tsumanne.net Open in urlscan Pro
133.242.180.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tsumanne.net/
Submission: On April 17 via api (April 17th 2025, 9:20:02 am UTC) from JP — Scanned from JP

Summary HTTP 69 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 12 domains to perform 69 HTTP transactions. The main IP is 133.242.180.111, located in Japan and belongs to SAKURA-A SAKURA Internet Inc., JP. The main domain is tsumanne.net.
TLS certificate: Issued by R11 on February 26th 2025. Valid for: 3 months.

This is the only time tsumanne.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	133.242.180.111 133.242.180.111	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
5	172.67.182.211 172.67.182.211	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	153.127.8.252 153.127.8.252	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1	2600:9000:21e... 2600:9000:21ee:5e00:1f:2964:4340:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:2352:1a00:18:7a63:da40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:140b:1a0... 2600:140b:1a00:23::173f:e91c	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2404:6800:400... 2404:6800:400a:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2406:da18:b3d... 2406:da18:b3d:e201::65	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:26e... 2600:9000:26ef:6c00:1f:5b22:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.238.159.196 54.238.159.196	16509 (AMAZON-02) (AMAZON-02)
1	3.166.244.86 3.166.244.86	16509 (AMAZON-02) (AMAZON-02)
6	172.64.147.206 172.64.147.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.249.130.85 54.249.130.85	16509 (AMAZON-02) (AMAZON-02)
6	104.17.223.114 104.17.223.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.199.77.85 54.199.77.85	16509 (AMAZON-02) (AMAZON-02)
2	18.65.207.82 18.65.207.82	16509 (AMAZON-02) (AMAZON-02)
24	2a03:90c0:999... 2a03:90c0:9995::9995	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
1	185.98.55.81 185.98.55.81	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
69	21

6 133.242.180.111 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: tsumanne.net

tsumanne.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.182.211 (United States)

ASN13335 (CLOUDFLARENET, US)

creative.rmhfrtnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 153.127.8.252 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: sakura4.zoyo.info

cwn.tsumanne.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ee:5e00:1f:2964:4340:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-adedge.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2352:1a00:18:7a63:da40:93a1 (United States)

ASN16509 (AMAZON-02, US)

imp-bidapi.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:1a00:23::173f:e91c (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80e::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:da18:b3d:e201::65 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

creative-klepon-3f0ecb.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
effulgent-stroopwafel-efb9ce.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26ef:6c00:1f:5b22:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

spnativeapi-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.238.159.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-159-196.ap-northeast-1.compute.amazonaws.com

ssp-sync.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.166.244.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-86.nrt20.r.cloudfront.net

j.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.147.206 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

go.rmhfrtnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.249.130.85 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-130-85.ap-northeast-1.compute.amazonaws.com

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.223.114 (None, )

ASN13335 (CLOUDFLARENET, US)

img.doppiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.199.77.85 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-77-85.ap-northeast-1.compute.amazonaws.com

k.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.207.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-82.nrt57.r.cloudfront.net

static.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a03:90c0:9995::9995 (Singapore)

ASN199524 (GCORE G-Core Labs S.A., LU)

edge-hls.sagcoreedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media-hls.sagcoreedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.98.55.81 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

strip.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	sagcoreedge.com edge-hls.sagcoreedge.com — Cisco Umbrella Rank: 42104 media-hls.sagcoreedge.com — Cisco Umbrella Rank: 42194	2 MB
11	rmhfrtnd.com creative.rmhfrtnd.com — Cisco Umbrella Rank: 56606 go.rmhfrtnd.com — Cisco Umbrella Rank: 34590	192 KB
7	tsumanne.net tsumanne.net cwn.tsumanne.net	11 KB
6	doppiocdn.com img.doppiocdn.com — Cisco Umbrella Rank: 8846	92 KB
5	i-mobile.co.jp imp-adedge.i-mobile.co.jp — Cisco Umbrella Rank: 138102 imp-bidapi.i-mobile.co.jp — Cisco Umbrella Rank: 134792 spnativeapi-tls.i-mobile.co.jp — Cisco Umbrella Rank: 137704 ssp-sync.i-mobile.co.jp — Cisco Umbrella Rank: 132824	34 KB
3	zimg.jp j.zucks.net.zimg.jp — Cisco Umbrella Rank: 163882 static.zucks.net.zimg.jp — Cisco Umbrella Rank: 437489	40 KB
3	netlify.app 1 redirects creative-klepon-3f0ecb.netlify.app effulgent-stroopwafel-efb9ce.netlify.app	3 KB
2	zucks.net sh.zucks.net — Cisco Umbrella Rank: 195985 k.zucks.net — Cisco Umbrella Rank: 200489	3 KB
2	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 9649 audiencedata.im-apps.net — Cisco Umbrella Rank: 35260	3 KB
1	strip.chat strip.chat — Cisco Umbrella Rank: 60619	276 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 48
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	120 KB
69	12

	Domain	Requested by
21	media-hls.sagcoreedge.com	creative.rmhfrtnd.com
6	img.doppiocdn.com
6	go.rmhfrtnd.com	creative.rmhfrtnd.com
6	tsumanne.net	tsumanne.net
5	creative.rmhfrtnd.com	tsumanne.net creative.rmhfrtnd.com
3	edge-hls.sagcoreedge.com	creative.rmhfrtnd.com
2	static.zucks.net.zimg.jp
2	effulgent-stroopwafel-efb9ce.netlify.app	1 redirects cwn.tsumanne.net
2	spnativeapi-tls.i-mobile.co.jp	imp-adedge.i-mobile.co.jp
1	strip.chat	creative.rmhfrtnd.com
1	k.zucks.net	j.zucks.net.zimg.jp
1	sh.zucks.net	j.zucks.net.zimg.jp
1	j.zucks.net.zimg.jp	effulgent-stroopwafel-efb9ce.netlify.app
1	ssp-sync.i-mobile.co.jp	tsumanne.net
1	creative-klepon-3f0ecb.netlify.app	cwn.tsumanne.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	www.google-analytics.com	www.googletagmanager.com
1	dmp.im-apps.net	imp-adedge.i-mobile.co.jp
1	imp-bidapi.i-mobile.co.jp	imp-adedge.i-mobile.co.jp
1	imp-adedge.i-mobile.co.jp	tsumanne.net
1	cwn.tsumanne.net	tsumanne.net
1	www.googletagmanager.com	tsumanne.net
69	22

This site contains no links.

Subject Issuer	Validity	Valid
tsumanne.net R11	`2025-02-26` - `2025-05-27`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
rmhfrtnd.com WE1	`2025-03-14` - `2025-06-12`	3 months	crt.sh
cwn.tsumanne.net E5	`2025-03-27` - `2025-06-25`	3 months	crt.sh
*.i-mobile.co.jp Amazon RSA 2048 M03	`2025-03-18` - `2026-04-16`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2025-01-10` - `2026-01-10`	a year	crt.sh
audiencedata.im-apps.net WR3	`2025-03-21` - `2025-06-19`	3 months	crt.sh
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-01-31` - `2026-03-03`	a year	crt.sh
j.zucks.net.zimg.jp Amazon RSA 2048 M02	`2024-08-29` - `2025-09-27`	a year	crt.sh
go.rmhfrtnd.com WE1	`2025-03-20` - `2025-06-18`	3 months	crt.sh
sh.zucks.net Amazon RSA 2048 M03	`2025-01-31` - `2026-03-01`	a year	crt.sh
doppiocdn.com WE1	`2025-04-07` - `2025-07-06`	3 months	crt.sh
k.zucks.net Amazon RSA 2048 M02	`2024-06-08` - `2025-07-07`	a year	crt.sh
static.zucks.net.zimg.jp Amazon RSA 2048 M03	`2024-08-29` - `2025-09-27`	a year	crt.sh
edge-hls.sagcoreedge.com E5	`2025-03-27` - `2025-06-25`	3 months	crt.sh
strip.chat E6	`2025-04-07` - `2025-07-06`	3 months	crt.sh
media-hls.sagcoreedge.com E5	`2025-02-26` - `2025-05-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://tsumanne.net/
Frame ID: 28BC06829326036F3A72F5B19340AB35
Requests: 7 HTTP requests in this frame

Frame: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659
Frame ID: 7AD0D8C7DA0B10E19D3B262A7CE64A74
Requests: 46 HTTP requests in this frame

Frame: https://tsumanne.net/imobile.php
Frame ID: CA0A3A57C5B2785329FEB4756AE036E4
Requests: 8 HTTP requests in this frame

