e60a8f9ee3d91c3c863
aa46841f65f0f85590f390d3924b439a2f842955
0c058fbac4c5eaa72dbca95216acdc1740dc9281843f3551549ca4ce5373fe85
GET /ec4e861f-060f-4adb-ae43-dc810694983c_tp-user10.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 46740
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "e3b76cdf947b2e60a8f9ee3d91c3c863"
last-modified: Thu, 15 Oct 2020 02:23:55 GMT
x-hw: 1654671392.cds208.sk1.hn,1654671392.cds065.sk1.c
cf-cache-status: HIT
age: 23123
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=XTXu0wAtiMIeLNaKb4AmmMyXwd2ntBtZl1rBRdyoVfw-1680102682-0-Aape0rxiHMcWe7b9ak9NXnQ8EnTuEeshHtwDADtsXlHFPBTrj58dV1AJJ53zCGNEbyg5l7jLG182PmNFTdYPJCw=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba201c0e-OSL
X-Firefox-Spdy: h2
imedia.servefilesonly.com/7a6a3789-a82f-4b9a-9f17-4e64730d9e94_tp-user9.jpg
104.18.11.149200 OK 44 kB URL HTTP/2 imedia.servefilesonly.com/7a6a3789-a82f-4b9a-9f17-4e64730d9e94_tp-user9.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3\012- data
Hash 2dc6541794e35753b6d94f8e2721a7b4
7433e605e0c217737f764ff8b89fee229b449e5b
6604ef6635fcf90744c33bf9faf847961356ff5e8d7f2058545ca1c0737d1f6f
GET /7a6a3789-a82f-4b9a-9f17-4e64730d9e94_tp-user9.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 44334
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "2dc6541794e35753b6d94f8e2721a7b4"
last-modified: Thu, 15 Oct 2020 02:23:57 GMT
x-hw: 1654671392.cds261.sk1.hn,1654671392.cds241.sk1.c
cf-cache-status: HIT
age: 68858
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=oVdrRG0pzLIWXI_MkZNwQ1k9pip1gACD7zmDW49lwqQ-1680102682-0-AUql2RdQ1kRIh/rfyjpr3d+xU5qD9A7kWyciHLKVeWW6K+/lKfeVPu5e4NTCHzcmY43/3I4K6qDXLl5ArNf8FIA=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba1f1c0e-OSL
X-Firefox-Spdy: h2
imedia.servefilesonly.com/bf7bf4fa-4e34-45f3-8563-c456f0809f0d_tp-user3.jpg
104.18.11.149200 OK 4.1 kB URL HTTP/2 imedia.servefilesonly.com/bf7bf4fa-4e34-45f3-8563-c456f0809f0d_tp-user3.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Hash 6a5f4542b90126ca3a58327c3dc20d2e
f36456746d680183496c8ffaab9fc247d93a40ef
b75891c751a437e8bdf04368067566753043b7b607fad0cdbc1589e473c9c4c4
GET /bf7bf4fa-4e34-45f3-8563-c456f0809f0d_tp-user3.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 4137
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "6a5f4542b90126ca3a58327c3dc20d2e"
last-modified: Thu, 15 Oct 2020 02:23:56 GMT
x-hw: 1654671392.cds067.sk1.hn,1654671392.cds254.sk1.c
cf-cache-status: HIT
age: 23123
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=2S7x2tLe4QdE1cIn8y.tdgvq8SpQc0TUJ4omk7YynGg-1680102682-0-Ac1dqQxsVvln/J3St//iY8BYCUavdBRcbFVmpSK5U84bZWE5QyxUvLXwePz/8Y6ZuTgch91z3fbe4eacQmqqrv8=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba221c0e-OSL
X-Firefox-Spdy: h2
imedia.servefilesonly.com/855425ff-5d9e-42d5-907b-f0d0f85a3649_tp-user-chat1.jpg
104.18.11.149200 OK 56 kB URL HTTP/2 imedia.servefilesonly.com/855425ff-5d9e-42d5-907b-f0d0f85a3649_tp-user-chat1.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x800, components 3\012- data
Hash 7f162815674c015b49162549354aa01d
9f2bd98fcb78b55e7dbe17b3ef4037b2ee6b18f8
d47edd33503dc8f24bf61afd7aa59f7e5e23b33d706172944edc5278c2c7bf36
GET /855425ff-5d9e-42d5-907b-f0d0f85a3649_tp-user-chat1.jpg HTTP/1.1
Host: imedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 55611
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-bgj: h2pri
etag: "7f162815674c015b49162549354aa01d"
last-modified: Thu, 15 Oct 2020 02:23:56 GMT
x-hw: 1654671392.cds020.sk1.hn,1654671392.cds263.sk1.c
cf-cache-status: HIT
age: 23123
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
set-cookie: __cf_bm=ENonythPQ5bqPzCblciA8sVyaVfE9Jai2bz7sDT7uPA-1680102682-0-ARCx6OaRrOcUO4VdZMjjgJ3dS3dYMBGf10UfLZcFIPJfTwfN1/As/2K21HebVNiD7RPUZO+7jFYIzn9hGMJSbFs=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b82ba241c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/style/templates/WhatsFriends2/style.css?1029332
