gaypornsex.men Open in urlscan Pro
2606:4700:3034::6815:27bc Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Submission: On November 01 via manual (November 1st 2021, 8:41:43 am UTC) from JP — Scanned from JP

Summary HTTP 76 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 22 IPs in 10 countries across 25 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3034::6815:27bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is gaypornsex.men.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 26th 2021. Valid for: a year.

This is the only time gaypornsex.men was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:27bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:5cbb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:c51e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.94.237.74 185.94.237.74	42567 (MOJHOST-EU) (MOJHOST-EU)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.45.60.123 23.45.60.123	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.23.130.4 104.23.130.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	185.178.208.135 185.178.208.135	57724 (DDOS-GUARD) (DDOS-GUARD)
1	2404:6800:400... 2404:6800:4004:80c::2003	15169 (GOOGLE) (GOOGLE)
1	23.51.210.213 23.51.210.213	16625 (AKAMAI-AS) (AKAMAI-AS)
7	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2404:6800:400... 2404:6800:4004:80f::2008	15169 (GOOGLE) (GOOGLE)
5	54.36.168.71 54.36.168.71	16276 (OVH) (OVH)
1	2404:6800:400... 2404:6800:4004:81f::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
2	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
2 4	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a01:4f8:c0:3... 2a01:4f8:c0:33d8::1	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:47... 2a02:128:7:4715::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a03:90c0:999... 2a03:90c0:9995::9995	199524 (GCORE) (GCORE)
3	88.198.204.166 88.198.204.166	24940 (HETZNER-AS) (HETZNER-AS)
4	103.252.221.5 103.252.221.5	134512 (HWSPL-AS-...) (HWSPL-AS-AP HostPalace Web Solution PVT LTD)
76	22

12 2606:4700:3034::6815:27bc (United States)

ASN13335 (CLOUDFLARENET, US)

gaypornsex.men	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5cbb (United States)

ASN13335 (CLOUDFLARENET, US)

gtube.men	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c51e (United States)

ASN13335 (CLOUDFLARENET, US)

images.gtube.men	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.237.74 (Netherlands)

ASN42567 (MOJHOST-EU, NL)

adserver.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.45.60.123 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-60-123.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.23.130.4 (None, )

ASN13335 (CLOUDFLARENET, US)

hqq.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.178.208.135 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

upstream.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.51.210.213 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-210-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

a8cc179007.efe0df50ac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cabnnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.1vag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.36.168.71 (France)

ASN16276 (OVH, FR)
PTR: s16.upstream.to

s16.upstreamcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.25.22 (Burgwedel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:e0:19cb::1 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

ntvpinp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ntvpever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:c0:33d8::1 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

rtbbnr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4715::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)

btds.zog.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:9995::9995 (Singapore)

ASN199524 (GCORE, LU)

ads-g.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.204.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-204-166.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.252.221.5 (Philadelphia, United States)

ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN)
PTR: hosted-by.host-palace.com

thumbs2.imagebam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	upstream.to upstream.to	313 KB
12	gaypornsex.men gaypornsex.men	373 KB
5	upstreamcdn.co s16.upstreamcdn.co	214 KB
4	imagebam.com thumbs2.imagebam.com	101 KB
4	efe0df50ac.com a8cc179007.efe0df50ac.com	53 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
4	addthis.com s7.addthis.com m.addthis.com	217 KB
3	bookmsg.com static.bookmsg.com	3 KB
3	cloudflare.com cdnjs.cloudflare.com	35 KB
3	juicyads.com adserver.juicyads.com ads-g.juicyads.com	44 KB
2	ntvpever.com 2 redirects ntvpever.com	448 B
2	ntvpinp.com ntvpinp.com	4 KB
2	nereserv.com nereserv.com	289 B
2	gtube.men gtube.men images.gtube.men	142 KB
1	1vag.com cdn.1vag.com	335 B
1	zog.link 1 redirects btds.zog.link	222 B
1	rtbbnr.com 1 redirects rtbbnr.com	351 B
1	cabnnr.com js.cabnnr.com	16 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	wpadmngr.com js.wpadmngr.com	239 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	addthisedge.com v1.addthisedge.com	721 B
1	moatads.com z.moatads.com	1 KB
1	hqq.tv hqq.tv
1	googleapis.com fonts.googleapis.com	1 KB
76	25

	Domain	Requested by
16	upstream.to	gaypornsex.men upstream.to
12	gaypornsex.men	gaypornsex.men
5	s16.upstreamcdn.co	upstream.to
4	thumbs2.imagebam.com
4	a8cc179007.efe0df50ac.com	gaypornsex.men a8cc179007.efe0df50ac.com
3	static.bookmsg.com	gaypornsex.men
3	www.gstatic.com	upstream.to www.gstatic.com
3	s7.addthis.com	gaypornsex.men s7.addthis.com
3	cdnjs.cloudflare.com	gaypornsex.men
2	ntvpever.com	2 redirects
2	ntvpinp.com	a8cc179007.efe0df50ac.com
2	nereserv.com	a8cc179007.efe0df50ac.com
2	adserver.juicyads.com	gaypornsex.men adserver.juicyads.com
1	ads-g.juicyads.com	adserver.juicyads.com
1	cdn.1vag.com	js.cabnnr.com
1	btds.zog.link	1 redirects
1	rtbbnr.com	1 redirects
1	js.cabnnr.com	a8cc179007.efe0df50ac.com
1	www.google-analytics.com	www.googletagmanager.com
1	js.wpadmngr.com	a8cc179007.efe0df50ac.com
1	www.googletagmanager.com	upstream.to
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	hqq.tv	gaypornsex.men
1	images.gtube.men	gaypornsex.men
1	gtube.men	gaypornsex.men
1	fonts.googleapis.com	gaypornsex.men
76	29

This site contains links to these domains. Also see Links.