Frame: https://cwn.tsumanne.net/ad.html
Frame ID: 7F93DE9168C9A9216EE2FF371CA98842
Requests: 3 HTTP requests in this frame

Frame: https://j.zucks.net.zimg.jp/j?f=650548
Frame ID: 4EF6CD6BEA3DE109EDC40346AB686785
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

つまんね。

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

69
Requests

93 %
HTTPS

45 %
IPv6

12
Domains

22
Subdomains

21
IPs

5
Countries

2378 kB
Transfer

3141 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://effulgent-stroopwafel-efb9ce.netlify.app/v4.js HTTP 302
https://effulgent-stroopwafel-efb9ce.netlify.app/v4.11.0.js

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tsumanne.net/ 2 KB
3 KB 374ms
19ms Document
text/html 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 /

Resource Hash

a62e6471fb29bbe2222320bb9037a8cb3906c68dddf8abe9315aed1557f7bbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 2407
content-type: text/html
date: Thu, 17 Apr 2025 09:19:58 GMT
etag: "67ac9bb9-967"
last-modified: Wed, 12 Feb 2025 13:01:45 GMT
server: nginx/1.26.3
strict-transport-security: max-age=15768000; includeSubdomains
x-frame-options: SAMEORIGIN

GET
H2 200 site.css
tsumanne.net/src/ 1 KB
1 KB 23ms
19ms Stylesheet
text/css 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/src/site.css

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 /

Resource Hash

142a921aa615bec9c88942b4e99930ab1ed846aec47c4aed9f1cd8dcb8f0fd7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

strict-transport-security: max-age=15768000; includeSubdomains
etag: "5edb026c-42a"
accept-ranges: bytes
content-length: 1066
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: text/css
last-modified: Sat, 06 Jun 2020 02:41:48 GMT
server: nginx/1.26.3
x-frame-options: SAMEORIGIN

GET
H2 200 common.js Show response
tsumanne.net/src/ 4 KB
5 KB 24ms
21ms Script
application/javascript 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/src/common.js

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 /

Resource Hash

12448389a838bed353ddcfdb125676ebb7cede8141b620827b600cb2b99066b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

strict-transport-security: max-age=15768000; includeSubdomains
etag: "578e1f90-1159"
accept-ranges: bytes
content-length: 4441
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2016 12:39:44 GMT
server: nginx/1.26.3
x-frame-options: SAMEORIGIN

GET
H2 200 site.js Show response
tsumanne.net/src/ 2 B
201 B 24ms
22ms Script
application/javascript 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/src/site.js

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 /

Resource Hash

7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

strict-transport-security: max-age=15768000; includeSubdomains
etag: "578e1f93-2"
accept-ranges: bytes
content-length: 2
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2016 12:39:47 GMT
server: nginx/1.26.3
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 353 KB
120 KB 126ms
63ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDKBN0L4KF

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9b7495232451378b60bb630e8edaaa56136dda8483883d2aba8288f5f81f573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1055:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1055:0"}],}
expires: Thu, 17 Apr 2025 09:19:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1055:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1055:0
content-length: 121919
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 Universal Show response
creative.rmhfrtnd.com/widgets/v4/ Frame 7AD0 736 B
1 KB 30ms
15ms Document
text/html 172.67.182.211
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659
Requested by: Host: tsumanne.net
URL: https://tsumanne.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b7a81ba5adecb1b613cc2fa56080cf1e28ba86168743b732e6af190e7fc907

Request headers

Referer: https://tsumanne.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
age: 4
alt-svc: h3=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: HIT
cf-ray: 931ad8050fa9d748-NRT
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 17 Apr 2025 09:19:58 GMT
expires: Thu, 17 Apr 2025 09:20:04 GMT
last-modified: Tue, 15 Apr 2025 10:41:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7d6YZ84R%2BZUOLTpEXA31WIfscNOL82YZHxWPUlSn7P8gw4g1nRpE1f5YtZZqN6F8lb9KjqEgmFPWLtCAZLvyLKWb3uJpcLSJ9v%2FJ0xZe9C8fXhDlnl0idDQA6zaRnYBAaBurrEz7kGQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=2324&min_rtt=2147&rtt_var=486&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3511&delivery_rate=266822&cwnd=12000&unsent_bytes=0&cid=96fa6abd7129327f&ts=20&x=16"
vary: Accept-Encoding

GET
H2 200 imobile.php Show response
tsumanne.net/ Frame CA0A 528 B
690 B 18ms
18ms Document
text/html 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/imobile.php

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 / PHP/8.1.32

Resource Hash

2ea13e62d88904aece37186bbfdce776b3f806f864a135bd96f78f728748e501

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tsumanne.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 17 Apr 2025 09:19:58 GMT
server: nginx/1.26.3
strict-transport-security: max-age=15768000; includeSubdomains
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.32

GET
H2 200 ad.html Show response
cwn.tsumanne.net/ Frame 7F93 574 B
745 B 381ms
19ms Document
text/html 153.127.8.252
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://cwn.tsumanne.net/ad.html

Requested by

Host: tsumanne.net
URL: https://tsumanne.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

153.127.8.252 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

sakura4.zoyo.info

Software

nginx/1.26.3 /

Resource Hash

86d082d3ebc3a57680a8e6b6c6b79f1b37ef4e8f36c011aa5d197d1e7aeb9dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains

Request headers

Referer: https://tsumanne.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 574
content-type: text/html
date: Thu, 17 Apr 2025 09:19:58 GMT
etag: "66ad616b-23e"
last-modified: Fri, 02 Aug 2024 22:44:59 GMT
server: nginx/1.26.3
strict-transport-security: max-age=15768000; includeSubdomains

GET
H2 200 spot.js Show response
imp-adedge.i-mobile.co.jp/script/v1/ Frame CA0A 109 KB
32 KB 65ms
4ms Script
application/javascript 2600:9000:21ee:5e00:1f:2964:4340:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Requested by: Host: tsumanne.net
URL: https://tsumanne.net/imobile.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ee:5e00:1f:2964:4340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ba750b94a813970e501e7695b3faad012fd518b16ea3ba5067c7dc323323df1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=1800
content-encoding: gzip
etag: W/"037a14afdb1:0"
age: 994
via: 1.1 024320cab1ac6be5046a56f19ef1d322.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: bFTlh7-_Vwu1Mkal7HAb_6Y3OcnO51w6TizPHRaA7bH0KNJXNwicEw==
date: Thu, 17 Apr 2025 09:03:25 GMT
content-type: application/javascript
last-modified: Wed, 16 Apr 2025 21:10:54 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT20-C4
x-powered-by: ASP.NET

GET
H3 200 main.373b8015ad4d7f6f07fd.css
creative.rmhfrtnd.com/widgets/v4/Universal/ Frame 7AD0 14 KB
5 KB 11ms
11ms Stylesheet
text/css 172.67.182.211
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.373b8015ad4d7f6f07fd.css
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9ec0edd8e15d15130ce42ae4f9e35046fbc1d20ab3d7dbac93d544c1abdcbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67fe3890-36a9"
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpVS5yW2JUoxAN6BdB3RwUEJxHmhKR6b4DZqqPgc1oPYnZPYxEi5Gh45OpJFT6a6YFbTSiIAYzyyLDiSkXYL1Hy3ZxeXInO7w2IQZa%2BPZd7NMZ67tr9Ru7xU0bVd%2BBdHFJItMaZZz1o%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 17 Apr 2025 09:20:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2324&min_rtt=2147&rtt_var=486&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3511&delivery_rate=266822&cwnd=12000&unsent_bytes=0&cid=96fa6abd7129327f&ts=54&x=16"
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: text/css
last-modified: Tue, 15 Apr 2025 10:44:32 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=10
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad8054fc7d748-NRT
server: cloudflare

GET
H3 200 main.9b5030f68a60b88ef910.js Show response
creative.rmhfrtnd.com/widgets/v4/Universal/ Frame 7AD0 297 KB
84 KB 738ms
737ms Script
application/javascript 172.67.182.211
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df4f9dd67a98afeeda524e4ea79eea4dbb206f54a038dafa1e9897579d796540

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659

Response headers

content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"67fe3890-4a5db"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhfB5G66mVnUiUhtTPhqScYNOYPFh5Tu0oX6Yrcd%2BVWg1Ad0emDn06miuqf0MQQJ3vkL8zLH5lCpkqkd%2FzlJo7uzBG%2F0N8Whec62IIcsScpAsHWv%2FJ4CT%2BexUUG%2FC%2FFY036KY4ST3KU%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 17 Apr 2025 09:20:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2324&min_rtt=2147&rtt_var=486&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3511&delivery_rate=266822&cwnd=12000&unsent_bytes=0&cid=96fa6abd7129327f&ts=781&x=16"
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Apr 2025 10:44:32 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=10
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad8054fc8d748-NRT
server: cloudflare