104.18.11.149200 OK 50 kB URL HTTP/2 lpmedia.servefilesonly.com/style/templates/WhatsFriends2/style.css?1029332
IP 104.18.11.149:0
Hash 440a4415096e96066f8b17b544f48183
caf3f340f38aa7a8a178d0c8b0fa7b9c3c02f414
9a6c524840241070aa30101aa2e78e5d71506a8b63e0c4cea17f92384ba47311
GET /style/templates/WhatsFriends2/style.css?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=15833
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6423e0c4-3dd9"
last-modified: Wed, 29 Mar 2023 06:55:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15946
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=N8Qwg0Jho9UWJ7dMTGokif4GkA.O4w4tTnhUpShlerM-1680102681-0-AdiCMUujE2GVXkJp3v9uqv7cDaNSubR6ewywXXAZ81KKTbF/xc3Bm53pFupj20B/S5QewjwtQHp5fTvvv1A1GEU=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b8269b81c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_btns/bg_select.png
104.18.11.149200 OK 183 B URL HTTP/2 lpmedia.servefilesonly.com/img/_btns/bg_select.png
IP 104.18.11.149:0
File type PNG image data, 28 x 28, 4-bit colormap, non-interlaced\012- data
Hash 864c07810fba4a2cbf430b052724301a
7000835e8a83304987a72d83a4357ed6a02fa2ec
737e7639f7ab86d64ae71608e5c72a44a16406e143ea20846d98cbf954b08150
GET /img/_btns/bg_select.png HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpmedia.servefilesonly.com/style/templates/WhatsFriends2/style.css?1029332
Cookie: __cf_bm=pyyqOvtrpWszpfEuWdL6aS4cfF.3pfQE2CJDzkMmPO4-1680102682-0-ASjr9Y6YuNFNn0eMvkD17pCGzfrY3rR9835VHfMKIXKwtSrLbsF2qiheoc/r2Ed2U4OibpAtWoR4iGeQRvoidb8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/png
content-length: 183
last-modified: Tue, 21 Mar 2023 08:21:01 GMT
etag: "641968ed-b7"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 102879
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b832a8a1c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_btns/icons_whatsup.png
104.18.11.149200 OK 3.2 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_btns/icons_whatsup.png
IP 104.18.11.149:0
File type PNG image data, 100 x 400, 8-bit colormap, non-interlaced\012- data
Hash a4bdf1570b8ea8ded891ac0c753c2e18
6f281b974ea68de3cbdcde12c72e7f24380240cf
bcc11b86001d0dfd40972447fce7f12e28b1e40ffabfe1fff5016e51a52360c6
GET /img/_btns/icons_whatsup.png HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpmedia.servefilesonly.com/style/templates/WhatsFriends2/style.css?1029332
Cookie: __cf_bm=pyyqOvtrpWszpfEuWdL6aS4cfF.3pfQE2CJDzkMmPO4-1680102682-0-ASjr9Y6YuNFNn0eMvkD17pCGzfrY3rR9835VHfMKIXKwtSrLbsF2qiheoc/r2Ed2U4OibpAtWoR4iGeQRvoidb8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/png
content-length: 3197
last-modified: Tue, 21 Mar 2023 08:21:01 GMT
etag: "641968ed-c7d"
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-cache-status: HIT
age: 68109
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b832a831c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/img/_patterns/tp-colum-right.jpg
104.18.11.149200 OK 19 kB URL HTTP/2 lpmedia.servefilesonly.com/img/_patterns/tp-colum-right.jpg
IP 104.18.11.149:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x1000, components 3\012- data
Hash 20064a945ef3c72d0df8107d027a392f
2f917d76b10b04aba20d5a7f677bdfaa464f1547
af10a1262faf663357679267effb31a78ddb3b70510b466ea990e2bc37017db4
GET /img/_patterns/tp-colum-right.jpg HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpmedia.servefilesonly.com/style/templates/WhatsFriends2/style.css?1029332
Cookie: __cf_bm=pyyqOvtrpWszpfEuWdL6aS4cfF.3pfQE2CJDzkMmPO4-1680102682-0-ASjr9Y6YuNFNn0eMvkD17pCGzfrY3rR9835VHfMKIXKwtSrLbsF2qiheoc/r2Ed2U4OibpAtWoR4iGeQRvoidb8=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: image/jpeg
content-length: 18890
cf-bgj: h2pri
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: "64214f44-49ca"
last-modified: Mon, 27 Mar 2023 08:09:40 GMT
cf-cache-status: HIT
age: 68109
expires: Thu, 06 Apr 2023 15:11:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b835ac51c0e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d4fd78e1925a923742815feb55c9dab0