Domain
demos.ui-lib.com
images.gtube.men
gtube.men
gayasianporn.men
4gay.men
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-20` - `2022-04-23`	2 years	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
upstream.to R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
a8cc179007.efe0df50ac.com R3	`2021-09-29` - `2021-12-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.upstreamcdn.co Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-02-17`	a year	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
js.cabnnr.com R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
notification.tubecup.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
cdn.1vag.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
bookmsg.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.imagebam.com GoGetSSL RSA DV CA	`2020-06-26` - `2022-09-28`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Frame ID: 6C60F32C76571F8E5525EC3E72C70EC9
Requests: 41 HTTP requests in this frame

Frame: https://hqq.tv/player/embed_player.php?vid=fribPUPtLnx8
Frame ID: C89A21EBF9423645403943B25472A287
Requests: 1 HTTP requests in this frame

Frame: https://upstream.to/embed-ubyl5rp3n7mt.html
Frame ID: 342890CBEC83040F6473F25736481BC4
Requests: 27 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2A370D14D7130C5BA1243336D4508B53
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2DA91F6DC6BAE4F396FE7C497E8D6576
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=772775
Frame ID: BA740949BA1640E81F3D788B52FF90AC
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=772775
Frame ID: BB91EAF714BE2E14F782CAB530B95D3E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.1vag.com/1x1.png
Frame ID: 6FF5A93F75016FA57293ADB091DCCBB9
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 23A6173898C06CFBCB9B0E296F36154F
Requests: 21 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1396F226848969BF78A84C2D1BC211BB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Video Coat - Hello! 蒼士 5th Season HELLO! SOSHI 5th Season - gaypornsex.menFacebookTwitterPrintEmailAddThisFacebookTwitterPrintEmailAddThis

Page Statistics

76
Requests

93 %
HTTPS

57 %
IPv6

25
Domains

29
Subdomains

22
IPs

10
Countries

1625 kB
Transfer

4164 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://demos.ui-lib.com/gull/html/sessions/signin.html
Title: Sign in

Search URL Search Domain Scan URL

URL: http://demos.ui-lib.com/gull/html/sessions/signup.html
Title: Sign up

Search URL Search Domain Scan URL

URL: http://demos.ui-lib.com/gull/html/sessions/forgot.html
Title: Forgot

Search URL Search Domain Scan URL

URL: http://demos.ui-lib.com/gull/html/sessions/not-found.html
Title: Not Found

Search URL Search Domain Scan URL

URL: https://images.gtube.men/upload/2021/01/23/20210123092508-6c3aca1c.jpg

Search URL Search Domain Scan URL

URL: https://gtube.men/
Title: Gtube.men

Search URL Search Domain Scan URL

URL: https://gayasianporn.men/
Title: Gayasianporn.men

Search URL Search Domain Scan URL

URL: https://4gay.men/
Title: 4gay.men

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNjU2MTI5MzU5Iiwic3BvdF9pZCI6MTE2NTh9LCJiYW5uZXIiOnsidyI6MSwiaCI6MX19XSwic2l0ZSI6eyJpZCI6IjExNjU4IiwicGFnZSI6Imh0dHBzOi8vZ2F5cG9ybnNleC5tZW4vdmlkZW8vZGV0YWlsL2NvYXQtaGVsbG8tNXRoLXNlYXNvbi1oZWxsby1zb3NoaS01dGgtc2Vhc29uLWRoM3Z1d2szZHEifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNDJhNWYyMzUwNDA2YjViMzRhZmU0OWZmNTE3ZWNiM2IifSwiZXh0Ijp7ImR0IjoxNjM1NzU2MDk3NzQ1fX0= HTTP 302
https://btds.zog.link/in/912/?sid=11658&source=656129359&idzone=&w=1&h=1&mo=&ve=&site_id=11658&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=11658&p=https%3A%2F%2Fgaypornsex.men%2Fvideo%2Fdetail%2Fcoat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq&tds_labels={} HTTP 302
https://cdn.1vag.com/1x1.png

Request Chain 88

https://ntvpever.com/in/show/?mid=3801088811&pid=0&site=native-push&sc=JP&subid=272110606&sid=826397194&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=0&ver=4.2.0&ver_c=&refdom=gaypornsex.men&hostname=auc-inpage-hz-2&site_id=315463&spot_id=5463&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=null&created_at=2021-11-01&is_native=4&auction_queue=1&burl=&ip=45.87.213.62&testab=0&capping=0&correct_site_id=0&aid=0&adblock=0&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_2b05828f1853b06660d931ef6e0ed27f23543bcd.webp&verify_hash=7db19aa46b1dbd4957ee501e7f3ff0b8&format=default-r-d&mlf=1&cpa=5581faac-45f9-4c74-a109-bc1eacd39fad HTTP 302
https://static.bookmsg.com/creatives/SG/SG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp

Request Chain 105

https://ntvpever.com/in/show/?mid=2936700460&pid=0&site=native-push&sc=JP&subid=335450235&sid=317863132&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=0&ver=4.2.0&ver_c=&refdom=gaypornsex.men&hostname=auc-inpage-hz-5&site_id=315582&spot_id=5582&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=null&created_at=2021-11-01&is_native=4&auction_queue=1&burl=&ip=45.87.213.62&testab=0&capping=0&correct_site_id=0&aid=0&adblock=0&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FUS%2FUS_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp&image_url=&verify_hash=a0d8690921f7d8892514d726bef88744&format=default-r-d&mlf=1&cpa=7669f648-f96f-4bea-9fcc-38402edc88ce HTTP 302
https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

