Submitted URL: http://gaybbtrans.com/
Effective URL: https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla
Submission: On May 30 via manual from US — Scanned from DE

Summary

This website contacted 22 IPs in 6 countries across 25 domains to perform 63 HTTP transactions. The main IP is 2606:4700:3036::6815:2e3a, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.greensisteroftime.com.
TLS certificate: Issued by E1 on May 29th 2024. Valid for: 3 months.
This is the only time 0.greensisteroftime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 45.133.44.53 39572 (ADVANCEDH...)
1 131.153.42.228 20454 (SSASN2)
8 162.19.88.69 16276 (OVH)
1 45.150.67.235 44477 (STARK-IND...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 104.20.95.138 13335 (CLOUDFLAR...)
2 45.133.44.24 39572 (ADVANCEDH...)
2 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 157.90.84.242 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 2a01:4f8:c0:3... 24940 (HETZNER-AS)
2 94.130.198.6 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
63 22
Apex Domain
Subdomains
Transfer
9 gaybbtrans.com
gaybbtrans.com
174 KB
8 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18335
568 KB
4 greensisteroftime.com
greensisteroftime.com
0.greensisteroftime.com
12 KB
4 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 37735
865 B
4 statcounter.com
statcounter.com — Cisco Umbrella Rank: 10790
secure.statcounter.com — Cisco Umbrella Rank: 22730
c.statcounter.com — Cisco Umbrella Rank: 11438
27 KB
3 startfinishthis.com
from.startfinishthis.com — Cisco Umbrella Rank: 751748
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
2 restartyourchoices.com
jquery.restartyourchoices.com — Cisco Umbrella Rank: 401052
done.restartyourchoices.com — Cisco Umbrella Rank: 658504
10 KB
2 nereserv.com
nereserv.com — Cisco Umbrella Rank: 36520
401 B
2 cc176a49cd.com
7fcb44bf36.cc176a49cd.com
413 B
2 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 32143
2 capndr.com
js.capndr.com — Cisco Umbrella Rank: 40245
29 KB
2 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 52248
3 KB
2 chaturbate.com
chaturbate.com — Cisco Umbrella Rank: 15953
4 KB
2 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 18452
37 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
162 KB
1 cdntoswitchspirit.com
js.cdntoswitchspirit.com — Cisco Umbrella Rank: 312765
16 KB
1 onclckbn.com
bid.onclckbn.com — Cisco Umbrella Rank: 108373
1 cabnnr.com
js.cabnnr.com — Cisco Umbrella Rank: 58545
19 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 startservicefounds.com
api.startservicefounds.com — Cisco Umbrella Rank: 238218
5 KB
1 smopy.com
d.smopy.com — Cisco Umbrella Rank: 597693
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
0 mcpuwpsh.com Failed
mcpuwpsh.com Failed
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 20 Failed
63 25
Domain Requested by
9 gaybbtrans.com gaybbtrans.com
8 i.postimg.cc gaybbtrans.com
4 fp.metricswpsh.com js.wpadmngr.com
3 from.startfinishthis.com done.restartyourchoices.com
2 0.greensisteroftime.com gaybbtrans.com
2 greensisteroftime.com
2 nereserv.com js.capndr.com
2 7fcb44bf36.cc176a49cd.com js.wpadmngr.com
2 storage.multstorage.com js.wpadmngr.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 c.statcounter.com statcounter.com
secure.statcounter.com
2 js.capndr.com js.wpadmngr.com
2 na.nawpush.com js.wpadmngr.com
2 chaturbate.com 1 redirects gaybbtrans.com
2 js.wpadmngr.com gaybbtrans.com
js.wpadmngr.com
2 www.googletagmanager.com gaybbtrans.com
www.googletagmanager.com
1 done.restartyourchoices.com jquery.restartyourchoices.com
1 jquery.restartyourchoices.com js.cdntoswitchspirit.com
1 js.cdntoswitchspirit.com api.startservicefounds.com
1 bid.onclckbn.com js.cabnnr.com
1 region1.google-analytics.com www.googletagmanager.com
1 js.cabnnr.com js.wpadmngr.com
1 secure.statcounter.com gaybbtrans.com
1 statcounter.com gaybbtrans.com
1 fonts.gstatic.com fonts.googleapis.com
1 api.startservicefounds.com gaybbtrans.com
1 d.smopy.com gaybbtrans.com
1 fonts.googleapis.com gaybbtrans.com
0 mcpuwpsh.com Failed js.capndr.com
0 accounts.google.com Failed gaybbtrans.com
63 30

This site contains no links.

Subject Issuer Validity Valid
gaybbtrans.com
GTS CA 1P5
2024-04-15 -
2024-07-14
3 months crt.sh
upload.video.google.com
WR2
2024-05-13 -
2024-08-05
3 months crt.sh
*.google-analytics.com
WR2
2024-05-13 -
2024-08-05
3 months crt.sh
js.wpadmngr.com
R3
2024-05-10 -
2024-08-08
3 months crt.sh
d.smopy.com
R3
2024-04-13 -
2024-07-12
3 months crt.sh
postimg.cc
R3
2024-04-22 -
2024-07-21
3 months crt.sh
api.startservicefounds.com
R3
2024-04-26 -
2024-07-25
3 months crt.sh
*.highwebmedia.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-09-30 -
2024-10-09
a year crt.sh
*.gstatic.com
WR2
2024-05-13 -
2024-08-05
3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2025-01-03
a year crt.sh
na.nawpush.com
R3
2024-05-27 -
2024-08-25
3 months crt.sh
js.capndr.com
R3
2024-04-21 -
2024-07-20
3 months crt.sh
multstorage.com
GTS CA 1P5
2024-05-15 -
2024-08-13
3 months crt.sh
7fcb44bf36.cc176a49cd.com
R3
2024-05-27 -
2024-08-25
3 months crt.sh
js.cabnnr.com
R3
2024-04-19 -
2024-07-18
3 months crt.sh
notification.tubecup.net
R3
2024-04-18 -
2024-07-17
3 months crt.sh
rtbbnr.com
R3
2024-05-01 -
2024-07-30
3 months crt.sh
cdntoswitchspirit.com
E1
2024-04-29 -
2024-07-28
3 months crt.sh
restartyourchoices.com
E1
2024-05-02 -
2024-07-31
3 months crt.sh
startfinishthis.com
GTS CA 1P5
2024-05-02 -
2024-07-31
3 months crt.sh
greensisteroftime.com
E1
2024-05-29 -
2024-08-27
3 months crt.sh

