8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

54.36.158.42:80

GET /js/rainbow/date/date_english.js HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=3d170e8a1cb15a2a584d2d22f9fda55e; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Content-Encoding: gzip
Content-Length: 1424
Connection: close
Content-Type: text/javascript;charset=UTF-8

54.36.158.42:80

GET /js/share/share_2 HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=7ec31c462c5d94ef868c484cbd86a840; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Content-Encoding: gzip
Content-Length: 118
Connection: close
Content-Type: text/plain;charset=UTF-8

54.36.158.42:80

GET /themes/style/mobileCMS/default/stevendie.css HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=d17ea9534e25dc97bd599d817c7554b8; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Content-Encoding: gzip
Content-Length: 1401
Connection: close
Content-Type: text/css;charset=UTF-8

192.99.9.229:80

GET /c.php?%20u=59636 HTTP/1.1
Host: u-on.eu
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 301 Moved Permanently
Date: Sat, 01 Jun 2024 16:28:19 GMT
Server: Apache/2.4.55 (Ubuntu)
Location: https://u-on.eu/c.php?%20u=59636
Content-Length: 313
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

141.94.172.213:80

GET /js/page_templates_simple.js HTTP/1.1
Host: xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "3d6-59774aa04e000-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 409
Connection: close
Content-Type: application/javascript

141.94.172.213:80

GET /images/forum/xtgem-forums.jpg HTTP/1.1
Host: xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "20c8-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 8392
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Connection: close
Content-Type: image/jpeg

143.244.38.136:80

GET /pop.js HTTP/1.1
Host: cdn.popcash.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: BunnyCDN-UK1-886
CDN-PullZone: 1818418
CDN-Uid: 81f0ee8a-6b19-463e-a8be-46c199377685
CDN-RequestCountryCode: GB
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
ETag: W/"663dedac-1f3df"
Expires: Sat, 15 Jun 2024 14:10:59 GMT
Last-Modified: Fri, 10 May 2024 09:49:32 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItxNmalUyQJqhKgiAtY4hVjSLwG9k5vmrA5Gvog0lDgxhJNmNp71OrDXYkzIWklEgu%2BznI00vJe9uqmON2z0r2YNx8issmjbAnS8gyUxePZQgtkyrajeXRpz6hYp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 884bf44eac4363d6-LHR
CDN-ProxyVer: 1.04
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 05/16/2024 14:10:59
CDN-EdgeStorageId: 886
CDN-Status: 200
CDN-RequestId: 464ee154f66c567209031a5f83a90dc1
CDN-Cache: HIT

54.36.158.42:80

GET /images/IndieZoneAL.hexat.com_2_38.jpg HTTP/1.1
Host: indiezoneal.hexat.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Set-Cookie: _xta_uid=6e0b25a67f877eb6c4d12754451bbe1a; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.hexat.com; httponly
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Last-Modified: Sat, 02 Nov 2013 04:01:37 GMT
ETag: "2ac8-4ea29bd47ca40"
Content-Length: 10952
Connection: close
Content-Type: image/jpeg

54.36.158.42:80

GET /xtgem_template.css?v=1400450333 HTTP/1.1
Host: indiezoneal.hexat.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=4736c2704b6d69e5bb7ab0219cb1995f; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.hexat.com; httponly
Content-Encoding: gzip
Content-Length: 3572
Connection: close
Content-Type: text/css;charset=UTF-8

54.36.158.42:80

GET /images/16131_213743151971_1579465_a_2.jpg HTTP/1.1
Host: indiezoneal.hexat.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Set-Cookie: _xta_uid=e11fe9525088c2014e36628d7ed46c2c; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.hexat.com; httponly
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Last-Modified: Sat, 02 Nov 2013 04:16:46 GMT
ETag: "17e9-4ea29f3760780"
Content-Length: 6121
Connection: close
Content-Type: image/jpeg