76 HTTP transactions
37 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq Show response
gaypornsex.men/video/detail/ 47 KB
12 KB 684ms
625ms Document
text/html 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25cf23ed6b14156fbf5c4e1e15dd8dfef559f72df468352d8c4c293d2ce21155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svEVF3p16H9zd7%2F6nBAEykvm7I6gKOseAIdhbLovoy%2B5zRS1vTzaugz%2BZFy3wSpOwkG%2FV30sdYMvAP7EwDJl6gkn2CTvKqcAOc%2BrEv%2F7QQOi31xHaCfB%2FRLoApbpNJvVx2tvhRblMn7uzHIp%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a73d329cc6d0ae8-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 87ms
43ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400,400i,600,700,800,900

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2dd7ad310e18233300d631121947c2a1a348dfab40f7dacc522d185025bb760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 08:41:35 GMT
server: ESF
date: Mon, 01 Nov 2021 08:41:35 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 08:41:35 GMT

GET
H2 200 lite-purple.min.css
gaypornsex.men/v2/css/themes/ 522 KB
61 KB 22ms
22ms Stylesheet
text/css 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/css/themes/lite-purple.min.css
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76712caa880a80628c01960a083aac9bfa5decef2cf77fd0d0e3259e11637f63

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 31 Jul 2021 10:36:54 GMT
server: cloudflare
age: 5177
etag: W/"82836-5c868ea24fd80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zi5whYUXSMOy8DM%2Bg9AD8%2FdsYvlJS26iIRlFkuveZcOI7NmOLiDBLCoFvg377dotlwxxP8z3VtAk%2FvYMrxFjJK7Vr1%2B7Yb6y99ZSbf1ZOh1SR9oOYpB8GN4kU3YMy9Xw%2BNh930EaggdElEOsZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32dda9c0ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 perfect-scrollbar.min.css
gaypornsex.men/v2/css/plugins/ 2 KB
810 B 10ms
9ms Stylesheet
text/css 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/css/plugins/perfect-scrollbar.min.css
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df02cbdad5be43843d5494d69649e6d3f15d3695b279f032af44c76c76afa5d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Dec 2020 09:48:02 GMT
server: cloudflare
age: 5177
etag: W/"71b-5b6e23cc59880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BbCXQE%2FVmP0IyibYIsaY6PI1uHTFilBq78UrdkIkqd0xaiXhMjyRD%2BiUJA3pMB63ynhNa5LGi%2BSrQkXx9BSA76h83eYbvjB0nncDlJQUyDqZmxxoHoxBNm%2F2IWXJkF7BPZE2oo9lTnQQhHDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32dda9e0ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 logo.png
gaypornsex.men/v2/images/ 36 KB
36 KB 13ms
12ms Image
image/png 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaypornsex.men/v2/images/logo.png
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842b4a273b6a3e762330b007ac0b2de6ea7a81def5c309abb8b86ca2717e8a0b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36871
last-modified: Sun, 20 Dec 2020 09:48:02 GMT
server: cloudflare
etag: "9007-5b6e23cc59880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KIyjJEIPaFkXtUf56XprSf0q3iYY4EKK52T%2F9U9qSFN2XTsF9UhQeNvWq%2F0Wmc31QUDfAisCT62l3SFbWRKQBzxBwVBdAxncU%2Fs3qtkhN4e%2FECOgBMVVnECpM1dDaudnFVeN92BCiXxUKnGwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a73d32ddaa90ae8-NRT

GET
H2 200 avatar.png
gaypornsex.men/v2/images/faces/ 1 KB
2 KB 11ms
10ms Image
image/png 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaypornsex.men/v2/images/faces/avatar.png
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34499f5ee344b0f583deb61cee61db7d0c58c7711a7ee9f8bbbdeab8c978703

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1257
last-modified: Sun, 10 Jan 2021 12:00:34 GMT
server: cloudflare
etag: "4e9-5b88a896a5c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS6bl8WSe3nRrSQEuxQSp%2BjR6gvXVMs87bA741WMDcjCoNQBUSN7BJJeJdIY%2F9%2BtlMDCqh6eAE5aQZ8YEJioyKyjBRXUX09RR3QRhwvPOGIExr%2BaFPcmIa1btTnboU6Rtkk%2FjeMM1uvaiwSc5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a73d32ddaaa0ae8-NRT

GET
H2 200 coat1502.jpg
gtube.men/img_tmp/ 91 KB
92 KB 127ms
15ms Image
image/jpeg 2606:4700:3033::6815:5cbb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtube.men/img_tmp/coat1502.jpg
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5cbb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3263e4378100c902c58d4024d324c6485e8f89fb86448bf7616ef6080a221c98

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3193
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 93193
last-modified: Wed, 09 Dec 2020 12:45:05 GMT
server: cloudflare
etag: "16c09-5b6076db29640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KthDcKnyIKVu6OqXclAv0RuaCy92%2BlQNwjFyMoar6CHPB3ZWxXP%2Fded9Ch0UI8e%2FWMS9BHnikoXijknvLRnKk%2BChEnVlWO%2FrBRORB%2BgEKUNNzA8xXmagzjJtYQCERmBCFie24HQYxus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 6a73d32e8d233475-NRT

GET
H2 200 i.php
images.gtube.men/ 50 KB
51 KB 627ms
516ms Image
image/jpeg 2606:4700:3032::ac43:c51e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.gtube.men/i.php?/upload/2021/01/23/20210123092508-6c3aca1c-cu_s9999x200.jpg
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c51e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a1b056b9e2caff0470d719b5d5fdc57988aed811ddd0b5eb925c6e151655f2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 23 Jan 2021 08:57:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMsoj21RSxgORHl2bb6HFZc2X0o0%2FaJr%2BqL5xtsqTu7nN%2Fj26SWqdhEh44CyteE%2BsoogfTMNmik9etsNhC0LOK6ZWBK%2BOIp885EuU9NWzDvKkVK%2FTBXlZrayUw%2BjQsjiNFIwGuclgpStiGCEi%2Bkr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32e8ce234cf-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 11 Nov 2021 08:41:36 GMT