1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb
88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/styles-1.min.css?1029332
104.18.11.149200 OK 1.8 kB URL HTTP/2 lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/styles-1.min.css?1029332
IP 104.18.11.149:0
Hash 66d79bec70e8b70eca852740544378c7
7537b5a5f9f8c8f3ea91fd21cb5394a65ed57ecd
cd6326256d214b1555bcfa9762a233922ee7875049c96dfd77b243347ce135cf
GET /build/widgets/loginFormBuilder/styles-1.min.css?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/css
last-modified: Wed, 29 Mar 2023 06:54:02 GMT
vary: Accept-Encoding
etag: W/"6423e08a-1100"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 16028
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=_LJq23RIJKSvDh0AZWsQgakeKI2Inne1XVzW07XalFw-1680102681-0-AYlmCHRuR/45HmOLF2TT+RxLeCdASk55RTt+rilB2HJqIJbbkXqrRBYgZP23mfCJ7QDzlixY6PbEfTaB8mFd3VU=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b82093f1c0e-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,400i,700
142.250.74.106200 OK 147 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,400i,700
IP 142.250.74.106:0
Size 147 kB (146976 bytes)
Hash 26a0b7f495311916b71224fa4e1c1a5a
31a463215fdc69dd711f1b81ae38bc3ad7890be0
57177ce6cc8db8070aed6ac3639449b0f039ddebf56a1af9681ab246bde33eb8
GET /css?family=Lato:400,400i,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 15:11:22 GMT
date: Wed, 29 Mar 2023 15:11:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 21966d424aed17f9af10f69f1cb82860
87ffcdc8f4d76491bc4a5cb3a01a3923d1dff2be
6c02a4b1eee1b1c86633ef6364e6036e3f56b1eaa64a04b770d7641f7e2a2466
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
age: 449076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 449077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww2.teenfinder.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:55 GMT
expires: Sat, 23 Mar 2024 10:26:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
age: 449067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8
192.0.123.247200 OK 0 B URL HTTP/2 www.intensedebate.com/js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8
IP 192.0.123.247:0
GET /js/bloggerTemplateLinkWrapper.php?acct=e86810c997dfa04bda2574a509a1a9f8 HTTP/1.1
Host: www.intensedebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/styles.min.css?1029332
IP 104.18.11.149:0
GET /build/widgets/registrationFormBuilder/styles.min.css?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: text/css
last-modified: Wed, 29 Mar 2023 06:54:02 GMT
vary: Accept-Encoding
etag: W/"6423e08a-133a"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 16029
expires: Thu, 06 Apr 2023 15:11:22 GMT
set-cookie: __cf_bm=.HUfk03lohLaEcj99_Zh2WOcqsPz3s.1if_WdfYhnRU-1680102682-0-ATC2UB0JlcZTNcwJ68UI+8+iYF/QfBKWx33hn1QCBSxW8Vwf5mLC5LmnwSv3h5Dj+b+XN5o6q5MPSvi21graK4s=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b8289e61c0e-OSL
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.214.59200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.214.59:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:22 GMT
content-type: application/javascript
etag: W/"8256f101039245592bc7dcc5496ed987"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2957
expires: Sat, 01 Apr 2023 15:11:22 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=8NzgHM_tr8PaThW1dPGjqOVg8CFsdIxN_xIHzSEjYZ8-1680102682-0-AeZsviP9EMqslrJgehqZ9spYndZRKfyZO02NaRYF4PrhrzcC0BgqK03vWrHvcBTBYkCNev3ZcVP8pb1H5f2xacE=; path=/; expires=Wed, 29-Mar-23 15:41:22 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7af90b826c52b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gaydemon.com/directory/
104.26.5.171200 OK 0 B URL HTTP/2 www.gaydemon.com/directory/
IP 104.26.5.171:0
GET /directory/ HTTP/1.1
Host: www.gaydemon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:16 GMT
content-type: text/html