GET
H2 200 spot.ashx Show response
imp-bidapi.i-mobile.co.jp/api/v1/ Frame CA0A 484 B
923 B 60ms
8ms XHR
text/javascript 2600:9000:2352:1a00:18:7a63:da40:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://imp-bidapi.i-mobile.co.jp/api/v1/spot.ashx?ver=1.2.39&type=banner&url=https://tsumanne.net/imobile.php&direct=0&fif=1&sf=0&cof=0&dfp=0&amp=0&sp=0&ios=0&pid=35567&mid=545286&asid=1781353&spec=0&nemu=0
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2352:1a00:18:7a63:da40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89ce8bc7acfcb649df2d6d7f0aa06ebe4b6241e08e54cf85aa96c3e8172f6a8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

x-amz-cf-id: B_eCmWtozx5TSVR3TNTeXa8Tz1B6uGduLPIkZKbubRYRlXwkdPXQMA==
cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 0d9c3a04ccebd3e629c5b22a32b50694.cloudfront.net (CloudFront)
expires: -1
access-control-allow-origin: https://tsumanne.net
x-cache: Miss from cloudfront
content-length: 484
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
date: Thu, 17 Apr 2025 09:19:57 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT57-P4

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame CA0A 7 KB
3 KB 54ms
4ms Script
application/javascript 2600:140b:1a00:23::173f:e91c
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1a00:23::173f:e91c Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: db3ae6ff73fea8460f224a488eee66454435d68b2d8d02bcc0adcf7696645ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

x-amz-replication-status: COMPLETED
cache-control: max-age=10800
content-encoding: gzip
etag: "4b1c4bdb22699af828f7e87a97a75eef"
x-amz-version-id: GN0oOyMAQCREmQzkynYHexmbDUQdEVgx
expires: Thu, 17 Apr 2025 12:19:58 GMT
accept-ranges: bytes
content-length: 2738
p3p: CP="NOI PSD OTR"
date: Thu, 17 Apr 2025 09:19:58 GMT
last-modified: Fri, 07 Feb 2025 09:28:46 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 115ms
44ms Fetch
text/plain 2404:6800:400a:80e::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZDKBN0L4KF&gtm=45je54f1v893025870za200&_p=1744881598230&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509156~102509682~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950~103106314~103106316&cid=1841944549.1744881599&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1744881598&sct=1&seg=0&dl=https%3A%2F%2Ftsumanne.net%2F&dt=%E3%81%A4%E3%81%BE%E3%82%93%E3%81%AD%E3%80%82&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=803
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDKBN0L4KF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://tsumanne.net
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame CA0A 28 B
189 B 93ms
10ms XHR
application/json 2600:1901:0:e207::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1012275&vid=01JS1GRG3PBXQAZ154PSAKKYHE
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 5e414aefaf7db579d7c40ee4687e917078a79f4c4595250ac6a18eafd4590bb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

via: 1.1 google
access-control-allow-origin: https://tsumanne.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 chawan.js Show response
creative-klepon-3f0ecb.netlify.app/ Frame 7F93 3 KB
1 KB 228ms
71ms Script
application/javascript 2406:da18:b3d:e201::65
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://creative-klepon-3f0ecb.netlify.app/chawan.js

Requested by

Host: cwn.tsumanne.net
URL: https://cwn.tsumanne.net/ad.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:da18:b3d:e201::65 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a11675d953ea270697154dc0343acf41b63bf1115f3722e9aed229508239dc78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public,max-age=0,must-revalidate
content-encoding: br
etag: "e984cecb7b37e58d18cb1ea4429eefae-ssl-df"
age: 4561
accept-ranges: bytes
content-length: 776
x-nf-request-id: 01JS1GRGBBQGNF0RMS7CNBN37Z
cache-status: "Netlify Edge"; hit
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Netlify

GET
H2 200 ad_spot.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ Frame CA0A 106 B
400 B 123ms
9ms Script
text/javascript 2600:9000:26ef:6c00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_spot.ashx?partnerId=35567&mediaId=545286&spotId=1781353&asn=1&num=7&callback=imobile_jsonp_callback_806f44c85830&tagv=1.2.39&imuid=h.71624055f8248d4a
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:6c00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9f55d7daca124ec298d199af6d6eb3dbf7a71351fe6dee9f16d07363b6583d93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

cache-control: private
via: 1.1 ff1640d1df527a59c91dfb5d669dd814.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 106
x-amz-cf-id: 7RbY_pX3qOB07s2ujAlV_8azsdmCX95vMf347LKIN6_H5ly43pP2Lw==
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/8.5
x-amz-cf-pop: NRT12-P4

GET
H2 200 ad_spot.ashx Show response
spnativeapi-tls.i-mobile.co.jp/api/ Frame CA0A 106 B
399 B 23ms
23ms Script
text/javascript 2600:9000:26ef:6c00:1f:5b22:6e00:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://spnativeapi-tls.i-mobile.co.jp/api/ad_spot.ashx?partnerId=35567&mediaId=545286&spotId=1781353&asn=2&num=7&callback=imobile_jsonp_callback_6a0779a5c71b&tagv=1.2.39&imuid=h.71624055f8248d4a
Requested by: Host: imp-adedge.i-mobile.co.jp
URL: https://imp-adedge.i-mobile.co.jp/script/v1/spot.js?20220104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26ef:6c00:1f:5b22:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5e8bc74bae86c5e3f39de225e2d2d21c59a8bf45c72ef495f6ece776ae81605

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

cache-control: private
via: 1.1 ff1640d1df527a59c91dfb5d669dd814.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 106
x-amz-cf-id: 4R3FbcmrYssYOYG6K97dx7_VYbPqBXQsmGpJ7QysWX0WJkEyubaRFg==
date: Thu, 17 Apr 2025 09:19:57 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT12-P4

GET
H/1.1 200
OK log.ashx
ssp-sync.i-mobile.co.jp/api/v1/ Frame CA0A 631 B
932 B 102ms
5ms Image
image/jpeg 54.238.159.196
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://ssp-sync.i-mobile.co.jp/api/v1/log.ashx?asid=1781353&msg=i_mobile_err_no_ad&type=1&id=1
Requested by: Host: tsumanne.net
URL: https://tsumanne.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.159.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-159-196.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: -1
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Length: 631
Date: Thu, 17 Apr 2025 09:19:58 GMT
Content-Type: image/jpeg
X-Powered-By: ASP.NET
Server: Microsoft-IIS/10.0

GET
H2

200

v4.11.0.js Show response
effulgent-stroopwafel-efb9ce.netlify.app/ Frame 7F93
Redirect Chain

https://effulgent-stroopwafel-efb9ce.netlify.app/v4.js
https://effulgent-stroopwafel-efb9ce.netlify.app/v4.11.0.js

5 KB
2 KB

72ms
71ms

Script
application/javascript

2406:da18:b3d:e201::65
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://effulgent-stroopwafel-efb9ce.netlify.app/v4.11.0.js

Requested by

Host: cwn.tsumanne.net
URL: https://cwn.tsumanne.net/ad.html

Protocol

Server

2406:da18:b3d:e201::65 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e4169635255e5f76b2c808bc2fc17e305ba6fb5803e11b76aa00537a9e06faac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public,max-age=0,must-revalidate
content-encoding: br
etag: "8a0a004e2bfc7be8aac2d78e83d0fdf8-ssl-df"
age: 133891
accept-ranges: bytes
content-length: 1834
x-nf-request-id: 01JS1GRGG2TV87K6HHYGSD5G0V
cache-status: "Netlify Edge"; hit
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Netlify

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public,max-age=0,must-revalidate
location: /v4.11.0.js
age: 72991
content-length: 26
x-nf-request-id: 01JS1GRGDTGV526YPR635NT6X1
cache-status: "Netlify Edge"; hit
date: Thu, 17 Apr 2025 09:19:58 GMT
content-type: text/plain; charset=utf-8
server: Netlify

GET
H2 200 j Show response
j.zucks.net.zimg.jp/ Frame 4EF6 9 KB
9 KB 59ms
4ms Script
text/javascript 3.166.244.86
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://j.zucks.net.zimg.jp/j?f=650548