GET
H/1.1 200
OK jads.js Show response
adserver.juicyads.com/js/ 4 KB
2 KB 771ms
253ms Script
application/x-javascript 185.94.237.74
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.juicyads.com/js/jads.js
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.74 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Oct 2020 22:47:11 GMT
Server: nginx
ETag: W/"5f8f68ef-eb9"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

GET
H2 200 dcma.png
gaypornsex.men/image/ 6 KB
6 KB 12ms
11ms Image
image/png 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaypornsex.men/image/dcma.png
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aca39e107e57716919735be5047a7777e1f4451553cb4d28c7608acc08b4813

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6194
last-modified: Sat, 16 Jan 2021 10:46:28 GMT
server: cloudflare
etag: "1832-5b90233760900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mDf%2Bz9zpJCjzDKIa3cB%2Fhk7edskQP5McX5d2zy2TicKDDZ0t4UJTPPKkteno325FP%2FZDRQiYbupNN5rGNNftUYczu1BgaMa0NlfJTJZcbLAKaCdHU7ppC7jOWZcV1j8JtHEmwPlVR4jSpLvHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a73d32ddaac0ae8-NRT

GET
H2 200 no_dcma.png
gaypornsex.men/image/ 6 KB
6 KB 12ms
11ms Image
image/png 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaypornsex.men/image/no_dcma.png
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64ec438fb93dd924b2e8b942047ec7848d59fbfe3a986543b73df637f9d1f6be

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6295
last-modified: Sat, 16 Jan 2021 10:50:26 GMT
server: cloudflare
etag: "1897-5b90241a5a080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kZ3JO8x2dQBasyrhe9WdyR5%2BdWBCv72819qUtNR1tu%2BuJ1Xx6Rq5xttak5ycDW%2Be4%2B2y91zHuFKl3gDBJc8f8UahmrTw677FJptqtkv86NxJhU4qrq3unTWgIGlINXiILbI9ZfHYJoN6ue%2BhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 6a73d32ddaae0ae8-NRT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 85 KB
27 KB 25ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 394001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27192
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-152b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igFrx6AE2luODlU5ialtI7CJoiea0TQ4h1PgeAwnc%2F2im4cgT3VS0kQDBAdei1hwVL%2Bb4PzB5xtPVl7fDRx5OnF6Udy1%2FzQh9R7c2itRcKMC4VSmIPf1UtSQsOFkEW%2F7BkxiKpiHo1NnFq2H0Tje1Q%2Fv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a73d32dec07efa6-NRT
expires: Sat, 22 Oct 2022 08:41:35 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
gaypornsex.men/v2/js/plugins/ 69 KB
21 KB 18ms
16ms Script
application/javascript 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/js/plugins/bootstrap.bundle.min.js
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Dec 2020 09:48:02 GMT
server: cloudflare
age: 5177
etag: W/"11536-5b6e23cc59880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MF2jkxTw%2B0O9ViViWrPmWXd4ObVKlTfCQN%2Fv35d3qZOuR%2FrLQgKu2fDI4X%2BRo4gvgtqwGtvJVcTMGOxR%2B3a44XTxV0MnK%2BVcMPLg35Wa3Xg97z7ZELt0RYtoAAdJa%2BiWpVzYLkGyi9xB5SacQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32ddaa30ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 perfect-scrollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/1.5.0/ 19 KB
5 KB 28ms
19ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/1.5.0/perfect-scrollbar.min.js

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ffaa73818038726b1178c18e4d06259d9a7b49cb88830946dce416b65c92840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3266474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5184
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4c05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CU4NBMFAQAN%2BCpQeQ5M4e4TUQWEZej94ZUXyhGRYIYcVwkxvYX4E62jukRrXBqTbf4XzJsU6GTDd%2B57iNIaTmnmnDu9i8cMo3owQVkZLpcHzOmyhACezOaMPSjpM4%2B1TnexKbySeyUDerFPVOVx%2BYY2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a73d32dec0befa6-NRT
expires: Sat, 22 Oct 2022 08:41:35 GMT

GET
H2 200 script.min.js Show response
gaypornsex.men/v2/js/scripts/ 2 KB
987 B 12ms
10ms Script
application/javascript 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/js/scripts/script.min.js
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06c0caa8631380ddcef124a4305228a4f2a1de526e99b64536a78fee1b15e6b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 12:08:46 GMT
server: cloudflare
age: 5177
etag: W/"616-5bae625faef80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1ACRKqk%2FGX4GCrwgdhPpJQTKKXwpwRUsuaYbQ4n4hYzQOX3ufAZsW560ksfX2pIbqLcUKzwGhSMZQv4%2BYWasCGJqwLAtREsarF2B3Ul5VmLXprqWnMFhqt2HGpK7oIDiYvusmjA0XfBoBAr2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32ddaa50ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sidebar.large.script.min.js Show response
gaypornsex.men/v2/js/scripts/ 1 KB
778 B 24ms
22ms Script
application/javascript 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/js/scripts/sidebar.large.script.min.js
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9861aadce98ebdc5a95cdc17ebf871790c264ce986099b999e22b7aab54ef16

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Feb 2021 12:08:46 GMT
server: cloudflare
age: 5177
etag: W/"4ce-5bae625faef80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar35Ik0tiwh9B33J%2FdthjXr9kcdmATYR0rqXn11JUCFxPb1258%2FXy%2FcQ9C1GhmTZxZxw%2B2rke%2BjfjQ03GTktOG7pTd9qIqP66EQW4QlsD2A3eHiQ9QD4YUSTQ7Hx4Z5hYYzWi8ndMWQvEkyMrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32ddaa70ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.11/ 5 KB
2 KB 28ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.11/jquery.lazy.min.js