This page contains 5 frames:

Primary Page: https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla
Frame ID: 57F23208EA13D677B5D47897DEB3820B
Requests: 60 HTTP requests in this frame

Frame: https://chaturbate.com/tours/3/?c=2&campaign=2pxzb&gender=m&p=1&tour=x1Rd&disable_sound=0
Frame ID: FF4EC664E3AF137BAE6E2A08FD3D4632
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: EC2B2BA7CDF4DC784A6A74F29AA7F935
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 295A3DB90AD498E4B982D9CD3480BCA7
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImQiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5Niwic3BhY2VpZCI6MTQ5NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkZyZWUlMkNIRCUyQ2dheSUyQ3Bvcm4lMkMlRTIlODAlOTMlMkNHYXklMkNQb3JuJTJDVmlkZW9zJTJDTWF5JTJDMzAlMkMyMDI0JTJDRnJlZSUyQ0hEJTJDZ2F5JTJDcG9ybiUyQ0dheSUyQ1Bvcm4lMkNWaWRlb3MsIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTc5NjI0OTA3MSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjU1ODQ2MCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjY5LCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjo0LCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI1NTg0NjAiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vZ2F5YmJ0cmFucy5jb20vIiwiY3RpZCI6MX0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjIxN2E2ZTdhZTU2NGZhYmM5Zjc4MDQyYTdhZjNkNjNmIiwiZnAiOm51bGwsImZwX3N0ciI6IiIsInVhX2RhdGEiOnsiYXJjaGl0ZWN0dXJlIjoieDg2IiwiYml0bmVzcyI6IjY0IiwiYnJhbmRzIjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjgifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTI1In1dLCJmdWxsVmVyc2lvbkxpc3QiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUuMC42NDIyLjExMiJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUuMC42NDIyLjExMiJ9LHsiYnJhbmQiOiJOb3QuQS9CcmFuZCIsInZlcnNpb24iOiIyNC4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwidWFGdWxsVmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIiwid293NjQiOmZhbHNlfX0sImV4dCI6eyJkdCI6MTcxNzA2NzY1NDc1NH19
Frame ID: B7AE013E913D3641A12F04ED7503D15F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Проверка браузера

Page URL History Show full URLs

  1. http://gaybbtrans.com/ HTTP 307
    https://gaybbtrans.com/ Page URL
  2. https://from.startfinishthis.com/firstway Page URL
  3. https://from.startfinishthis.com/j77jns Page URL
  4. https://greensisteroftime.com/go/mi3dcoddgq5dcnzvgu3a?sub2=parla Page URL
  5. https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

63
Requests

94 %
HTTPS

62 %
IPv6

25
Domains

30
Subdomains

22
IPs

6
Countries

1148 kB
Transfer

2066 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gaybbtrans.com/ HTTP 307
    https://gaybbtrans.com/ Page URL
  2. https://from.startfinishthis.com/firstway Page URL
  3. https://from.startfinishthis.com/j77jns Page URL
  4. https://greensisteroftime.com/go/mi3dcoddgq5dcnzvgu3a?sub2=parla Page URL
  5. https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gaybbtrans.com/ HTTP 307
  • https://gaybbtrans.com/
Request Chain 20
  • https://chaturbate.com/in/?tour=x1Rd&campaign=2pxzb&track=default&c=2&p=1&gender=m HTTP 302
  • https://chaturbate.com/tours/3/?c=2&campaign=2pxzb&gender=m&p=1&tour=x1Rd&disable_sound=0
Request Chain 50
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyi0Zud1odKmGjxKWn8fTv3CNNqUn7e3dJtgNW60Abqplx98_eBIqs-dsZPozuI5UEIPgzjZQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQybHfD2y70FHEFiWX0mx5AYx1Sfk6PMWtR8frpRCfD33ruAfdZM4W8mPcPNskvbEJMlRO_plA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1728570477%3A1717067654902103&ddm=0

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
gaybbtrans.com/
Redirect Chain
  • http://gaybbtrans.com/
  • https://gaybbtrans.com/
59 KB
17 KB
Document
General
Full URL
https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash
5a519f0b890675b312171a8d48a245f9e0df27c75909c37a31ba0e44a6fc8bf6

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88be4ca648b49238-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 11:14:14 GMT
link
<https://gaybbtrans.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JiGcOSwUg58IDAs9d7taHvUzqljtWGg3jatK3iIl5W5Ow7kSr9cqUcn99GxhaGa5EMekPaK8N2uHRJ3LVG2Oe55gz9dae2JEhlegu%2B1KVMQPxiyuyJg3AjMEnsJp%2FSQqGCh5%2FiihLy%2F0yPI8IA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://gaybbtrans.com/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
gaybbtrans.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://gaybbtrans.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 22:41:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102335
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ek2DW6iruzwmvwsbqYQ57PbtMVaL0gOIFxKsvMRLq5dETV%2F6YOPY8XZDbmGADc90lTzZ7exbB3qgvEGqdsxXOvUsg%2B%2BdSLZlDSyCZcQfF5jyvE4NAUCa8zwQFKAtPg%2F5GIbgvPVkSSWaIF2bwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88be4ca6a9119238-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 06:48:38 GMT
css
fonts.googleapis.com/
55 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=2.1.1
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 May 2024 10:49:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 May 2024 11:14:14 GMT
all.min.css
gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/css/all.min.css?ver=5.15.3
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 00:27:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
455606
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ay2gS5JnWobM%2BIkjv%2Fw5eCrSFqx5hd9Uo8IKoztbdCrEeJElBuo7uZ1ca31UE17h7mpfDgZHLsBrtG0Xj3nQ5OxVIjNAKviOuYjJshw23f4VLlbju3qdBnY2XBqMVGmU2IFoP88jQ4QBdX8jRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88be4ca6a9139238-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 04:40:47 GMT
style.css
gaybbtrans.com/wp-content/themes/ruffie/
64 KB
12 KB
Stylesheet
General
Full URL
https://gaybbtrans.com/wp-content/themes/ruffie/style.css?ver=2.1.1
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5a9874730b748ac6c8178941088650609b6617b3dbd5f9f86ef5a86c0f18c2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 00:27:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
456493
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQJo8QqHZv0pFoXZUML8cwRpN31MhyB70lZMDHLJjtvkvK6LtpzG1MMqFuQtesFw5q3Lp9Mu0cyLJxd05v1KD6Rea7Sl43Ef%2Bs9r%2FuD%2FugNHPBAuhvg1HlRb5Z84%2B2EJxyqtJDhzQFF2rQbI%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88be4ca6a9159238-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 04:26:00 GMT
js
www.googletagmanager.com/gtag/
203 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-155362631-1
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf1f94eadb9a1754816775014c35b2ef4a36320b337900ea3226241f8598dcec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74979
x-xss-protection
0
last-modified
Thu, 30 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 11:14:14 GMT
adManager.js
js.wpadmngr.com/static/
2 KB
1 KB
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 11:19:14 GMT
date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2024 13:04:52 GMT
server
nginx/1.18.0
etag
W/"66436174-6c7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
/
d.smopy.com/d/
35 KB
12 KB
Script
General
Full URL
https://d.smopy.com/d/?resource=pubJS
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.153.42.228 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx / Express
Resource Hash
86946afddace5b2f7e92ffd10bb4e6dc234f4d61a78cc6d492d0dc20b7b90552