Requested by

Host: effulgent-stroopwafel-efb9ce.netlify.app
URL: https://effulgent-stroopwafel-efb9ce.netlify.app/v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.166.244.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-166-244-86.nrt20.r.cloudfront.net

Software

Resource Hash

1f8673593eee874e4021a750327c0b31192f0f19cd7c0c5e049ebc51a386758b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

age: 133
x-content-type-options: nosniff
via: 1.1 b5192ff233b952d600d3d2646e95643a.cloudfront.net (CloudFront)
expires: Thu, 17 Apr 2025 09:22:46 GMT
x-cache: Hit from cloudfront
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: 3FSgd1HFB46ZFOXW9_snRQsg8NUjVnqoKifrD9uKV4ptMnRxoITO9A==
date: Thu, 17 Apr 2025 09:17:46 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 17 Apr 2025 09:17:02 GMT
x-amz-cf-pop: NRT20-P6

GET
H3 200 ja.json Show response
creative.rmhfrtnd.com/widgets/v4/Universal/lang/ Frame 7AD0 248 B
965 B 16ms
16ms Fetch
application/json 172.67.182.211
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/lang/ja.json
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f760960173a74545274bb5e0fde2c318bf4ed7c423cbb806654a26420b72ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67fe37d8-f8"
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zezVkOqfoPYQzxAyl7qCgrAfKd18zDGQ91Mpy0HGQMqwOd5%2Fdw1IFmR6PfpYRnEUaKoaznIhyGizkY6kKDA5TsvlohQFV2n034zhJb7fJ0aXKo9eOUpIXz7aODvHLnwmnv6xhxUHhLE%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 17 Apr 2025 09:20:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2324&min_rtt=2147&rtt_var=486&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3511&delivery_rate=266822&cwnd=12000&unsent_bytes=0&cid=96fa6abd7129327f&ts=832&x=16"
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/json
last-modified: Tue, 15 Apr 2025 10:41:28 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=10
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad80a299ad748-NRT
server: cloudflare

GET
H3 200 config Show response
go.rmhfrtnd.com/ Frame 7AD0 7 KB
2 KB 51ms
33ms Fetch
application/json 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.rmhfrtnd.com/config?url=https%3A%2F%2Fcreative.rmhfrtnd.com%2Fwidgets%2Fv4%2FUniversal%3Fautoplay%3Dall%26quality%3D240p%26autoplayForce%3D1%26gridRows%3D3%26gridColumns%3D2%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26campaignId%3Diframe_def%26sourceId%3Dtsumanne%26tag%3Dgirls%252Fjapanese%26userId%3D58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c1dc2f84895ef81b8ac5c0a669c6146578b86651d16fdcaeca5846934eb3e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

server: cloudflare
content-encoding: gzip
cf-cache-status: HIT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
age: 423
cf-ray: 931ad80a3c367372-NRT
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/json
last-modified: Thu, 17 Apr 2025 09:12:56 GMT
vary: Accept-Encoding
priority: u=1,i

GET
H/1.1 200 v1 Show response
sh.zucks.net/opt/multi/json/api/ Frame 4EF6 7 KB
3 KB 258ms
9ms XHR
application/json 54.249.130.85
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://sh.zucks.net/opt/multi/json/api/v1?f=650548&rnd=436333126&sw=1600&sh=1200&touch=0&num=5&ref=https%3A%2F%2Fcwn.tsumanne.net%2Fad.html&chm=&chpv=

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=650548

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.249.130.85 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-249-130-85.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

7486a436bf8ac7a8ddc5f079217e8218e1381c08f816ea3fe1f373351cb5db64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Content-Encoding: gzip
pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: https://cwn.tsumanne.net
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length: 1676
Date: Thu, 17 Apr 2025 09:19:58 GMT
Content-Type: application/json;charset=UTF-8
Last-Modified: Thu, 17 Apr 2025 09:19:59 GMT
vary: accept-encoding

GET
H2 200 favicon.ico
tsumanne.net/ 1 KB
2 KB 19ms
19ms Other
image/x-icon 133.242.180.111
SAKURA-A SAKURA I...

General

Check archive.org

Download Go to

Full URL

https://tsumanne.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

133.242.180.111 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),

Reverse DNS

tsumanne.net

Software

nginx/1.26.3 /

Resource Hash

2f9fbe57fcfb9812d9f355a3a2bf113ec68f8f9d94b99c87d71f5e33d69fb30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://tsumanne.net/

Response headers

strict-transport-security: max-age=15768000; includeSubdomains
etag: "578e1f57-57e"
accept-ranges: bytes
content-length: 1406
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/x-icon
last-modified: Tue, 19 Jul 2016 12:38:47 GMT
server: nginx/1.26.3
x-frame-options: SAMEORIGIN

GET
H3 200 models Show response
go.rmhfrtnd.com/api/ Frame 7AD0 10 KB
2 KB 47ms
46ms Fetch
application/json 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.rmhfrtnd.com/api/models?landing=WidgetV4Universal&quality=240p&tag=girls%2Fjapanese&sortBy=topScore&stripcashR=0&forceClient=0&modelPromotion=0&limit=6
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45dc3b38891d953ff1f319d631251e751d2a06564f914af6db1a8b8d17e02d8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

server: cloudflare
content-encoding: gzip
cf-cache-status: HIT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
age: 9
access-control-allow-credentials: true
cf-ray: 931ad80a8d8c6836-NRT
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
last-modified: Thu, 17 Apr 2025 09:19:50 GMT
content-type: application/json
vary: Origin, Accept-Encoding
priority: u=1,i

GET
H3 200 160176295_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 21 KB
21 KB 24ms
12ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/160176295_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cee0080641c5965e29868ce159820fff745f66cfb2ff942dd81a0bf8db66c67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "1017e70f1e54302c77a891d1bed8b930"
age: 56
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:18:23 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae835d74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21690
server: cloudflare

GET
H3 200 187618170_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 23 KB
23 KB 25ms
14ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/187618170_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306f222ae07726d68f0755e730bb6c5975a0f6ee637695b50416f3f3e9ac3c88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "7739375c3f460bed9a478f539cf27916"
age: 59
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:18:01 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae831d74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23048
server: cloudflare

GET
H3 200 153986136_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 10 KB
10 KB 26ms
15ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/153986136_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf9c0bb6f927a22d61c957bea02263392626bb7d073a12d1c8018128ee706eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "19c2872bbcd1719fc23c554711797e42"
age: 57
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:17:57 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae838d74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10214
server: cloudflare

GET
H3 200 187750529_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 19 KB
19 KB 25ms
14ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/187750529_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dc9acaf49c204151700d3027d69e78b9344eb1ad0ea623553481f4448f58da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "489503f2e04e4299ead0d984a83c5c63"
age: 48
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:18:14 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae839d74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19188
server: cloudflare

GET
H3 200 163615186_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 10 KB
11 KB 28ms
17ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/163615186_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e1880b7763bdb03d93ad6e8a6623fcf6914e415bfdfcc744e23e770f6bac1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "cf342b31cf0a42b494238dc0208d1835"
age: 58
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:18:41 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae83cd74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10512
server: cloudflare

GET
H3 200 195042126_webp
img.doppiocdn.com/thumbs/1744881540/ Frame 7AD0 8 KB
8 KB 28ms
17ms Image
image/webp 104.17.223.114
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img.doppiocdn.com/thumbs/1744881540/195042126_webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.223.114 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc996cfa4dfbee4fbb85a6005bc5247d7b7e8794c5134c94b6706ce8c29b47bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: HIT
etag: "9df5c632115aa33421f2160b77d8acff"
age: 51
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/webp
last-modified: Thu, 17 Apr 2025 09:18:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=1800, s-maxage=1800
cf-ray: 931ad80ae83fd74c-NRT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8404
server: cloudflare

GET
H3 200 abc.gif
go.rmhfrtnd.com/ Frame 7AD0 103 B
103 B 270ms
269ms Image
image/gif 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://go.rmhfrtnd.com/abc.gif?quality=240p&campaignId=iframe_def&sourceId=tsumanne&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659&thumbSizeKey=big&language=en&thumbFit=cover&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=hls-oldAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Ftsumanne.net%2F&i=0&abTest=widgetv4universal_sort030425&abTestVariant=widgetv4universal_sort030425_topScore_1&seenAbTest=0&seenDomain=0&seenLanding=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A831.2000007629395%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A56%2C%22duration%22%3A13.10000228881836%2C%22transferSize%22%3A5011%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A56.29999923706055%2C%22duration%22%3A749.1000022888184%2C%22transferSize%22%3A85045%7D%5D&mh=496787491
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad80ace3f6836-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 103
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: image/gif
server: cloudflare
priority: u=3,i