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 483304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2092
timing-allow-origin: *
last-modified: Fri, 24 Jul 2020 12:13:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f1ad05e-139f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVPRNaNlHvRQ5KZNyjs67v7uGEzC5HtBFiKoLwGEGDUtJKyQ7dVYTYWIFv2%2BljGQ3Mz73oZvSAMHG%2B4nmFaf5V1m1PbTdst%2FgEcArDRITrPnIF3JunABU0cAIA3lPOGrFmQLnPhYfJsvyWk4Yoa9ntRc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a73d32dec0eefa6-NRT
expires: Sat, 22 Oct 2022 08:41:35 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 37ms
7ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-60-123.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 01 Nov 2021 08:41:35 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 403 embed_player.php
hqq.tv/player/ Frame C89A 0
0 30ms
9ms Document
text/html 104.23.130.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hqq.tv/player/embed_player.php?vid=fribPUPtLnx8

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.23.130.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a73d32df8b43493-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 embed-ubyl5rp3n7mt.html Show response
upstream.to/ Frame 3428 21 KB
7 KB 525ms
397ms Document
text/html 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/embed-ubyl5rp3n7mt.html

Requested by

Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

a7b7d76f345d70748cf215af46624df81f2e411780939b3fb35546c6638c9ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Response headers

server: ddos-guard
strict-transport-security: max-age=31536000
date: Mon, 01 Nov 2021 08:41:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Sun, 31 Oct 2021 08:41:36 GMT
x-frame-options: 1
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
content-encoding: gzip

GET
H2 200 iconsmind.css
gaypornsex.men/v2/fonts/iconsmind/ 50 KB
9 KB 11ms
11ms Stylesheet
text/css 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/fonts/iconsmind/iconsmind.css
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/v2/css/themes/lite-purple.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4878a9312e744716a5caafd2d92707311690f250cba57e41531b4fd084e091e0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/v2/css/themes/lite-purple.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Dec 2020 09:48:02 GMT
server: cloudflare
age: 5176
etag: W/"c7a2-5b6e23cc59880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlPD5twboB1ej0u9a6My9jJVSgeBbNn0P5yoctUC%2FZ74H387QV0PlFvohr8bEbmm%2FaX7m5syTeZ3QMn%2BUCjyz31oltMB%2BA5LfQGWvD0Xw3Y5D8wDa3qx7PXyhg2uibRUtf8%2BIR%2BcbDyu8WnHcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32e0b050ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ 19 KB
19 KB 50ms
4ms Font
font/woff2 2404:6800:4004:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:300,400,400i,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:11:21 GMT
x-content-type-options: nosniff
age: 397814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Oct 2022 18:11:21 GMT

GET
H2 200 iconsmind4906.ttf
gaypornsex.men/v2/fonts/iconsmind/ 503 KB
217 KB 18ms
17ms Font
font/ttf 2606:4700:3034::6815:27bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaypornsex.men/v2/fonts/iconsmind/iconsmind4906.ttf?ioqkm7
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/v2/fonts/iconsmind/iconsmind.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:27bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf612bd02b735cfbc5fd2ce98492593d8a0beace0dd7982bad9b1b5ddc5eedf

Request headers

Referer: https://gaypornsex.men/v2/fonts/iconsmind/iconsmind.css
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Dec 2020 09:48:02 GMT
server: cloudflare
age: 1962
etag: W/"7ddb8-5b6e23cc59880-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5ufxg23sg3pfRJoSyd2bDCF1HE7wtXXkExov81diRR8mC5FNvxKtIOgj7RFHuuZT8iG%2FwSAoEogZIjTEojA%2FD7AL%2Ff0jI0C0l%2FdAA4pXV2qH3vWbQzcZ4LoBWaocp4zwHyTz4ZCSpliVhCmoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a73d32eabf50ae8-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 16ms
3ms Script
application/x-javascript 23.51.210.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.210.213 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-210-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: FC3E85574462B230
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45288
accept-ranges: bytes
content-length: 948
x-amz-id-2: rPfHu/7ajFjGtneSpTcc8pvVUrpcuaVpOgDodiHhybxaO6IVA/+pJ+5AoTl8b9N18X89rJYudEA=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-60116033391a2ffc/ 1 KB
721 B 15ms
10ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-60116033391a2ffc/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-60-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d8673d2db014059392fd90b879d3032be233944f674c9c505b09408751d6e938

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:35 GMT
content-encoding: gzip
etag: -1384600107--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=11, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 544

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 101 B
971 B 148ms
143ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=617fa83f84656d0c&bkl=0&bl=1&pdt=710&sid=617fa83f84656d0c&pub=ra-60116033391a2ffc&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=gaypornsex.men&fp=video%2Fdetail%2Fcoat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=gay%2Ceuro%20gay%2Clatino%20gay%2Cgv%2CCoat%2Ccoat%2Ccoat%2CFull%20DVD%2Cfull-dvd%2Cfulldvd%2CHD%2Chd%2Chd&colc=1635756095812&jsl=1&uvs=617fa83fa80051bc000&skipb=1&callback=addthis.cbs.jsonp__75364288058468860
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-60-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 11b8a7bb7b716d6212afcedaaaa981ee477b1b378a66a199dd897d80b0b153d3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 08:41:35 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
p3p: policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
content-length: 101
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 2A37 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 2DA9 71 KB
26 KB 12ms
12ms Document
text/html 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-60-123.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 01 Nov 2021 08:41:35 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 d489ea32e670c0b50d2fa191dfa2a421.js Show response
a8cc179007.efe0df50ac.com/ 64 KB
25 KB 499ms
164ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e

Request headers

Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 13:42:02 GMT
server: nginx/1.18.0
etag: W/"616ecb2a-1014d"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:36 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 7ms
7ms Script
application/javascript 23.45.60.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.60.123 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-45-60-123.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 01 Nov 2021 08:41:35 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.css
upstream.to/css/ Frame 3428 48 KB
11 KB 83ms
82ms Stylesheet
text/css 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/css/main.css