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 11:14:14 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Express
ETag
W/"8b55-wd5dpSoJq4qRWFl05PNJqNhjeQ8"
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
papi872z7.jpg
i.postimg.cc/25MfybrV/
44 KB
44 KB
Image
General
Full URL
https://i.postimg.cc/25MfybrV/papi872z7.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
6a11dcaa911f77ed849f680e6f1dd39894047342e9e1523a7ded4f28bbcdff30

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:46:44 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
44943
expires
Thu, 31 Dec 2037 23:55:55 GMT
image.jpg
i.postimg.cc/bYbqGTG8/
43 KB
43 KB
Image
General
Full URL
https://i.postimg.cc/bYbqGTG8/image.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
2cee3c7ce248ba3077962574ccbd913b91ef41f34f3e0b4791f07e6183c83bbf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:40:58 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
44250
expires
Thu, 31 Dec 2037 23:55:55 GMT
1047-image05.webp
i.postimg.cc/wBdvvGVC/
16 KB
16 KB
Image
General
Full URL
https://i.postimg.cc/wBdvvGVC/1047-image05.webp
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
5edde8565bf470d30a2a7b3fa11cc5d937c14588204b1bf39d47f83509c4038c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:32:15 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
16162
expires
Thu, 31 Dec 2037 23:55:55 GMT
bronetwork-dont-ask-nothing-to-tell-editors-cut-22.jpg
i.postimg.cc/25pqW6zX/
39 KB
39 KB
Image
General
Full URL
https://i.postimg.cc/25pqW6zX/bronetwork-dont-ask-nothing-to-tell-editors-cut-22.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
0d8edb03bc792f46627e013a59c54532ceaac679306398085a54780a697221f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:23:51 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
39626
expires
Thu, 31 Dec 2037 23:55:55 GMT
156530-136.jpg
i.postimg.cc/Vvs0NVYf/
39 KB
40 KB
Image
General
Full URL
https://i.postimg.cc/Vvs0NVYf/156530-136.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
81602102b12ec00707d9a7a6a924a8ea70c25a9941c043dbbcc84b37e4a7a785