POST
H3 200 get-check Show response
go.rmhfrtnd.com/app/domain-checker/ Frame 7AD0 193 B
456 B 286ms
286ms Fetch
application/json 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.rmhfrtnd.com/app/domain-checker/get-check
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8a1a3c9077f968629745b06fde1c675604dadd01f3cb976351cef096c3f4a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad80b1d6f7372-NRT
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/json
vary: accept-encoding
server: cloudflare
priority: u=1,i

GET
H/1.1 200
OK / Show response
k.zucks.net/i/ Frame 4EF6 2 B
745 B 259ms
6ms XHR
application/json 54.199.77.85
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://k.zucks.net/i/?k=ZGOK&p=erdQYo0ZqzaNxvDl2iAriFHAogxC_URMTLodtUdyD5aJcfRmUNxR1if93KgPssvqcnDgy7dyJ3fzl4Ypwa6M2FZTdiUdUF4LxU-pzaEqn3-gPIdncz2CgRjJfs4KmXdeGOMJ-1RmdelSMuYGUjzu-dGQZaIwelEsOnuK7fbuuZ_DjNmjWdnhiIQsMxljHfJKyss9Xf0OPjsu7Kn9oQsRYq969XAlNOL0RFjePHDSIpGQnYscvKtb_QFfk04mUx32H8qIZ4spsBCEATXAhgogXZlzlWZEsvSi1KSTAhT63U3s8ixmM2g3sDVpXO24yGiE615arMhyyHm9pLOe0IZQLQjIgkZxY0BcFHuWzxbGG0O9ZbM9htOdroyOJhIbsMvWyzLsbt-ok8jmjSNyf9cJUJsX3MEfAU5LanFzXNFUgcMhTpvZNr2si9dIHHhcTdX6PPGEi3digx-l4huDY5Zd8cBvoWYSN5sL-ZayA0eF6Yxe-PnzO5mmdTmVVIOqj_LhPRpMNasQwAi9ukeqUWQvXJSLBfZIAFgo6OnA4eZOV7e2-w8i1-T2IIrql_r1HgA2HUw11JCfKJbQ1e2r2Wd0Ic16owTHq4d9uuB0ly3-AnHPyo3pMaLUan0gCAMWRiUH1V7qbAMExfMkVcWblDLMrKxHNsQ7INN8YFTp7_AkxfRf7mTGE-CIxxsfIhJ5G76uSEn_0CkfT4HDFiQbj01XI0lujJRXuyIRAk3sZV-chFZYbtdM6i_kmEK1DIleP0LJBNUeDEZw5AAaWFQCTsIFHM6frvyj_pcoJLde3T4mcKfjRSIfAcemoFIleBcKOqRZIjtVj8niH-pS3X7HBExlxathIkBNRWvn5cLUWaXd5QE&v=DBy2MMSQfLs&l=261&loc=https%3A%2F%2Fcwn.tsumanne.net%2Fad.html

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=650548

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.199.77.85 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-199-77-85.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

Cache-Control: no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
X-Content-Type-Options: nosniff
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: https://cwn.tsumanne.net
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Content-Length: 2
Date: Thu, 17 Apr 2025 09:19:59 GMT
Content-Type: application/json
Last-Modified: Thu, 17 Apr 2025 09:19:59 GMT
Server: nginx
Access-Control-Allow-Headers: Content-Type

GET
H2 200 141510_phpKPGUZ7.jpeg
static.zucks.net.zimg.jp/image/2025/02/28/c/ Frame 4EF6 29 KB
29 KB 19ms
4ms Image
image/jpeg 18.65.207.82
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://static.zucks.net.zimg.jp/image/2025/02/28/c/141510_phpKPGUZ7.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.207.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-207-82.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af52f91cd6753436e468178cabf8102074f0606efeea5940249ae84f5c6d4447

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

etag: "9b4b62a651137dbfd384a4e4a45d50c3"
age: 65895
via: 1.1 3a5ac2971e7e1eb790d725ac21a23916.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 29724
x-amz-cf-id: 7fqm84pJRDspPfnkI3bJ7QYfO3ddkbDc-h6pg43MP89AvcBCyWhZrw==
date: Wed, 16 Apr 2025 15:01:45 GMT
content-type: image/jpeg
last-modified: Fri, 28 Feb 2025 05:15:36 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P3
x-amz-server-side-encryption: AES256

GET
H2 200 ads_by.png
static.zucks.net.zimg.jp/i/ Frame 4EF6 1 KB
2 KB 18ms
3ms Image
image/png 18.65.207.82
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://static.zucks.net.zimg.jp/i/ads_by.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.207.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-207-82.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c75afb1edca3a8ead417c6711dc18f4d402662f3d9c1331d35d15740f95aaa74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cwn.tsumanne.net/

Response headers

etag: "d435d1a99829d07db3b931c570261487"
age: 33969
via: 1.1 3a5ac2971e7e1eb790d725ac21a23916.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1231
x-amz-cf-id: JxiIzo5TJ_rHfr_Z7NItOmHeyx0rAWgsufVtFlKABwfgNSjezApyRQ==
date: Wed, 16 Apr 2025 23:53:51 GMT
content-type: image/png
last-modified: Mon, 07 Dec 2020 06:00:10 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P3
vary: accept-encoding

GET
H3 200 hls.3464915cb8527cb22716.js Show response
creative.rmhfrtnd.com/widgets/v4/Universal/ Frame 7AD0 289 KB
92 KB 12ms
11ms Script
application/javascript 172.67.182.211
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c76e369865800ae8a3eb71cfd46d643f9650c1497dfecc4415bc110aa7e581a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/widgets/v4/Universal?autoplay=all&quality=240p&autoplayForce=1&gridRows=3&gridColumns=2&responsive=0&hideButton=1&hideTitle=1&campaignId=iframe_def&sourceId=tsumanne&tag=girls%2Fjapanese&userId=58f52f9c7dd1dd95399aaa74875f2f1eaa5292a4a48a895a87a53dc84ba47659

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"67fe3890-4829a"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1aDhAws6520IFUOYsLQzyMQN1FX7xlRqBaLiZyRXmoaozVwhpYco7GHWoijcvhchjW5Ibz3OPDkTZxhyijmQuoBxqn2JisnOjSiqQ4N1zAlhkUWl4uTYJynKLMhFiwcNW2mfD%2BGABg%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 17 Apr 2025 09:20:08 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2324&min_rtt=2147&rtt_var=486&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3645&recv_bytes=3511&delivery_rate=266822&cwnd=12000&unsent_bytes=0&cid=96fa6abd7129327f&ts=1239&x=16"
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Apr 2025 10:44:32 GMT
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=10
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad80cb9fed748-NRT
server: cloudflare

GET
H2 200 160176295_240p.m3u8 Show response
edge-hls.sagcoreedge.com/hls/160176295/master/ Frame 7AD0 234 B
630 B 66ms
4ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://edge-hls.sagcoreedge.com/hls/160176295/master/160176295_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f55abf02de3c9ac0fc7213a7e4c6da706b29437ad288f0f432dd9ef1a7fd5a6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-1e974f7485741e173c77aa51409d28a1-e1277da83cf16681-01
x-id-shield: am3-hw-edge-gc30
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:52 GMT
access-control-allow-headers: *
cache-control: public, max-age=0, s-maxage=3, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc25
access-control-allow-origin: *
x-proxy-cache-orig: EXPIRED
x-cached-since: 2025-04-17T09:19:58+00:00
server: nginx

GET
H2 200 checkUrl Show response
strip.chat/ Frame 7AD0 15 B
276 B 776ms
254ms Fetch
application/json 185.98.55.81
ADVANCEDHOSTERS-A...