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

0a59262756f1ac3ac0d80f30f8c5eb406d27929ccdcff324a0ffeda268b9889c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aba7d2-c030"
age: 1320189
x-ddg-cachegen: 1622121238
content-length: 11045
last-modified: Mon, 24 May 2021 13:19:14 GMT
server: ddos-guard
date: Sun, 17 Oct 2021 01:58:28 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Tue, 16 Nov 2021 01:58:28 GMT

GET
H2 200 jquery.min.js Show response
upstream.to/js/ Frame 3428 87 KB
30 KB 85ms
83ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/js/jquery.min.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aba7d5-15d84"
age: 1320154
x-ddg-cachegen: 1622121238
content-length: 30950
last-modified: Mon, 24 May 2021 13:19:17 GMT
server: ddos-guard
date: Sun, 17 Oct 2021 01:59:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Tue, 16 Nov 2021 01:59:04 GMT

GET
H2 200 xupload.js Show response
upstream.to/js/ Frame 3428 10 KB
4 KB 84ms
82ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/js/xupload.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

316b0051402e60172f1f22cc8e700eead114d301988f25b694628518b2632b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aba7d6-28f8"
age: 2383078
x-ddg-cachegen: 1622121238
content-length: 3774
last-modified: Mon, 24 May 2021 13:19:18 GMT
server: ddos-guard
date: Mon, 04 Oct 2021 18:43:39 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Wed, 03 Nov 2021 18:43:39 GMT

GET
H2 200 sUpload.js Show response
upstream.to/js/ Frame 3428 13 KB
3 KB 180ms
179ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/js/sUpload.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

2e9c06706597aa91fe358cfdea02caf63bdb84140e4503989bac07c7f2811565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "5f6dbdc0-35b8"
age: 411894
x-ddg-cachegen: 1622121238
content-length: 3362
last-modified: Fri, 25 Sep 2020 09:52:00 GMT
server: ddos-guard
date: Wed, 27 Oct 2021 14:16:43 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Fri, 26 Nov 2021 14:16:43 GMT

GET
H2 200 jquery.cookie.js Show response
upstream.to/js/ Frame 3428 4 KB
2 KB 180ms
179ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/js/jquery.cookie.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aba7d4-10eb"
age: 1320163
x-ddg-cachegen: 1622121238
content-length: 1498
last-modified: Mon, 24 May 2021 13:19:16 GMT
server: ddos-guard
date: Sun, 17 Oct 2021 01:58:55 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Tue, 16 Nov 2021 01:58:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3428 89 KB
35 KB 84ms
43ms Script
application/javascript 2404:6800:4004:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49432491-14

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92c2d676389972c14595b6795d62803db6d8b5786d71cb65472c9e33657aba35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35788
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Nov 2021 08:41:36 GMT

GET
H2 200 kaltura.js Show response
upstream.to/js/ Frame 3428 87 KB
33 KB 180ms
179ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/js/kaltura.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

ca1237faa559c43589e706ccafeaee31392750a59a38672b1528e53e7d4b8060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "608ec747-15c91"
age: 419906
x-ddg-cachegen: 1622121238
content-length: 33110
last-modified: Sun, 02 May 2021 15:37:43 GMT
server: ddos-guard
date: Wed, 27 Oct 2021 12:03:11 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Fri, 26 Nov 2021 12:03:11 GMT

GET
H2 200 jwplayer.js Show response
upstream.to/player8/ Frame 3428 99 KB
32 KB 180ms
179ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/jwplayer.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

2c1fa8d90a4037b759e005c9216c36bdbf4ff3c695b4d31ccce7cc00ff403532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aeac8b-18a5c"
age: 458883
x-ddg-cachegen: 1622121238
content-length: 32279
last-modified: Wed, 26 May 2021 20:16:11 GMT
server: ddos-guard
date: Wed, 27 Oct 2021 01:13:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Fri, 26 Nov 2021 01:13:34 GMT

GET
H2 200 pop.js Show response
upstream.to/advertisement/ Frame 3428 38 B
263 B 180ms
179ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/advertisement/pop.js

Requested by

Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
etag: "60f02a43-26"
age: 389941
x-ddg-cachegen: 1622121238
content-length: 43
last-modified: Thu, 15 Jul 2021 12:29:55 GMT
server: ddos-guard
date: Wed, 27 Oct 2021 20:22:36 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
expires: Fri, 26 Nov 2021 20:22:36 GMT

GET
H/1.1 200
OK ubyl5rp3n7mt.jpg
s16.upstreamcdn.co/i/01/02010/ Frame 3428 21 KB
21 KB 1183ms
566ms Image
image/jpeg 54.36.168.71
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.upstreamcdn.co/i/01/02010/ubyl5rp3n7mt.jpg
Requested by: Host: upstream.to
URL: https://upstream.to/embed-ubyl5rp3n7mt.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.168.71 , France, ASN16276 (OVH, FR),
Reverse DNS: s16.upstream.to
Software: nginx /
Resource Hash: 5b2e4f8bb03a6897bbc6c25f907741f0f63988a9276e1357627b0ce63bbe4102

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:37 GMT
Last-Modified: Fri, 26 Mar 2021 12:17:06 GMT
Server: nginx
ETag: "605dd0c2-5366"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21350
Expires: Mon, 15 Nov 2021 08:41:37 GMT

GET adshow.php
adserver.juicyads.com/ Frame BA74 0
0

GET
H/1.1 200
OK adshow.php Show response
adserver.juicyads.com/ Frame BB91 4 KB
3 KB 1853ms
1339ms Document
text/html 185.94.237.74
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.juicyads.com/adshow.php?adzone=772775
Requested by: Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.74 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: d094a9ac42b9a6186ca0a456127ee38a7bcf7de9a4f5ba8eeb4e6e1fe4f44599