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:15:14 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
40219
expires
Thu, 31 Dec 2037 23:55:55 GMT
20240523233218-content-gallery-The-Picnic-Pounding-with-Dan-Evans-25.jpg
i.postimg.cc/QCDkJmhw/
93 KB
93 KB
Image
General
Full URL
https://i.postimg.cc/QCDkJmhw/20240523233218-content-gallery-The-Picnic-Pounding-with-Dan-Evans-25.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
ee56a1a22dd0208557415ce90d740381e58ea1432117b8ed985fb42deafdd4b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 06:06:10 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
94847
expires
Thu, 31 Dec 2037 23:55:55 GMT
brothercrush-brc0182-009.jpg
i.postimg.cc/BQgNNr8g/
65 KB
65 KB
Image
General
Full URL
https://i.postimg.cc/BQgNNr8g/brothercrush-brc0182-009.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
9ae626356762a0e7dfa3e7425883f43e0c6248f394dac2b702fed1120e401a5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Thu, 30 May 2024 05:57:55 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
66074
expires
Thu, 31 Dec 2037 23:55:55 GMT
rsgffh.png
i.postimg.cc/4NKnFZMb/
228 KB
228 KB
Image
General
Full URL
https://i.postimg.cc/4NKnFZMb/rsgffh.png
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3221384.ip-162-19-88.eu
Software
nginx /
Resource Hash
99fba25f2c147fa91a6ce7f70afa92b0c61fcfb2d49dbeb5453d9057e8330ae1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Wed, 29 May 2024 22:19:17 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
233436
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
gaybbtrans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://gaybbtrans.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6650ac81-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REJ%2Fh41CcCbBefl8bfYRjwVGATfC8mfaD8MdPBbUaD7ubLwxkle1w%2B9qFLSCZS%2BBhhYtabrReMaIaPXQ1bXG7GvgXaOeidCywhYsKrvSkqyYNmPd6tjY9FVHUM6H95qpmZSHIfh4ZhqCzpC24Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
88be4ca769b49238-FRA
expires
Sat, 01 Jun 2024 11:14:14 GMT
functions.js
gaybbtrans.com/wp-content/themes/ruffie/assets/js/
2 KB
1 KB
Script
General
Full URL
https://gaybbtrans.com/wp-content/themes/ruffie/assets/js/functions.js?ver=2.1.1
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39aaaed1f41fb7b087883c7f4a93d6deeec320e6a8b5f13240a7a3f0842a3ef4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Mar 2024 00:27:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
419712
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lakDM45vY%2B7vLy230HFkBP1bP82tYuJNPYMQTSaM2h0KjkIU8NdFSxVsBYEGXKj%2Fe2S4oueE56QK6SAqqkxK2tdgioYLz9KZNMmdEeQJ7OWyoEdzp6TJYCn6nNiTGzpSo6VGY9ZcaSV4SpHrRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88be4ca769b59238-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jun 2024 14:39:01 GMT
a3ca9c97-1624-4c6f-9580-4534a9b2ebff
https://gaybbtrans.com/
1 KB
0
Other
General
Full URL
blob:https://gaybbtrans.com/a3ca9c97-1624-4c6f-9580-4534a9b2ebff
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
sort.js
api.startservicefounds.com/service/
10 KB
5 KB
Script
General
Full URL
https://api.startservicefounds.com/service/sort.js
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.150.67.235 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm2121949.stark-industries.solutions
Software
nginx /
Resource Hash
d5b3b109f4bc1b1b1c2c326e4ad30780ce6bb1cd4e38c842fb9cc082fda085ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 15:10:04 GMT
server
nginx
etag
W/"663109cc-2893"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=864000
expires
Sun, 09 Jun 2024 11:14:14 GMT
/
chaturbate.com/tours/3/ Frame FF4E
Redirect Chain
  • https://chaturbate.com/in/?tour=x1Rd&campaign=2pxzb&track=default&c=2&p=1&gender=m
  • https://chaturbate.com/tours/3/?c=2&campaign=2pxzb&gender=m&p=1&tour=x1Rd&disable_sound=0
0
0
Document
General
Full URL
https://chaturbate.com/tours/3/?c=2&campaign=2pxzb&gender=m&p=1&tour=x1Rd&disable_sound=0
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6428 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.conviva.com https://drt1fhpy4haqm.cloudfront.net; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.live.mmwebc.dev https://cbxyz.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gaybbtrans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88be4ca8fa7c5d80-FRA
content-encoding
br
content-language
en
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.conviva.com https://drt1fhpy4haqm.cloudfront.net; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.live.mmwebc.dev https://cbxyz.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 11:14:14 GMT
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Language, Cookie
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88be4ca7c8f75d80-FRA
content-language
en
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.conviva.com https://drt1fhpy4haqm.cloudfront.net; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.live.mmwebc.dev https://cbxyz.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://crypto-payments.net https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 11:14:14 GMT
location
/tours/3/?c=2&campaign=2pxzb&gender=m&p=1&tour=x1Rd&disable_sound=0
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&ver=2.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gaybbtrans.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
210201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 May 2025 00:50:53 GMT
fa-solid-900.woff2
gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/webfonts/
76 KB
77 KB
Font
General
Full URL
https://gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/webfonts/fa-solid-900.woff2
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/css/all.min.css?ver=5.15.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/wp-content/themes/ruffie/assets/icons/fontawesome-free-5.15.3-web/css/all.min.css?ver=5.15.3
Origin
https://gaybbtrans.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86822
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Fri, 22 Mar 2024 00:27:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aUBIZe2A3rnbDzo38k1M%2BktZHx%2Bx0KoZyJrjJdB0xd%2F4cWe9fc3DXlZ6KXqa4e9F%2B215k9nIivXS7Q%2BgNdJynpkq04YgwzGeoNX9rmJFHtFTHUOIQgRgHUOMNYlJ%2F98UwyYSDGDNZCgNqR3dZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
88be4ca799f99238-FRA
expires
Wed, 05 Jun 2024 11:07:11 GMT
male_300x250-3.gif-300x250.jpg
gaybbtrans.com/wp-content/uploads/2020/03/
31 KB
32 KB
Image
General
Full URL
https://gaybbtrans.com/wp-content/uploads/2020/03/male_300x250-3.gif-300x250.jpg
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e9ca7d36e1977b96f39bd1a874dd99c0a7499980f0de6d714dbb74c9316f75

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
405074
alt-svc
h3=":443"; ma=86400
content-length
31829
last-modified
Sat, 28 Mar 2020 10:56:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m84%2FRV5H%2BvOnll%2FVhzpTJH9S01I0fqoPAlZq%2FZx7%2FKW2JKzICb3tpQmkVKOtFZ3uwd9JkAV46q%2BsMK%2FEtnBJX4Ufkbn7PHZqYo9pthQZJRpS1l7Hj3A4yBdSjmY3nTUc821fPSY7QHB%2FmfpouQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
88be4ca799f69238-FRA
expires
Sat, 01 Jun 2024 18:42:59 GMT
counter.js
statcounter.com/counter/
35 KB
13 KB
Script
General
Full URL
https://statcounter.com/counter/counter.js
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 29 May 2024 09:52:13 GMT
server
cloudflare
age
28059
etag
W/"6656facd-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88be4ca8090a1c28-FRA
expires
Thu, 30 May 2024 15:26:35 GMT
adManager.m.js
js.wpadmngr.com/static/
112 KB
36 KB
Script
General
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c6e441a36f5b5d2ebd78587e8508368084c03727205a05aac257e562b3604656

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 11:19:14 GMT
date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
last-modified
Tue, 14 May 2024 13:04:56 GMT
server
nginx/1.18.0
etag
W/"66436178-1c009"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
178515
na.nawpush.com/tags/
1 KB
1 KB
XHR
General
Full URL
https://na.nawpush.com/tags/178515?version_name=d
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
2234c58a0bb95b21cba64e026433bdd5d0882f83b740a0f23f38ed647a674283

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 11:14:14 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.24.0
content-length
1213
x-proxy-cache
EXPIRED
advertising.js
js.capndr.com/
0
238 B
Script
General
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 11:19:14 GMT
date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
178929
na.nawpush.com/tags/
1 KB
1 KB
XHR
General
Full URL
https://na.nawpush.com/tags/178929?version_name=d
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
7a50e8a58f7a3c00a55e735d4467587ff1bc5bb8e3db1dd8458b4377598f7c67

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 11:14:14 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.24.0
content-length
1322
x-proxy-cache
EXPIRED
counter.js
secure.statcounter.com/counter/
35 KB
13 KB
Script
General
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 29 May 2024 09:52:13 GMT
server
cloudflare
age
21740
etag
W/"6656facd-8c64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
88be4ca8a9e11c28-FRA
expires
Thu, 30 May 2024 17:11:54 GMT
t.php
c.statcounter.com/
397 B
750 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=12063167&u1=48A1078113004FA054681A1E82A0F20F&java=1&security=89f3903e&sc_snum=1&sess=21e3ea&sc_rum_e_s=393&sc_rum_e_e=432&sc_rum_f_s=0&sc_rum_f_e=379&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//gaybbtrans.com/&t=Free%20HD%20gay%20porn%20%E2%80%93%20Gay%20Porn%20Videos&get_config=true
Requested by
Host: statcounter.com
URL: https://statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a059ea4926328e48d91cae16a2f7d34c3a8cd7248c4eaa44cb6f52ff00d1763