76.223.26.96:80

GET /c.php?u=36236 HTTP/1.1
Host: top.c-stat.eu
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket003
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_bIjI/R5HubTmT/+yo9vuRaagWuVHrt9MZgPV9bDpli+xATwOrM9X39G98ud1qEtdNKxtEdjC+AuoG8vsKJHjwQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: english
Accept-CH: viewport-width
Accept-CH: dpr
Accept-CH: device-memory
Accept-CH: rtt
Accept-CH: downlink
Accept-CH: ect
Accept-CH: ua
Accept-CH: ua-full-version
Accept-CH: ua-platform
Accept-CH: ua-platform-version
Accept-CH: ua-arch
Accept-CH: ua-model
Accept-CH: ua-mobile
Accept-CH-Lifetime: 30
X-Domain: c-stat.eu
X-Subdomain: top
Content-Encoding: gzip

103.224.212.216:80

GET /?uid=2437&sid=3035 HTTP/1.1
Host: show.adsgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 302 Found
date: Sat, 01 Jun 2024 16:28:19 GMT
server: Apache
set-cookie: __tad=1717259299.2818299; expires=Tue, 30-May-2034 16:28:19 GMT; Max-Age=315360000
location: http://ww25.show.adsgem.com/?uid=2437&sid=3035&subid1=20240602-0228-19fe-8eb7-4d7cfafd8a33
content-length: 2
content-type: text/html; charset=UTF-8
connection: close

8.8.8.8:53

8.8.8.8:53

54.36.158.42:80

GET /themes/style/mobileCMS/default/copy.gif HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://stevendie.xtgem.com/themes/style/mobileCMS/default/stevendie.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Set-Cookie: _xta_uid=1b53d24edddfa90eb4e678178970c013; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Content-Length: 159
Connection: close
Content-Type: image/gif

8.8.8.8:53

141.94.172.213:80

GET /tp.gif HTTP/1.1
Host: cif.images.xtstatic.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
Connection: close
Content-Type: image/gif

192.99.9.229:443

GET /c.php?%20u=59636 HTTP/1.1
Host: u-on.eu
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Server: Apache/2.4.55 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 1381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

141.94.172.213:80

GET /tp.gif HTTP/1.1
Host: disif.images.xtstatic.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "2a-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 42
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
Connection: close
Content-Type: image/gif

103.224.212.216:80

HTTP/1.1 408 Request Time-out
content-length: 110
cache-control: no-cache
content-type: text/html
connection: close

91.228.74.200:80

GET /quant.js HTTP/1.1
Host: edge.quantserve.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, max-age=604800
Content-Encoding: gzip
Etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
Expires: Sat, 08 Jun 2024 16:28:19 GMT
Vary: Accept-Encoding

51.38.158.31:80

GET /archive/css/bluesky/style.css HTTP/1.1
Host: kisni.wen.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sat, 01 Jun 2024 16:28:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5deaadbf-34f"
Content-Encoding: gzip

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

199.59.243.225:80

GET /?uid=2437&sid=3035&subid1=20240602-0228-19fe-8eb7-4d7cfafd8a33 HTTP/1.1
Host: ww25.show.adsgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
date: Sat, 01 Jun 2024 16:28:18 GMT
content-type: text/html; charset=utf-8
content-length: 1254
x-request-id: 18e8a966-a9ed-4a02-8623-db9552428722
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XLrOpYFq47S43C7uDuj+xjoLxOCUo3HO0exSS4iq9vYNJcTut/EaJTrsMP2tkEbsbkOC28M+MFHgT+434vBrwQ==
set-cookie: parking_session=18e8a966-a9ed-4a02-8623-db9552428722; expires=Sat, 01 Jun 2024 16:43:19 GMT; path=/

54.36.158.42:80

GET /js/Share/share_2 HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Intervention: <https://permanently-removed.invalid/feature/5718547946799104>; level="warning"
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Vary: Host,Accept-Encoding
Set-Cookie: _xta_uid=6b457a978669d80c0e01301f3fd12ab4; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Content-Encoding: gzip
Content-Length: 211
Connection: close
Content-Type: text/plain;charset=UTF-8

8.8.8.8:53

51.38.158.31:80

GET /archive/css/bluesky/style.css HTTP/1.1
Host: kisni.wen.ru
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 404 Not Found
Server: nginx/1.18.0
Date: Sat, 01 Jun 2024 16:28:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5deaadbf-34f"
Content-Encoding: gzip

54.36.158.42:80

GET /themes/style/mobileCMS/default/main.gif HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://stevendie.xtgem.com/themes/style/mobileCMS/default/stevendie.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Set-Cookie: _xta_uid=8c5356e5df2fde06359bbdce9a2b5086; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Content-Length: 99
Connection: close
Content-Type: image/gif