General

Check archive.org

Download Go to

Full URL

https://strip.chat/checkUrl

Requested by

Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.98.55.81 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),

Reverse DNS

Software

Resource Hash

e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=2592000
content-length: 15
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: application/json

GET
H2 200 160176295_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 762 B
774 B 29ms
9ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d423a53a72c4d5a8d7bdec7265da4ce431f819df59bdf04fa9172141130b0047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-ebc975e1e917d9abc24bb45d334234c5-c97fb78ba20474e5-01
x-id-shield: am3-hw-edge-gc32
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:55 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:19:58+00:00
server: nginx

GET
H2 200 160176295_240p_init_isEqw3CzrrfgmEZb.mp4 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 1 KB
1 KB 4ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p_init_isEqw3CzrrfgmEZb.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ec5db1086a8c0b1bebac81d448b7bd096d953464015e6e836b53bf8e3cd1701d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c3f8-4d7"
age: 4
access-control-allow-methods: GET, OPTIONS
traceparent: 00-1e97e5ecc7e8fce21a42672384b626a3-dcb2f30a16de2c3f-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc65
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:03:52 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1239
x-cached-since: 2025-04-17T09:19:55+00:00
server: nginx

GET
H2 200 160176295_240p_478_WeYjHVxDSpsUEFnu_1744881589.mp4 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 156 KB
157 KB 3ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p_478_WeYjHVxDSpsUEFnu_1744881589.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d1c75f6a8a7bf5bb35fe68e5e65e2d7468ddd12443b56c03b87eaa8e015d76f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7b7-27124"
age: 6
access-control-allow-methods: GET, OPTIONS
traceparent: 00-dfbdfe640f5c4d2e51ebc965953ff344-c5cd992b15efbf79-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:51 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160036
x-cached-since: 2025-04-17T09:19:53+00:00
server: nginx

GET hls.worker.js
creative.rmhfrtnd.com/ Frame 7AD0 0
0

GET
H2 200 160176295_240p_479_kFA4mryJtV5uUDk2_1744881591.mp4 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 156 KB
156 KB 15ms
15ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p_479_kFA4mryJtV5uUDk2_1744881591.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: da86a962cdb0158275fc00cc7f3ce83b909c3f9f67a01995c556c2ebc72cb60f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7b9-26ea9"
age: 4
access-control-allow-methods: GET, OPTIONS
traceparent: 00-1e1c7ce28f56f1d8988962e694a9c0a5-7bcc3cf786ee5f5e-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc32
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:53 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 159401
x-cached-since: 2025-04-17T09:19:55+00:00
server: nginx

GET
H2 200 187618170_240p.m3u8 Show response
edge-hls.sagcoreedge.com/hls/187618170/master/ Frame 7AD0 234 B
351 B 259ms
258ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://edge-hls.sagcoreedge.com/hls/187618170/master/187618170_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: c23d786a8fc7300136c7053a78535e5527de8105b42abc86e1eeabe4b87c5a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT, EXPIRED
content-encoding: gzip
age: 0
access-control-allow-methods: GET, OPTIONS
traceparent: 00-69c4b0447d7ac1d7e5a1e27375699d9c-8d77621aa02debbb-01
x-id-shield: am3-hw-edge-gc31
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:52 GMT
access-control-allow-headers: *
cache-control: public, max-age=0, s-maxage=3, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc25
access-control-allow-origin: *
x-proxy-cache-orig: EXPIRED
x-cached-since: 2025-04-17T09:19:59+00:00
server: nginx

GET
H2 200 160176295_240p_480_RO8JEycueYiEJTwQ_1744881593.mp4 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 156 KB
156 KB 3ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p_480_RO8JEycueYiEJTwQ_1744881593.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 4355b56d3a583e31627a03114a0256f875c4be58acaf31dff17c4049c7594f6b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bb-26f85"
age: 2
access-control-allow-methods: GET, OPTIONS
traceparent: 00-02a87e44aa1e7d12f317125899f43cb7-5db5343b9eed364f-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:55 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 159621
x-cached-since: 2025-04-17T09:19:57+00:00
server: nginx

GET
H2 200 187618170_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 766 B
487 B 6ms
5ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 8abac1f729c8c03ea5d109cc81ed6e96e783d1fc7b7ec512a779c201be2c6810

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 0
access-control-allow-methods: GET, OPTIONS
traceparent: 00-f2b82f118db503bb2bda4e79fae8be8c-43a5f31643126a46-01
x-id-shield: am3-hw-edge-gc31
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:56 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:19:59+00:00
server: nginx

GET
H2 200 187618170_240p_init_XbIjyWczBPqTjuei.mp4 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 1 KB
1 KB 5ms
4ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p_init_XbIjyWczBPqTjuei.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ec5db1086a8c0b1bebac81d448b7bd096d953464015e6e836b53bf8e3cd1701d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800bf86-4d7"
age: 13
access-control-allow-methods: GET, OPTIONS
traceparent: 00-9ea5a03431390e1a13af3a22cb2c7787-dd3c89fb988c0c69-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc65
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 08:44:54 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1239
x-cached-since: 2025-04-17T09:19:47+00:00
server: nginx

GET
H2 200 187618170_240p_1048_hZaBS9hCOpX4ugjn_1744881590.mp4 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 153 KB
153 KB 12ms
12ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p_1048_hZaBS9hCOpX4ugjn_1744881590.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3ad3cc90af8a802f107a4ed3f23ac6b0ebba68efd67a961262fd7b8b66204029

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7b8-262a1"
age: 5
access-control-allow-methods: GET, OPTIONS
traceparent: 00-3babfbfe03428710d3fe41e500ede62a-402b2e6a3b0df8ee-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:52 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 156321
x-cached-since: 2025-04-17T09:19:54+00:00
server: nginx

GET hls.worker.js
creative.rmhfrtnd.com/ Frame 7AD0 0
0

GET
H2 200 187618170_240p_1049_xdxfWtaVIgj2xCZJ_1744881592.mp4 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 151 KB
151 KB 4ms
4ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p_1049_xdxfWtaVIgj2xCZJ_1744881592.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ed848caea7ef5263d7d262c29da010fb62436303b5786bd25ce7ac3c4d129564

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7ba-25a47"
age: 3
access-control-allow-methods: GET, OPTIONS
traceparent: 00-ebc5924433150571fa3a7e599886768c-a453c5c6ab41184a-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc65
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:54 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 154183
x-cached-since: 2025-04-17T09:19:56+00:00
server: nginx

GET
H2 200 153986136_240p.m3u8 Show response
edge-hls.sagcoreedge.com/hls/153986136/master/ Frame 7AD0 234 B
356 B 14ms
13ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://edge-hls.sagcoreedge.com/hls/153986136/master/153986136_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 081a9d6aefac0833acccbb3bc4dbfb47522477ef23e11341bf7eeeab0753e025

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 3
access-control-allow-methods: GET, OPTIONS
traceparent: 00-79de6ae470df3334d7183296d4d1eb2f-3898d7413a6b2edf-01
x-id-shield: am3-hw-edge-gc65
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:19:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:46 GMT
access-control-allow-headers: *
cache-control: public, max-age=0, s-maxage=3, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc25
access-control-allow-origin: *
x-proxy-cache-orig: EXPIRED
x-cached-since: 2025-04-17T09:19:57+00:00
server: nginx

GET
H2 200 153986136_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 766 B
499 B 7ms
6ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 308e552082190ae50a19d3d8b04ee098a672cdb17790c98c67ff29b4193d76ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-35bc7ee94f1780ed292a15871950ef0f-a374f845da24be5a-01
x-id-shield: am3-hw-edge-gc30
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:57 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:19:59+00:00
server: nginx

GET
H2 200 153986136_240p_init_4cdDcihMJrcDY2Bf.mp4 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 1 KB
1 KB 8ms
7ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p_init_4cdDcihMJrcDY2Bf.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ad8962a9b2ce8e169b86820dfaa7de16cf70ac6149f679dbbd9453ccd0c59e67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800bc79-4d2"
age: 17
access-control-allow-methods: GET, OPTIONS
traceparent: 00-836f0c8fd2e83af32530430d21b8e278-cc36c862466df301-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc30
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 08:31:53 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1234
x-cached-since: 2025-04-17T09:19:43+00:00
server: nginx

GET
H2 200 187618170_240p_1050_hdqWXUpoLaMCJE2G_1744881594.mp4 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 164 KB
164 KB 5ms
4ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p_1050_hdqWXUpoLaMCJE2G_1744881594.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 00791895a979ab8b505a0dbce8d20301045d034efe7e436fcc029bb62e51c752

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bc-28fe0"
age: 2
access-control-allow-methods: GET, OPTIONS
traceparent: 00-824a241bb83d0c1075e8aa7d52d5d90e-241b6344d7e7d124-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc50
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:56 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 167904
x-cached-since: 2025-04-17T09:19:58+00:00
server: nginx

GET
H2 200 153986136_240p_1439_HRupxyQna3o8kM7l_1744881591.mp4 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 164 KB
164 KB 10ms
9ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p_1439_HRupxyQna3o8kM7l_1744881591.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: d006dc1b9e5db2a556d7173e1705e35ee3080de49fc9e93b85bfcf48995f263d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7b9-28fbc"
age: 6
access-control-allow-methods: GET, OPTIONS
traceparent: 00-37fa554a1920a31a0f96960124ce3974-787e43ba27a82951-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc32
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:53 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 167868
x-cached-since: 2025-04-17T09:19:55+00:00
server: nginx