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://gaybbtrans.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
88be4ca8a9f71c28-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/
252 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DQC7D992N7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155362631-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acaadef013a0ba59986dd277f01495e12976d8931090dce532340e46599bc76f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90618
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 May 2024 11:14:14 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-155362631-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 May 2024 10:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2706
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 30 May 2024 12:29:08 GMT
count.html
storage.multstorage.com/log/ Frame EC2B
0
0
Document
General
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gaybbtrans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88be4ca9df959152-FRA
content-encoding
br
content-type
text/html
date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIfBe7HXIvDppKkmUcsZDHWoa8VNUCCErVkavLxnW95HqtFiqnAyy2WMPQWMBruxzc1C1%2Fjra9pTycXUi9TD2xdruuE%2F2ZxrBIogvFQ0E6XzdL1jpMC544gMaaFd2GdbJLllUHHlkbJ%2Fye3LxdbH5I2P3mrsFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
848e61a6d5e63761d0360b4a0ca02d52
track
7fcb44bf36.cc176a49cd.com/in/
0
206 B
XHR
General
Full URL
https://7fcb44bf36.cc176a49cd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjM0NDQ2MzMwMTM0MTI2MjAwMCIsInRpbWV6b25lIjoyLCJ2ZXIiOiIzLjEyMi4xIiwidGFnX2lkIjoxNzg5MjksInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQmVybGluIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
build.m.js
js.cabnnr.com/banner-admanager/
56 KB
19 KB
Script
General
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
20deb27eef14173795d4930e2d8b9b9a0b585a987c2afbbe3b6479c937c680d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 11:19:14 GMT
date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2024 13:40:48 GMT
server
nginx/1.18.0
etag
W/"664b52e0-e180"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
t.php
c.statcounter.com/
397 B
586 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=12063167&u1=48A1078113004FA054681A1E82A0F20F&java=1&security=89f3903e&sc_snum=2&sess=21e3ea&sc_rum_e_s=551&sc_rum_e_e=590&sc_rum_f_s=0&sc_rum_f_e=379&p=0&pv=10&rcat=d&bb=0&rdomo=d&rdomg=1&jg=1&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//gaybbtrans.com/&t=Free%20HD%20gay%20porn%20%E2%80%93%20Gay%20Porn%20Videos&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a059ea4926328e48d91cae16a2f7d34c3a8cd7248c4eaa44cb6f52ff00d1763

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://gaybbtrans.com
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
88be4ca9ab581c28-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
fp
fp.metricswpsh.com/
58 B
432 B
XHR
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=178929
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f29db6ebe6591fa698177c8db7262b00e1b3364799f933bef3660de6690059b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 30 May 2024 11:14:14 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://gaybbtrans.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
fp
fp.metricswpsh.com/ Frame
0
0
Preflight
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=178929
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gaybbtrans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://gaybbtrans.com
Connection
keep-alive
Date
Thu, 30 May 2024 11:14:14 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
count.html
storage.multstorage.com/log/ Frame 295A
0
0
Document
General
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gaybbtrans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88be4ca9df959152-FRA
content-encoding
br
content-type
text/html
date
Thu, 30 May 2024 11:14:14 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIfBe7HXIvDppKkmUcsZDHWoa8VNUCCErVkavLxnW95HqtFiqnAyy2WMPQWMBruxzc1C1%2Fjra9pTycXUi9TD2xdruuE%2F2ZxrBIogvFQ0E6XzdL1jpMC544gMaaFd2GdbJLllUHHlkbJ%2Fye3LxdbH5I2P3mrsFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
848e61a6d5e63761d0360b4a0ca02d52
track
7fcb44bf36.cc176a49cd.com/in/
0
207 B
XHR
General
Full URL
https://7fcb44bf36.cc176a49cd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMjM0NDQ2MzMwMTM0MTI2MjAwMCIsInRpbWV6b25lIjoyLCJ2ZXIiOiIzLjEyMi4xIiwidGFnX2lkIjoxNzg1MTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdXJvcGUvQmVybGluIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjIsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0=
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
server
nginx/1.20.2
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
build.m.js
js.capndr.com/popunder-admanager/
99 KB
29 KB
Script
General
Full URL
https://js.capndr.com/popunder-admanager/build.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3abdd6eff2b15ad1d1c80ac3366be71010f78ab5631aecb4d1b5d95ed5c38030