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqyX8vFTtOFdKiwMv40htiWlA6%2FoQ6x2VevHh%2FijhzkIu1zlV0nBzFfxwixuoi%2BkJEQ9P8FKTfHjXg3orgzcpw%2F3pHOE347x0kbAm8B8faUgecAnNK6a7MhLgAcdGL8DGRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af90b5cf80bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/build/widgets/registrationFormBuilder/scripts.min.js?1029332
IP 104.18.11.149:0
GET /build/widgets/registrationFormBuilder/scripts.min.js?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 06:54:02 GMT
vary: Accept-Encoding
etag: W/"6423e08a-53e2"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 16028
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=zlYVHKTCX0.u8d8p8pMLJbjAMWBpaBWGj6fptPGRJcs-1680102681-0-AezPSXD2WDpDvfQkJ5dQtT/qG2tPOLese3Ulk454f6NOk3ljpqictBqg/LJQsKLjuqKyy0iKTJuLmj2MZMua4Oc=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b82095d1c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/style/layout/animation.css?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/style/layout/animation.css?1029332
IP 104.18.11.149:0
GET /style/layout/animation.css?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6423e0c4-b1a"
last-modified: Wed, 29 Mar 2023 06:55:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16027
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=T0Yk0msPK4ZWW1ypjbNqMUjy6Bfb40ls4v.icbBsHKg-1680102681-0-AYCbdFIU0ZxaQ++T2jbajk7ILB6icN9TlVYdSWyABPnX8X9v99SlOHW8zzrY+Q5LsupUX0Cu+YbPOkdfjl8H14Y=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b82499c1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.intensedebate.com/widgets/acctComment/57143/5
192.0.123.247200 OK 0 B URL HTTP/2 www.intensedebate.com/widgets/acctComment/57143/5
IP 192.0.123.247:0
GET /widgets/acctComment/57143/5 HTTP/1.1
Host: www.intensedebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: be050c61329891fb4ef880afd785a1b0
cdn-cache: HIT
cf-cache-status: HIT
age: 576452
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af90b81adabb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/scripts.min.js?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/build/widgets/loginFormBuilder/scripts.min.js?1029332
IP 104.18.11.149:0
GET /build/widgets/loginFormBuilder/scripts.min.js?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: application/javascript
last-modified: Wed, 29 Mar 2023 06:54:02 GMT
vary: Accept-Encoding
etag: W/"6423e08a-ca2"
access-control-allow-origin: *
cache-control: public, max-age=691200
content-encoding: gzip
cf-cache-status: HIT
age: 16027
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=6vv5.yBHKGlp7Cl3qgKDIT7yrWHjqZf0zWMHe3o2weI-1680102681-0-AVro5xDrT9SGOcQD6MuJ1XyjaYyX2jyE+vxfxT9vUS/6zTi5wWi6d6n7i3xagcrzUN0G/jpPJWYCj/bHiAbq8H4=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b82095f1c0e-OSL
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/js/popwin.js?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/js/popwin.js?1029332
IP 104.18.11.149:0
GET /js/popwin.js?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1177
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6423e0c1-499"
last-modified: Wed, 29 Mar 2023 06:54:57 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16028
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=9Vha_TueOg_ah.dhOJSHRu78u700RwsE5ubYhKZ_5n4-1680102681-0-ASXR87sme37Qae4MKPJC+7/W57xi1v0r/+j6i1CBPgRlsx0sEdLFqrrjFr5bkW8cX07s6qTubrmSZnBiwnmH88w=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b8219641c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
lpmedia.servefilesonly.com/widgets/corner/corner.css?1029332
104.18.11.149200 OK 0 B URL HTTP/2 lpmedia.servefilesonly.com/widgets/corner/corner.css?1029332
IP 104.18.11.149:0
GET /widgets/corner/corner.css?1029332 HTTP/1.1
Host: lpmedia.servefilesonly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ww2.teenfinder.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=246
access-control-allow-origin: *