GET hls.worker.js
creative.rmhfrtnd.com/ Frame 7AD0 0
0

GET
H2 200 153986136_240p_1440_5Chd5H1FKir37Mcf_1744881593.mp4 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 149 KB
149 KB 4ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p_1440_5Chd5H1FKir37Mcf_1744881593.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 93571804c8f18825b278730b4b80f534458c849778749a8b6ea8a096f7e734bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bb-253db"
age: 4
access-control-allow-methods: GET, OPTIONS
traceparent: 00-727f71b83c7c5f56a03b5c698608cfa5-519dedda00780419-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:55 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 152539
x-cached-since: 2025-04-17T09:19:57+00:00
server: nginx

GET
H2 200 153986136_240p_1441_pfEq0ZxJFPVPkHtX_1744881595.mp4 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 156 KB
156 KB 5ms
5ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p_1441_pfEq0ZxJFPVPkHtX_1744881595.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0a520bbe64cbcf5bb34d25fa391bfe568169b8fd0cfe68e3a1eb6636095421ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bd-26f1c"
age: 2
access-control-allow-methods: GET, OPTIONS
traceparent: 00-ee2886d2e5f65d6735f9211b28932c68-c655bf1fe419b3eb-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc32
date: Thu, 17 Apr 2025 09:20:00 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:57 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 159516
x-cached-since: 2025-04-17T09:19:59+00:00
server: nginx

POST
H3 204 check-result Show response
go.rmhfrtnd.com/app/domain-checker/ Frame 7AD0 0
277 B 275ms
273ms Fetch 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.rmhfrtnd.com/app/domain-checker/check-result
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://creative.rmhfrtnd.com/

Response headers

cf-cache-status: DYNAMIC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-ray: 931ad811cd4c7372-NRT
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:20:00 GMT
server: cloudflare
priority: u=1,i

GET
H2 200 160176295_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 762 B
500 B 3ms
2ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: bb57962b4d2634fdeb24c713fd828b6b3588d6717e4aaf28365bbcd1f4b7a2a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-cf7fb58f56f3f110873a5fee01f58b71-13588e9ad71bac64-01
x-id-shield: am3-hw-edge-gc32
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:20:01 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:57 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:20:00+00:00
server: nginx

GET
H2 200 160176295_240p_481_YmDyzg5launlbBwL_1744881595.mp4 Show response
media-hls.sagcoreedge.com/b-hls-19/160176295/ Frame 7AD0 157 KB
157 KB 3ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-19/160176295/160176295_240p_481_YmDyzg5launlbBwL_1744881595.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 59aefb6f9ac785ab36e9ce9e60de5bfc651647a28c22043a1bdbd2fec47b997f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bd-27251"
age: 2
access-control-allow-methods: GET, OPTIONS
traceparent: 00-71136b6993e95125c0a59ae5d0050619-cfdb694b816b9b6c-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:20:01 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:57 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 160337
x-cached-since: 2025-04-17T09:19:59+00:00
server: nginx

GET 187618170_240p.m3u8
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 0
0

GET
H3 200 models Show response
go.rmhfrtnd.com/api/ Frame 7AD0 21 KB
3 KB 307ms
305ms Fetch
application/json 172.64.147.206
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://go.rmhfrtnd.com/api/models?landing=WidgetV4Universal&quality=240p&tag=girls%2Fjapanese&sortBy=topScore&stripcashR=0&forceClient=0&modelPromotion=0&limit=12
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/main.9b5030f68a60b88ef910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.147.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512a5f73b0f0f03f258b9396ff06ce7e973a036b4d11252f3a07ce965fc59b01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

server: cloudflare
content-encoding: gzip
cf-cache-status: EXPIRED
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
cf-ray: 931ad81c2e226836-NRT
access-control-allow-origin: https://creative.rmhfrtnd.com
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Apr 2025 09:20:02 GMT
last-modified: Thu, 17 Apr 2025 09:20:02 GMT
content-type: application/json
vary: Origin, Accept-Encoding
priority: u=1,i

GET
H2 200 187618170_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 766 B
445 B 6ms
5ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f172410dad973075c47d247e8685965845eff11a625fa4c98c6ff0d954a174ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 0
access-control-allow-methods: GET, OPTIONS
traceparent: 00-96b8d8f084e8fba6e20155f481c1283d-46e880c8c39ba280-01
x-id-shield: am3-hw-edge-gc31
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:20:01 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:58 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:20:01+00:00
server: nginx

GET
H2 200 187618170_240p_1051_8VBs9D1n8mjyqWkQ_1744881596.mp4 Show response
media-hls.sagcoreedge.com/b-hls-08/187618170/ Frame 7AD0 152 KB
152 KB 4ms
4ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p_1051_8VBs9D1n8mjyqWkQ_1744881596.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 087d2701607be57da149b5acf0b25cb2a050c082d36f9e41fc8647a3011aefa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7be-25f7a"
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-531b4d8bd1e7db797c403ba1f9a7db6e-efbc85edd3799b80-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc31
date: Thu, 17 Apr 2025 09:20:01 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:58 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155514
x-cached-since: 2025-04-17T09:20:00+00:00
server: nginx

GET
H2 200 153986136_240p.m3u8 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 766 B
688 B 3ms
3ms XHR
application/vnd.apple.mpegurl 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p.m3u8
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 45567af620a16585aa7cfe4ca8a616f7235e1e02775b2d0181efa84771d07941

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
content-encoding: gzip
age: 1
access-control-allow-methods: GET, OPTIONS
traceparent: 00-dc987f7363badfc68ef5ec865c9c5917-6f2f066cfbe66bcb-01
x-id-shield: am3-hw-edge-gc30
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Apr 2025 09:20:02 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Thu, 17 Apr 2025 09:19:59 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=1, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
access-control-allow-origin: *
x-proxy-cache-orig: HIT
x-cached-since: 2025-04-17T09:20:01+00:00
server: nginx

GET
H2 200 153986136_240p_1442_O0hwayh8C9PX501i_1744881597.mp4 Show response
media-hls.sagcoreedge.com/b-hls-16/153986136/ Frame 7AD0 154 KB
154 KB 4ms
3ms XHR
video/mp4 2a03:90c0:9995::9995
GCORE G-Core Labs...

General

Check archive.org

Download Go to

Full URL: https://media-hls.sagcoreedge.com/b-hls-16/153986136/153986136_240p_1442_O0hwayh8C9PX501i_1744881597.mp4
Requested by: Host: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/widgets/v4/Universal/hls.3464915cb8527cb22716.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: cef42d3c8ea1f5f39bc6270117be9389fdcaea1c4c203c44ae5be1c02b4a9068

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://creative.rmhfrtnd.com/

Response headers

cache: HIT
etag: "6800c7bf-267ed"
age: 2
access-control-allow-methods: GET, OPTIONS
traceparent: 00-4533f6bdae40d2ac08dc822c280354ff-e1042e796b13e8ac-01
alt-svc: h3=":443"; ma=86400
x-id-shield: am3-hw-edge-gc50
date: Thu, 17 Apr 2025 09:20:02 GMT
content-type: video/mp4
last-modified: Thu, 17 Apr 2025 09:19:59 GMT
access-control-allow-headers: *
x-id-fe: cc1-hw-edge-gc16
cache-control: public, max-age=0, s-maxage=30, no-transform
timing-allow-origin: *
x-id: cc1-hw-edge-gc16
accept-ranges: bytes
access-control-allow-origin: *
content-length: 157677
x-cached-since: 2025-04-17T09:20:01+00:00
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/hls.worker.js

Domain: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/hls.worker.js

Domain: creative.rmhfrtnd.com
URL: https://creative.rmhfrtnd.com/hls.worker.js

Domain: media-hls.sagcoreedge.com
URL: https://media-hls.sagcoreedge.com/b-hls-08/187618170/187618170_240p.m3u8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tsumanne.net/	1970-01-21 14:17:21	Name: _ga Value: GA1.1.1841944549.1744881599
.tsumanne.net/	1970-01-21 14:17:21	Name: _im_vid Value: 01JS1GRG3PBXQAZ154PSAKKYHE
.tsumanne.net/	1970-01-21 14:17:21	Name: _ga_ZDKBN0L4KF Value: GS1.1.1744881598.1.0.1744881598.0.0.0
sh.zucks.net/	1970-01-21 04:41:25	Name: AWSELBCORS Value: 41A171131E9B8C939F7087DC96908658B57851A86484F8DD0F0ED9CABA7F99F6ED1A8F8B6D3D3DA96CA147FD9413E530BD856ABCD34231366688194741346C28C9FD2E0531
.zucks.net/	1970-01-21 13:26:57	Name: ID Value: 001419c3d6d003cc3c2d962ea5d53972