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 30 May 2024 11:19:14 GMT
date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2024 14:49:12 GMT
server
nginx/1.18.0
etag
W/"6644cb68-18a0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
wp-emoji-release.min.js
gaybbtrans.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://gaybbtrans.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:401f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 07 Apr 2024 22:41:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
102335
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWCwIUwQRDZ73%2BJH6lBcHrtLXtT4qOa0XqYhQFdIbt1P3yrlH4a844lMM1OX8CN9kiZEiOhGqW6mirfezn2CZYiOMoxSkc3TzfvgEL1PpxE2xpFuPWKB8HFzS3%2FpgGPw5RDaOcid9prwse8fyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
88be4ca9bc9f9238-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 06:48:38 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2053539794&t=pageview&_s=1&dl=https%3A%2F%2Fgaybbtrans.com%2F&ul=de-de&de=UTF-8&dt=Free%20HD%20gay%20porn%20%E2%80%93%20Gay%20Porn%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=483346389&gjid=1392900459&cid=285520023.1717067655&tid=UA-155362631-1&_gid=47692976.1717067655&_r=1&gtm=457e45m0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1887152464
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gaybbtrans.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp
fp.metricswpsh.com/
58 B
433 B
XHR
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=178515
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
f29db6ebe6591fa698177c8db7262b00e1b3364799f933bef3660de6690059b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Thu, 30 May 2024 11:14:14 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://gaybbtrans.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
fp
fp.metricswpsh.com/ Frame
0
0
Preflight
General
Full URL
https://fp.metricswpsh.com/fp?tag_id=178515
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.90.84.242 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gaybbtrans.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://gaybbtrans.com
Connection
keep-alive
Date
Thu, 30 May 2024 11:14:14 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
truncated
/
203 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DQC7D992N7&gtm=45je45m0v9135909926za200&_p=1717067654266&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=285520023.1717067655&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1717067654&sct=1&seg=0&dl=https%3A%2F%2Fgaybbtrans.com%2F&dt=Free%20HD%20gay%20porn%20%E2%80%93%20Gay%20Porn%20Videos&en=page_view&_fv=1&_ss=1&tfd=643
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQC7D992N7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gaybbtrans.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bid.onclckbn.com/get/ Frame B7AE
0
0
Document
General
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImQiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5Niwic3BhY2VpZCI6MTQ5NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkZyZWUlMkNIRCUyQ2dheSUyQ3Bvcm4lMkMlRTIlODAlOTMlMkNHYXklMkNQb3JuJTJDVmlkZW9zJTJDTWF5JTJDMzAlMkMyMDI0JTJDRnJlZSUyQ0hEJTJDZ2F5JTJDcG9ybiUyQ0dheSUyQ1Bvcm4lMkNWaWRlb3MsIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTc5NjI0OTA3MSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjU1ODQ2MCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjY5LCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjo0LCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI1NTg0NjAiLCJjYXQiOlsiSUFCMjUiXSwicGFnZSI6Imh0dHBzOi8vZ2F5YmJ0cmFucy5jb20vIiwiY3RpZCI6MX0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjIxN2E2ZTdhZTU2NGZhYmM5Zjc4MDQyYTdhZjNkNjNmIiwiZnAiOm51bGwsImZwX3N0ciI6IiIsInVhX2RhdGEiOnsiYXJjaGl0ZWN0dXJlIjoieDg2IiwiYml0bmVzcyI6IjY0IiwiYnJhbmRzIjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjgifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTI1In1dLCJmdWxsVmVyc2lvbkxpc3QiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjUuMC42NDIyLjExMiJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjUuMC42NDIyLjExMiJ9LHsiYnJhbmQiOiJOb3QuQS9CcmFuZCIsInZlcnNpb24iOiIyNC4wLjAuMCJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwidWFGdWxsVmVyc2lvbiI6IjEyNS4wLjY0MjIuMTEyIiwid293NjQiOmZhbHNlfX0sImV4dCI6eyJkdCI6MTcxNzA2NzY1NDc1NH19
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:33d8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gaybbtrans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
3175
content-type
text/html
date
Thu, 30 May 2024 11:14:14 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
dip
nereserv.com/in/
0
201 B
XHR
General
Full URL
https://nereserv.com/in/dip?event_id=0fe1b76c-c68f-4224-aaf1-b12319cfeaa2&subid=982893389&spot_id=557690&created_at=2024-05-30&timezone=2&ver=1.142.0
Requested by
Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQyi0Zud1odKmGjxKWn8fTv3CNNqUn7e3dJtgNW60Abqplx98_eBIqs-d...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQybHfD2y70FHEFiWX0mx5AYx1Sfk6PMWtR8frpRCfD33ruAfdZM4W8mPcPNskvbEJMlRO_plA&passive...
0
0

dd033179-86dd-4292-89f8-48d4f1cc73d0
https://gaybbtrans.com/
204 B
0
Other
General
Full URL
blob:https://gaybbtrans.com/dd033179-86dd-4292-89f8-48d4f1cc73d0
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
204
Content-Type
text/javascript
dip
nereserv.com/in/
0
200 B
XHR
General
Full URL
https://nereserv.com/in/dip?event_id=0fe1b76c-c68f-4224-aaf1-b12319cfeaa2&subid=982893389&spot_id=557690&created_at=2024-05-30&timezone=2&ver=1.142.0
Requested by
Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
94.130.198.6 Bendorf, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.6.198.130.94.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 30 May 2024 11:14:14 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
/
mcpuwpsh.com/get/
0
0

split.js
js.cdntoswitchspirit.com/source/
43 KB
16 KB
Script
General
Full URL
https://js.cdntoswitchspirit.com/source/split.js
Requested by
Host: api.startservicefounds.com
URL: https://api.startservicefounds.com/service/sort.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:5d7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 May 2024 08:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1304920
etag
W/"66446fc3-ab1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLVAt3M95WqHwlO%2FPaEhR6L3WC5zXfyYK%2FIjWIRg0dVaQPlBeGHSBKmHyos3uPQHbIx6cRUM5iwy8DQhukOLP6wYMzFHX3kaXcN9%2FfbX88UCRJF6KbyvmMtVwKo0s3%2BTSxlEhb2SAG1elkrLVhUqYPcqP6M%2B0YU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
88be4cac1adc1da2-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
cdncollect
jquery.restartyourchoices.com/
10 KB
5 KB
Script
General
Full URL
https://jquery.restartyourchoices.com/cdncollect?r1=gaybbtrans.com
Requested by
Host: js.cdntoswitchspirit.com
URL: https://js.cdntoswitchspirit.com/source/split.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9ktD2Y0E3urJ4QASHjbsntG2tZcJE1vstscKdU5LAm2c2Js8s%2ByohpoaYr0uFXB0mJyzd7xaX9SoTgZ3UcDMPvSzLNtJzu26nF2SBLiXl9EhS2R1Mx7dLuUuxYZMWCPBUL0yIgit4soM0UnqCel3GJZN0qa9D4ejH5uQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
88be4cace84718b9-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 11:14:15 GMT
stepone
done.restartyourchoices.com/
9 KB
4 KB
Script
General
Full URL
https://done.restartyourchoices.com/stepone
Requested by
Host: jquery.restartyourchoices.com
URL: https://jquery.restartyourchoices.com/cdncollect?r1=gaybbtrans.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
91eab778b457ad0013d3387166caf5bc893b9b800bbb1ef99b75b6dfe8752b94