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Response headers

Server: nginx
Date: Mon, 01 Nov 2021 08:41:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET
H2 200 jwplayer.core.controls.js Show response
upstream.to/player8/ Frame 3428 270 KB
66 KB 61ms
61ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/jwplayer.core.controls.js

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

dc16507d0b5d446b5495424b83e8b4766c02b76a33b23255ca5697fee0af0bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aeac89-4361d"
age: 1470753
x-ddg-cachegen: 1622121238
content-length: 67296
last-modified: Wed, 26 May 2021 20:16:09 GMT
server: ddos-guard
date: Fri, 15 Oct 2021 08:09:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Sun, 14 Nov 2021 08:09:04 GMT

GET
H2 200 related.js Show response
upstream.to/player8/ Frame 3428 115 KB
26 KB 129ms
129ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/related.js

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

da7957f6fe0ac3c1d8431423709855a79936308b2fc81e9430fa0245e2399965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aeac8f-1caa1"
age: 1470791
x-ddg-cachegen: 1622121238
content-length: 26520
last-modified: Wed, 26 May 2021 20:16:15 GMT
server: ddos-guard
date: Fri, 15 Oct 2021 08:08:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Sun, 14 Nov 2021 08:08:27 GMT

GET
H2 200 provider.hlsjs.js Show response
upstream.to/player8/ Frame 3428 305 KB
85 KB 133ms
133ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/provider.hlsjs.js

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

bae1e80afed243a4045a0bf1bd23fd93e696e085d76181a00c0952bee864874e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"60aeac91-4c598"
age: 2532329
x-ddg-cachegen: 1622121238
content-length: 86815
last-modified: Wed, 26 May 2021 20:16:17 GMT
server: ddos-guard
date: Sun, 03 Oct 2021 01:16:09 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Tue, 02 Nov 2021 01:16:09 GMT

GET
H2 200 4999 Show response
a8cc179007.efe0df50ac.com/be59ac512f4ecc5cc106bd546cc0c80d/ 1 KB
761 B 356ms
356ms XHR
text/plain 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a8cc179007.efe0df50ac.com/be59ac512f4ecc5cc106bd546cc0c80d/4999
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d170a3bc260e3d403f8be539e1e95cfd416dc933bcaf29f623503feec435eb5b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
content-encoding: gzip
server: nginx/1.18.0
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:36 GMT
cache-control: max-age=3600
x-proxy-cache: EXPIRED

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
239 B 493ms
162ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:36 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3428 48 KB
20 KB 55ms
3ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49432491-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 4878
date: Mon, 01 Nov 2021 07:20:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 01 Nov 2021 09:20:18 GMT

GET
H2 200 empty.srt Show response
upstream.to/srt/ Frame 3428 42 B
237 B 320ms
320ms XHR
application/octet-stream 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/srt/empty.srt

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

f3adadb235f7ecab4a68f4d0961640c155c0d2057d28fe24e19d36b04904ddc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Sun, 03 Nov 2019 20:20:00 GMT
server: ddos-guard
etag: "5dbf3670-2a"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
date: Mon, 01 Nov 2021 08:41:36 GMT
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 42
expires: Wed, 01 Dec 2021 08:41:36 GMT

GET
H2 200 polyfills.webvtt.js Show response
upstream.to/player8/ Frame 3428 10 KB
4 KB 59ms
59ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/polyfills.webvtt.js

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

16841c6cb99efce1a44e8ce1e0e5a0c14de17c1638e552722e5acf641eb3ec37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aeac8c-2836"
age: 1470769
x-ddg-cachegen: 1622121238
content-length: 4238
last-modified: Wed, 26 May 2021 20:16:12 GMT
server: ddos-guard
date: Fri, 15 Oct 2021 08:08:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Sun, 14 Nov 2021 08:08:49 GMT

GET
H2 200 provider.cast.js Show response
upstream.to/player8/ Frame 3428 23 KB
8 KB 59ms
59ms Script
application/javascript 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/player8/provider.cast.js

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

274b159d1d23b6c5591efa72379d895d1e216aa9de86af428a142745b53a96dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "60aeac8c-5c9c"
age: 2573859
x-ddg-cachegen: 1622121238
content-length: 8246
last-modified: Wed, 26 May 2021 20:16:12 GMT
server: ddos-guard
date: Sat, 02 Oct 2021 13:43:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-headers: X-Requested-With
expires: Mon, 01 Nov 2021 13:43:59 GMT

GET
H/1.1 200
OK master.m3u8 Show response
s16.upstreamcdn.co/hls/,w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq,.urlset/ Frame 3428 469 B
816 B 953ms
385ms XHR
application/vnd.apple.mpegurl 54.36.168.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s16.upstreamcdn.co/hls/,w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq,.urlset/master.m3u8
Requested by: Host: upstream.to
URL: https://upstream.to/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.168.71 , France, ASN16276 (OVH, FR),
Reverse DNS: s16.upstream.to
Software: nginx /
Resource Hash: 0945ee0afc424b68195ee1322a200720458af93eed2c483bccd9b6ca1e03979e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:37 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx
ETag: "-1-1d5"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 469
Expires: Mon, 01 Nov 2021 20:41:37 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3428 4 KB
3 KB 150ms
105ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: upstream.to
URL: https://upstream.to/player8/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 08:41:36 GMT

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 3428 36 KB
12 KB 70ms
68ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/chrome-dongle
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Mon, 01 Nov 2021 08:41:36 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/95/ Frame 3428 52 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/95/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 04:32:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 23:31:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 02 Nov 2021 04:32:10 GMT