cache-control: public, max-age=691200
etag: W/"6423e0c4-f6"
last-modified: Wed, 29 Mar 2023 06:55:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 16028
expires: Thu, 06 Apr 2023 15:11:21 GMT
set-cookie: __cf_bm=NTiqskhuhwSTGIFhjpcg3O4h7kcsWtX_RGKAiAGeJB4-1680102681-0-AbGsjSYOHyii93EvtiUyOBgY0UijMKke0qaG8GoM6BpNseAeA2HEpmMzE2ilLGUpBpR6mEf7+yzk3a32mbe6dXY=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.servefilesonly.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b82499d1c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.e-referrer.com/link.js
104.26.0.2301 Moved Permanently 0 B URL HTTP/2 www.e-referrer.com/link.js
IP 104.26.0.2:0
GET /link.js HTTP/1.1
Host: www.e-referrer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.e-referrer.com/
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwsPWZ7lYufPwnrAPWnMn9iFIjtOGltfH7sHZUpMQaxXzvhpUuvhGpSZM63Q%2BPTXhLdSZVV5aU%2FIfqf1uAkS0egPL9RJf7yMY%2B21uJ8g0fxAhzAnG1LRrbg1Ok5wivJtSFoW4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b575fd10afe-OSL
X-Firefox-Spdy: h2
www.e-referrer.com/
104.26.0.2200 OK 0 B IP 104.26.0.2:0
GET / HTTP/1.1
Host: www.e-referrer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 7af90b5a9ba60afe-OSL
cache-control: no-cache
last-modified: Wed, 29 Mar 2023 14:12:37 GMT
link: <https://cdn-cfgdj.nitrocdn.com>; rel=preconnect, <https://www.e-referrer.com/wp-json/>; rel="https://api.w.org/", <https://www.e-referrer.com/wp-json/wp/v2/pages/19231>; rel="alternate"; type="application/json", <https://www.e-referrer.com/>; rel=shortlink
vary: user-agent, Accept-Encoding
cf-cache-status: HIT
accept-ch: Sec-CH-UA-Mobile
cf-apo-via: tcache
cf-edge-cache: cache,platform=wordpress
x-cache-ctime: 1679505233
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: bcf1ef8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFO0oBOF%2B6VVzAFBG5RYmchIcCvSDZ6Qq1LmLJh1CmfvQsZqCq2FENDIYu1F%2FVyBXUu1n3%2B5q6Liw0KWRr40IZycCmVNacbcJ3iFAkwXKOb52UKXbTXXHvHLHZmBzpAhTEjS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
blogarama.com/images/button.gif
172.66.40.190301 Moved Permanently 0 B URL HTTP/2 blogarama.com/images/button.gif
IP 172.66.40.190:0
GET /images/button.gif HTTP/1.1
Host: blogarama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://sexyhotmalemodels.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 29 Mar 2023 15:11:16 GMT
content-type: text/html
location: https://www.blogarama.com/images/button.gif
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfIbhJAEcE3h16UNCLpEM27CR3FOhmlvyHz9VMOinfu5fyPfgGXZWnt%2FlJUoOEgWyyGpntoKpECowO%2BNeIX4EmYJ1DiHTxgrebPe1%2FINWmi%2BTkHF1r84IMjRzdgGMp%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af90b5ddeb91c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.teenfinder.com/landing/wf8000?clickId=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tp_redirect_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343
104.18.25.171200 OK 0 B URL HTTP/2 ww2.teenfinder.com/landing/wf8000?clickId=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tp_redirect_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343
IP 104.18.25.171:0
GET /landing/wf8000?clickId=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tracker=SGM_Pro&publisher=1510&subPublisher=64923&zz=true&hit_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343&tp_redirect_id=8d5a6c25-aac3-429f-8b59-81d53cfdc343 HTTP/1.1
Host: ww2.teenfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:11:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
pragma: no-cache
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=bm238setqak4ndnie5n6qj8tm5; path=/
__cf_bm=LBpDW7sV_4yYIOtjvq8isragbkMVsD0hplTZV7PpgZo-1680102681-0-AfE95NP6kgoh50+qWETr1K4sLfN0qWYmmL4sn1qdNqNuTk6cCwmYCwrZ8b++3L8pqPMXMNXR4oyxtvdY3wkCZWw=; path=/; expires=Wed, 29-Mar-23 15:41:21 GMT; domain=.teenfinder.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af90b7f7ceab509-OSL
content-encoding: br
X-Firefox-Spdy: h2