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gaybbtrans.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:15 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7GNAmM255XxDcU8E9oVOV0NaObwrL1AQJzmOcn64ls309n0kRvM0MpbL6O3HnFDpWKeXcYHvtEZbFgc0JzEzBvCPv2vLvPaYfdeR8crNXecByrZbDTsP3VtXIad8v8xQG%2B8iNhA14T4sZFDQux4mBJny7RKeTskmco%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
88be4cae09cc18b9-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 May 2024 11:14:15 GMT
firstway
from.startfinishthis.com/
203 B
645 B
Document
General
Full URL
https://from.startfinishthis.com/firstway
Requested by
Host: done.restartyourchoices.com
URL: https://done.restartyourchoices.com/stepone
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0751cd80ae24900ea032d3d3106d9c8a7e8ecf1249c979cdfe0fd1b2e98330d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://gaybbtrans.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88be4caf5f1139eb-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 11:14:15 GMT
expires
Thu, 30 May 2024 11:14:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDYVwRBY3%2BSaIqaVJ9deCWnseR2Fsypr8E7enRli3fQaom6kQb12JkBBQAl7UxxNJf5L6JPkCBuLlczI7LLe2Lg3R5%2BMGH0M5s8yUELBVWUxH1nVSMyLYefCCDCYJUKL%2Fb2y3WSs8HVXYjsisPyrTIY4DMt%2Bm8E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
j77jns
from.startfinishthis.com/
228 B
633 B
Document
General
Full URL
https://from.startfinishthis.com/j77jns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7492efb50578a867bd56bb77987a4564a372705f9eba901f8834a5acf503a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88be4cb0282739eb-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 11:14:15 GMT
expires
Thu, 30 May 2024 11:14:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gcG1Dt4m3qVRlMHslkpqcC2RmH%2F9x7txh0qs5MVIpUSw96tHa4t4o%2BaIEowG8hs8eULZHjQvDc7H7XavR98lGUCHnb%2B%2B4DjltjQfwuflexKVYbNUa%2Fmv6xqucw77vw9Cd5E6jb0IeYTYB%2F2c6PT%2FkbX0ksB1WLs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
favicon.ico
from.startfinishthis.com/
548 B
580 B
Other
General
Full URL
https://from.startfinishthis.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:40a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
96
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkCb7pFMHEe%2BTCHAeYXc95kH4%2FGoSnQ8DwG02qJA6hGYR7lDdZkvhVUr2lESCaEhcv%2F%2BzkireTQAoQkAbL5cEsteTFOOrLhUiGK5%2FYtnD6J6K882E31wIEGHAXs4HUClh7JCaG5lC1b0iQuwiwFf1sFJElQF0Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
88be4cb0283139eb-FRA
alt-svc
h3=":443"; ma=86400
mi3dcoddgq5dcnzvgu3a
greensisteroftime.com/go/
10 KB
6 KB
Document
General
Full URL
https://greensisteroftime.com/go/mi3dcoddgq5dcnzvgu3a?sub2=parla
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2e3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330ef60d813e1d6369cb9c565c42a2ec066efa3fa22ddbe3227f3da2e71d79a5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88be4cb1092137e3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 11:14:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9GS6ykoE4hbUqUXnJ747DWia%2B1Zz5I7nHF9OEErDTLZZ%2F2C4ymXWpMEEqa3rmFBqx8oQf0LJP9f8cDVJ7zLjUzdE3w7R3JaMCxlYnJ2%2B0F4KXLTfeYjIr91b0jdokbJNNLWVO7CGjEAKw8RPye7do81n2B0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
greensisteroftime.com/
0
422 B
Other
General
Full URL
https://greensisteroftime.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2e3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://greensisteroftime.com/go/mi3dcoddgq5dcnzvgu3a?sub2=parla
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4116
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItJ7ypsE%2BwadhM4XPeOeTqgIQ6DyO9kU0Qqrr5TsSQ1YeLnB0Y0RdpeSWL3K7xtfWtHRNpfAPs0Mhnh8IZ%2BrJd7Vem1c1NGlYd4DaJG07sv0bfqB5n%2Bj0tOh4WFqBO2tlPZ279FvMlnk%2BYhymEUt2%2FfqhoY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
88be4cb19a0b37e3-FRA
alt-svc
h3=":443"; ma=86400
Primary Request index.php
0.greensisteroftime.com/
10 KB
6 KB
Document
General
Full URL
https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla
Requested by
Host: gaybbtrans.com
URL: https://gaybbtrans.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2e3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88689e28c045dbf68f9150be416297ce91ef9cc8c9331c042d732aaa073053ce

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://greensisteroftime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88be4cbe6c7437e3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 11:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUADVeNrYk1Ga8SHu%2FhAgBwJZn9aXFtJekpuSAN8mbbJ%2FCuwE3B5EF4G4IZGIVyllO%2FoMDrtECsfUEV9nQiaEhlHxmJkIYYafBemz%2BeIBYeYtj7LNx9mYy%2FA6F5Ux3gC4MM3jUJDyGRj8ZLJ5Y8bl%2Bv19pPChw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/
378 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
377 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
0.greensisteroftime.com/
0
430 B
Other
General
Full URL
https://0.greensisteroftime.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2e3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://0.greensisteroftime.com/index.php?p=mi3dcoddgq5dcnzvgu3a&sub2=parla
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 11:14:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1280
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpqIrCTh13uf7dBNCx0yitmKfwGXukclVflinDHcUvln%2FCWtsWTj7NW9xkzeHU6lR3QmBE06XcO%2F0g%2F0eb1yFEIrEPc21ll5MTxEgokKcKfu5gf0rb09XvP8sXCYcC3rIu7s%2BE9qw%2BWy%2FKgucjFKyqqEAEAw9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
88be4cbefd1037e3-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQybHfD2y70FHEFiWX0mx5AYx1Sfk6PMWtR8frpRCfD33ruAfdZM4W8mPcPNskvbEJMlRO_plA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1728570477%3A1717067654902103&ddm=0
Domain
mcpuwpsh.com
URL
https://mcpuwpsh.com/get/