54.36.158.42:80

GET /themes/style/mobileCMS/default/adv.gif HTTP/1.1
Host: stevendie.xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://stevendie.xtgem.com/themes/style/mobileCMS/default/stevendie.css
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:19 GMT
Set-Cookie: _xta_uid=983e1784d27646af64ec1897ab8c403b; expires=Mon, 01-Jun-2026 16:28:19 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:19 GMT
X-Ngz: 1
Content-Length: 152
Connection: close
Content-Type: image/gif

8.8.8.8:53

54.89.53.59:443

GET /znWaa3gu HTTP/2.0
host: dcba.popcash.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 204
date: Sat, 01 Jun 2024 16:28:20 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache

141.94.172.213:80

GET /__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9pbmRpZXpvbmVhbC5oZXhhdC5jb21cL3NpbHZlciBiYW5kIiwibG9nZ2VkX2luIjpmYWxzZSwiZG9tYWluIjoiaW5kaWV6b25lYWwuaGV4YXQuY29tIiwicG9zaXRpb24iOnsiYWJzb2x1dGUiOiJmaXhlZCJ9fQ== HTTP/1.1
Host: xtgem.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: session=w5~kcdeeuug76q4maqmju7pgmri90; expires=Sun, 02-Jun-2024 16:28:20 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly
Set-Cookie: __template=web; expires=Mon, 01-Jul-2024 16:28:20 GMT; Max-Age=2592000; path=/
Set-Cookie: __lang=us; expires=Mon, 01-Jul-2024 16:28:20 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2783
Connection: close
Content-Type: text/html; charset=UTF-8

141.94.172.213:80

GET /template_images/PaperWork/content_bg.png HTTP/1.1
Host: xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://indiezoneal.hexat.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:20 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "24d-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 589
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:20 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png

141.94.172.213:80

GET /images/close2.png?v=0.01 HTTP/1.1
Host: xtgem.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

HTTP/1.1 200 OK
Date: Sat, 01 Jun 2024 16:28:20 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Accept-Ranges: bytes
Content-Length: 564
Cache-Control: max-age=2592000
Expires: Mon, 01 Jul 2024 16:28:20 GMT
X-Ngz: 1
Connection: close
Content-Type: image/png

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

91.228.74.200:443

GET /pixel;r=1380286539;rf=1;a=p-0cfM8Oh7M9bVQ;url=file%3A%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2F8b0b77b992862f5e3c9e1bf3482fbd18_JaffaCakes118.html;uht=2;fpan=1;fpa=P0-61837831-1717259298453;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=;dst=0;et=1717259320804;tzo=0;ogl=;ses=81d86829-0d04-4d66-8640-d5d326e16144;mdl= HTTP/2.0
host: pixel.quantserve.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Sat, 01 Jun 2024 16:28:41 GMT
content-type: image/gif
content-length: 35
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=665b4c39-d3e47-2e77c-b43cd; expires=Wed, 02-Jul-2025 16:28:41 GMT; path=/; domain=.quantserve.com; SameSite=None; Secure
strict-transport-security: max-age=86400

91.228.74.166:443

POST /tag/error HTTP/2.0
host: pixel.quantcount.com
content-length: 401
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: null
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

HTTP/2.0 200
date: Sat, 01 Jun 2024 16:28:41 GMT
content-length: 0
access-control-allow-headers: Accept, Accept-Language, Content-Type, Content-Language
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

204.79.197.200:443

GET /th?id=OADD2.10239360313429_1X5GXWWD8KTODKAD6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 394521
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2BC5E36E80D7418C8B094EA18C41DDF2 Ref B: LON04EDGE0615 Ref C: 2024-06-01T16:30:00Z
date: Sat, 01 Jun 2024 16:29:59 GMT

204.79.197.200:443

GET /th?id=OADD2.10239360313430_12K7UVO7ZVIINTRIE&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

HTTP/2.0 200
cache-control: public, max-age=2592000
content-length: 442324
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5894C60F7717438AAF7B67DA69BB78F4 Ref B: LON04EDGE0615 Ref C: 2024-06-01T16:30:00Z
date: Sat, 01 Jun 2024 16:29:59 GMT