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audiencedata.im-apps.net
creative-klepon-3f0ecb.netlify.app
creative.rmhfrtnd.com
cwn.tsumanne.net
dmp.im-apps.net
edge-hls.sagcoreedge.com
effulgent-stroopwafel-efb9ce.netlify.app
go.rmhfrtnd.com
img.doppiocdn.com
imp-adedge.i-mobile.co.jp
imp-bidapi.i-mobile.co.jp
j.zucks.net.zimg.jp
k.zucks.net
media-hls.sagcoreedge.com
sh.zucks.net
spnativeapi-tls.i-mobile.co.jp
ssp-sync.i-mobile.co.jp
static.zucks.net.zimg.jp
strip.chat
tsumanne.net
www.google-analytics.com
www.googletagmanager.com
creative.rmhfrtnd.com
media-hls.sagcoreedge.com
104.17.223.114
133.242.180.111
153.127.8.252
172.64.147.206
172.67.182.211
18.65.207.82
185.98.55.81
2404:6800:400a:80e::2008
2404:6800:400a:80e::200e
2406:da18:b3d:e201::65
2600:140b:1a00:23::173f:e91c
2600:1901:0:e207::
2600:9000:21ee:5e00:1f:2964:4340:93a1
2600:9000:2352:1a00:18:7a63:da40:93a1
2600:9000:26ef:6c00:1f:5b22:6e00:93a1
2a03:90c0:9995::9995
3.166.244.86
54.199.77.85
54.238.159.196
54.249.130.85
00791895a979ab8b505a0dbce8d20301045d034efe7e436fcc029bb62e51c752
081a9d6aefac0833acccbb3bc4dbfb47522477ef23e11341bf7eeeab0753e025
087d2701607be57da149b5acf0b25cb2a050c082d36f9e41fc8647a3011aefa2
08e1880b7763bdb03d93ad6e8a6623fcf6914e415bfdfcc744e23e770f6bac1b
0a520bbe64cbcf5bb34d25fa391bfe568169b8fd0cfe68e3a1eb6636095421ad
0cee0080641c5965e29868ce159820fff745f66cfb2ff942dd81a0bf8db66c67
12448389a838bed353ddcfdb125676ebb7cede8141b620827b600cb2b99066b4
142a921aa615bec9c88942b4e99930ab1ed846aec47c4aed9f1cd8dcb8f0fd7e
1f8673593eee874e4021a750327c0b31192f0f19cd7c0c5e049ebc51a386758b
2c76e369865800ae8a3eb71cfd46d643f9650c1497dfecc4415bc110aa7e581a
2ea13e62d88904aece37186bbfdce776b3f806f864a135bd96f78f728748e501
2f8a1a3c9077f968629745b06fde1c675604dadd01f3cb976351cef096c3f4a7
2f9fbe57fcfb9812d9f355a3a2bf113ec68f8f9d94b99c87d71f5e33d69fb30d
306f222ae07726d68f0755e730bb6c5975a0f6ee637695b50416f3f3e9ac3c88
308e552082190ae50a19d3d8b04ee098a672cdb17790c98c67ff29b4193d76ed
3ad3cc90af8a802f107a4ed3f23ac6b0ebba68efd67a961262fd7b8b66204029
4355b56d3a583e31627a03114a0256f875c4be58acaf31dff17c4049c7594f6b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45567af620a16585aa7cfe4ca8a616f7235e1e02775b2d0181efa84771d07941
45dc3b38891d953ff1f319d631251e751d2a06564f914af6db1a8b8d17e02d8e
4bf9c0bb6f927a22d61c957bea02263392626bb7d073a12d1c8018128ee706eb
512a5f73b0f0f03f258b9396ff06ce7e973a036b4d11252f3a07ce965fc59b01
592940666137da705db11558b5601579abf2e044ff4a62c81f1f386bbce6e101
59aefb6f9ac785ab36e9ce9e60de5bfc651647a28c22043a1bdbd2fec47b997f
5e414aefaf7db579d7c40ee4687e917078a79f4c4595250ac6a18eafd4590bb0
60b7a81ba5adecb1b613cc2fa56080cf1e28ba86168743b732e6af190e7fc907
7486a436bf8ac7a8ddc5f079217e8218e1381c08f816ea3fe1f373351cb5db64
78c1dc2f84895ef81b8ac5c0a669c6146578b86651d16fdcaeca5846934eb3e2
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
86d082d3ebc3a57680a8e6b6c6b79f1b37ef4e8f36c011aa5d197d1e7aeb9dc3
89ce8bc7acfcb649df2d6d7f0aa06ebe4b6241e08e54cf85aa96c3e8172f6a8e
8abac1f729c8c03ea5d109cc81ed6e96e783d1fc7b7ec512a779c201be2c6810
93571804c8f18825b278730b4b80f534458c849778749a8b6ea8a096f7e734bb
9f55d7daca124ec298d199af6d6eb3dbf7a71351fe6dee9f16d07363b6583d93
a11675d953ea270697154dc0343acf41b63bf1115f3722e9aed229508239dc78
a62e6471fb29bbe2222320bb9037a8cb3906c68dddf8abe9315aed1557f7bbc0
ad8962a9b2ce8e169b86820dfaa7de16cf70ac6149f679dbbd9453ccd0c59e67
af52f91cd6753436e468178cabf8102074f0606efeea5940249ae84f5c6d4447
b5e8bc74bae86c5e3f39de225e2d2d21c59a8bf45c72ef495f6ece776ae81605
ba750b94a813970e501e7695b3faad012fd518b16ea3ba5067c7dc323323df1a
bb57962b4d2634fdeb24c713fd828b6b3588d6717e4aaf28365bbcd1f4b7a2a8
c23d786a8fc7300136c7053a78535e5527de8105b42abc86e1eeabe4b87c5a87
c75afb1edca3a8ead417c6711dc18f4d402662f3d9c1331d35d15740f95aaa74
cb9ec0edd8e15d15130ce42ae4f9e35046fbc1d20ab3d7dbac93d544c1abdcbb
cc996cfa4dfbee4fbb85a6005bc5247d7b7e8794c5134c94b6706ce8c29b47bd
cef42d3c8ea1f5f39bc6270117be9389fdcaea1c4c203c44ae5be1c02b4a9068
d006dc1b9e5db2a556d7173e1705e35ee3080de49fc9e93b85bfcf48995f263d
d0f760960173a74545274bb5e0fde2c318bf4ed7c423cbb806654a26420b72ec
d1c75f6a8a7bf5bb35fe68e5e65e2d7468ddd12443b56c03b87eaa8e015d76f0
d423a53a72c4d5a8d7bdec7265da4ce431f819df59bdf04fa9172141130b0047
d7dc9acaf49c204151700d3027d69e78b9344eb1ad0ea623553481f4448f58da
da86a962cdb0158275fc00cc7f3ce83b909c3f9f67a01995c556c2ebc72cb60f
db3ae6ff73fea8460f224a488eee66454435d68b2d8d02bcc0adcf7696645ad7
df4f9dd67a98afeeda524e4ea79eea4dbb206f54a038dafa1e9897579d796540
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4169635255e5f76b2c808bc2fc17e305ba6fb5803e11b76aa00537a9e06faac
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
e9b7495232451378b60bb630e8edaaa56136dda8483883d2aba8288f5f81f573
ec5db1086a8c0b1bebac81d448b7bd096d953464015e6e836b53bf8e3cd1701d
ed848caea7ef5263d7d262c29da010fb62436303b5786bd25ce7ac3c4d129564
f172410dad973075c47d247e8685965845eff11a625fa4c98c6ff0d954a174ab
f55abf02de3c9ac0fc7213a7e4c6da706b29437ad288f0f432dd9ef1a7fd5a6f

tsumanne.net Open in urlscan Pro 133.242.180.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

93 %HTTPS

45 %IPv6

12 Domains

22 Subdomains

21 IPs

5 Countries

2378 kBTransfer

3141 kBSize

5 Cookies

0 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tsumanne.net Open in urlscan Pro
133.242.180.111 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

93 %
HTTPS

45 %
IPv6

12
Domains

22
Subdomains

21
IPs

5
Countries

2378 kB
Transfer

3141 kB
Size

5
Cookies

69 HTTP transactions
0 data transactions