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

19 Cookies

Domain/Path Name / Value
chaturbate.com/ Name: u_x1Rd
Value: 1
chaturbate.com/ Name: us_x1Rd
Value: 1
.chaturbate.com/ Name: affkey
Value: "eJyrVipRslJQqjAMSlHSUVBKzi0AcY0KKqqSQPySomwQPyU1LbE0pwQkUgTiZ5SUFBRb6eunJ1YmJZUUJeYV6yXn5+qD5BPT0kAqEDIgQYihhiBmcWYKiANighlGBkYmugamusYGSrUAFaImHQ=="
.chaturbate.com/ Name: fromaffiliate
Value: 1
.chaturbate.com/ Name: sbr
Value: sec:sbrcce772a0-c745-4b81-88b4-0e4b20ed7f10:1sCdja:_ox5rTbpY3n_kPdguOg2LFDRJ3H5QzMbR1HZcAhe68c
.gaybbtrans.com/ Name: sc_is_visitor_unique
Value: rx12063167.1717067655.48A1078113004FA054681A1E82A0F20F.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12063167.1717067654.0
.gaybbtrans.com/ Name: _gid
Value: GA1.2.47692976.1717067655
.gaybbtrans.com/ Name: _gat_gtag_UA_155362631_1
Value: 1
.gaybbtrans.com/ Name: _ga_DQC7D992N7
Value: GS1.1.1717067654.1.0.1717067654.0.0.0
.gaybbtrans.com/ Name: _ga
Value: GA1.1.285520023.1717067655
.chaturbate.com/ Name: csrftoken
Value: wuOmYLyaJKtJW5QGJWGQaTFLF5GVA8gzNpnYgIM4a6u2PX5j2hqmbXHliKGyq7Kc
.statcounter.com/ Name: is_unique_1
Value: sc12063167.1717067654.0
.statcounter.com/ Name: is_visitor_unique
Value: 1717067654265786491
fp.metricswpsh.com/ Name: id
Value: 14311500032111371342
.chaturbate.com/ Name: __cf_bm
Value: 4dqeBaenxyetkFDLp9aLBWyObYagvp6WBgH7uHevYj0-1717067655-1.0.1.1-YYbTdG.YSJEiqin7.9vZ_xdgkiF496fWxX4pwg9NRiOiUWdNx9EsCXNtWyAWYKLmw.pI0cRj.CSZ4VcHf0m1.g
.chaturbate.com/ Name: cf_clearance
Value: B1Jg2OkscCXCW50X0n2q1gz2bTwPw8CyvLUC9iUFnwg-1717067655-1.0.1.1-e_qT2v54TMIKD6SqkV3ibEVKS_YONTIKD7ngXBa2OEXbQcKLqrE5kWITIGw2Jy0Z8KogD9XYUlaTp9dneMb0UA
.greensisteroftime.com/ Name: uuid
Value: 75927c4f-fab0-432a-b2b2-816044855ca7
.0.greensisteroftime.com/ Name: uuid
Value: 75927c4f-fab0-432a-b2b2-816044855ca7

51 Console Messages

Source Level URL
Text
javascript warning URL: https://gaybbtrans.com/(Line 366)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gaybbtrans.com/(Line 366)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gaybbtrans.com/(Line 401)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://gaybbtrans.com/(Line 401)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gaybbtrans.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://from.startfinishthis.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.greensisteroftime.com
7fcb44bf36.cc176a49cd.com
accounts.google.com
api.startservicefounds.com
bid.onclckbn.com
c.statcounter.com
chaturbate.com
d.smopy.com
done.restartyourchoices.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
from.startfinishthis.com
gaybbtrans.com
greensisteroftime.com
i.postimg.cc
jquery.restartyourchoices.com
js.cabnnr.com
js.capndr.com
js.cdntoswitchspirit.com
js.wpadmngr.com
mcpuwpsh.com
na.nawpush.com
nereserv.com
region1.google-analytics.com
secure.statcounter.com
statcounter.com
storage.multstorage.com
www.google-analytics.com
www.googletagmanager.com
accounts.google.com
mcpuwpsh.com
104.20.95.138
131.153.42.228
157.90.84.242
162.19.88.69
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:3031::6815:40a1
2606:4700:3031::6815:5d7e
2606:4700:3032::ac43:ae33
2606:4700:3036::6815:2e3a
2606:4700:3036::6815:401f
2606:4700::6812:6428
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a01:4f8:c0:33d8::1
2a06:98c1:3121::3
45.133.44.24
45.133.44.53
45.150.67.235
94.130.198.6
0751cd80ae24900ea032d3d3106d9c8a7e8ecf1249c979cdfe0fd1b2e98330d1
0d8edb03bc792f46627e013a59c54532ceaac679306398085a54780a697221f2
163f56b3b6e604ea7f6aae49c6f6069fc9626233680d09d8a1034440d93d4ac4
20deb27eef14173795d4930e2d8b9b9a0b585a987c2afbbe3b6479c937c680d8
2234c58a0bb95b21cba64e026433bdd5d0882f83b740a0f23f38ed647a674283
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
2cee3c7ce248ba3077962574ccbd913b91ef41f34f3e0b4791f07e6183c83bbf
330ef60d813e1d6369cb9c565c42a2ec066efa3fa22ddbe3227f3da2e71d79a5
39aaaed1f41fb7b087883c7f4a93d6deeec320e6a8b5f13240a7a3f0842a3ef4
3abdd6eff2b15ad1d1c80ac3366be71010f78ab5631aecb4d1b5d95ed5c38030
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4a059ea4926328e48d91cae16a2f7d34c3a8cd7248c4eaa44cb6f52ff00d1763
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5a519f0b890675b312171a8d48a245f9e0df27c75909c37a31ba0e44a6fc8bf6
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5edde8565bf470d30a2a7b3fa11cc5d937c14588204b1bf39d47f83509c4038c
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
6a11dcaa911f77ed849f680e6f1dd39894047342e9e1523a7ded4f28bbcdff30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a50e8a58f7a3c00a55e735d4467587ff1bc5bb8e3db1dd8458b4377598f7c67
81602102b12ec00707d9a7a6a924a8ea70c25a9941c043dbbcc84b37e4a7a785
86946afddace5b2f7e92ffd10bb4e6dc234f4d61a78cc6d492d0dc20b7b90552
88689e28c045dbf68f9150be416297ce91ef9cc8c9331c042d732aaa073053ce
91eab778b457ad0013d3387166caf5bc893b9b800bbb1ef99b75b6dfe8752b94
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
99fba25f2c147fa91a6ce7f70afa92b0c61fcfb2d49dbeb5453d9057e8330ae1
9ae626356762a0e7dfa3e7425883f43e0c6248f394dac2b702fed1120e401a5a
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
acaadef013a0ba59986dd277f01495e12976d8931090dce532340e46599bc76f
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98
bf1f94eadb9a1754816775014c35b2ef4a36320b337900ea3226241f8598dcec
c6e441a36f5b5d2ebd78587e8508368084c03727205a05aac257e562b3604656
cf5a9874730b748ac6c8178941088650609b6617b3dbd5f9f86ef5a86c0f18c2
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d5b3b109f4bc1b1b1c2c326e4ad30780ce6bb1cd4e38c842fb9cc082fda085ec
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7492efb50578a867bd56bb77987a4564a372705f9eba901f8834a5acf503a38
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8
ee56a1a22dd0208557415ce90d740381e58ea1432117b8ed985fb42deafdd4b3
f1e9ca7d36e1977b96f39bd1a874dd99c0a7499980f0de6d714dbb74c9316f75
f29db6ebe6591fa698177c8db7262b00e1b3364799f933bef3660de6690059b6
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e