GET
H2 200 fc72ef8f2e4cbd208778875b883abef3.js Show response
a8cc179007.efe0df50ac.com/ 13 KB
5 KB 492ms
164ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a8cc179007.efe0df50ac.com/fc72ef8f2e4cbd208778875b883abef3.js
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:37 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:05:52 GMT
server: nginx/1.18.0
etag: W/"617aae40-32b9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:37 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 build.js Show response
js.cabnnr.com/banner-admanager/ 43 KB
16 KB 494ms
164ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cabnnr.com/banner-admanager/build.js
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:37 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 08:56:00 GMT
server: nginx/1.18.0
etag: W/"6167f0a0-adb5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:37 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 0d93c638cb56b24807f4b022bbf7d2fc.js Show response
a8cc179007.efe0df50ac.com/ 69 KB
22 KB 205ms
205ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a8cc179007.efe0df50ac.com/0d93c638cb56b24807f4b022bbf7d2fc.js
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/d489ea32e670c0b50d2fa191dfa2a421.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7b4182a3bba9b25c72fa13bde9f60ef1aee78cfde8877f87b812504e1f732dbc

Request headers

Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Origin: https://gaypornsex.men
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:37 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 14:40:29 GMT
server: nginx/1.18.0
etag: W/"617c07dd-1138d"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 01 Nov 2021 09:41:37 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 dip Show response
nereserv.com/in/ 0
145 B 777ms
259ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=5a8282df-cbd2-400c-8579-bb57c35163ee&subid=335450235&sid=317863132&spot_id=5582&created_at=2021-11-01&timezone=0&ver=4.2.0&is_native=1
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/0d93c638cb56b24807f4b022bbf7d2fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 Burgwedel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 01 Nov 2021 08:41:37 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
server: nginx/1.18.0
content-length: 0
vary: Origin

GET
H2 200 multy Show response
ntvpinp.com/in/ 2 KB
2 KB 1468ms
1005ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpinp.com/in/multy?wl=1&event_id=5a8282df-cbd2-400c-8579-bb57c35163ee&subid=335450235&sid=317863132&spot_id=5582&created_at=2021-11-01&timezone=0&ver=4.2.0&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-r-d&adblock=0&testab=0&timezone_olson=Etc%2FUnknown
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/0d93c638cb56b24807f4b022bbf7d2fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8353aa83e7f16580204e9b96fe4bd1e7097c00438161d1710c302b0d75f954c5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 08:41:38 GMT
server: nginx/1.18.0
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
content-length: 1881

GET
H2 200 dip Show response
nereserv.com/in/ 0
144 B 780ms
264ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=8bc1b096-0ffc-4aa0-a9df-30c53d121c52&subid=272110606&sid=826397194&spot_id=5463&created_at=2021-11-01&timezone=0&ver=4.2.0&is_native=1
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/0d93c638cb56b24807f4b022bbf7d2fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 Burgwedel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 01 Nov 2021 08:41:37 GMT
cache-control: no-transform, no-cache, no-store, must-revalidate
server: nginx/1.18.0
content-length: 0
vary: Origin

GET
H2 200 multy Show response
ntvpinp.com/in/ 2 KB
2 KB 1444ms
983ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpinp.com/in/multy?wl=1&event_id=8bc1b096-0ffc-4aa0-a9df-30c53d121c52&subid=272110606&sid=826397194&spot_id=5463&created_at=2021-11-01&timezone=0&ver=4.2.0&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-r-d&adblock=0&testab=0&timezone_olson=Etc%2FUnknown
Requested by: Host: a8cc179007.efe0df50ac.com
URL: https://a8cc179007.efe0df50ac.com/0d93c638cb56b24807f4b022bbf7d2fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9e7cda239f42af9520bc34a39520d01b76d70b17ceeacc0e9e1a06806a93ed74

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 08:41:38 GMT
server: nginx/1.18.0
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
content-length: 2052

GET
H2 404 ads.js Show response
upstream.to/advertisement/ Frame 3428 9 B
212 B 329ms
328ms XHR
text/html 185.178.208.135
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://upstream.to/advertisement/ads.js?adzone=popunder&popzone=34523729

Requested by

Host: upstream.to
URL: https://upstream.to/js/sUpload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.135 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/embed-ubyl5rp3n7mt.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 24 May 2021 13:19:47 GMT
server: ddos-guard
age: 3
etag: W/"9-5c313438049d7"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
date: Mon, 01 Nov 2021 08:41:37 GMT
accept-ranges: bytes
x-ddg-cachegen: 1622121238

GET
H/1.1 200
OK index-v1-a1.m3u8 Show response
s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/ Frame 3428 61 KB
62 KB 723ms
720ms XHR
application/vnd.apple.mpegurl 54.36.168.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/index-v1-a1.m3u8
Requested by: Host: upstream.to
URL: https://upstream.to/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.168.71 , France, ASN16276 (OVH, FR),
Reverse DNS: s16.upstream.to
Software: nginx /
Resource Hash: ab7f215f54907cfae94eda32396bc3a23340853e2068f73947586c93a8c4c516

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:37 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx
ETag: "-1-f4ff"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62719
Expires: Mon, 01 Nov 2021 20:41:37 GMT

GET
H2

200

1x1.png Show response
cdn.1vag.com/ Frame 6FF5
Redirect Chain

https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiNjU2MTI5MzU5Iiw...
https://btds.zog.link/in/912/?sid=11658&source=656129359&idzone=&w=1&h=1&mo=&ve=&site_id=11658&utm1=&utm2=&utm3=&utm4=&ad_tags=&spot_id=11658&p=https%3A%2F%2Fgaypornsex.men%2Fvideo%2Fdetail%2Fcoat-...
https://cdn.1vag.com/1x1.png

68 B
335 B

524ms
173ms

Document
image/png

213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.1vag.com/1x1.png
Requested by: Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq

Response headers

date: Mon, 01 Nov 2021 08:41:39 GMT
content-type: image/png
content-length: 68
server: nginx/1.18.0
last-modified: Wed, 15 Apr 2020 13:30:15 GMT
etag: "5e970c67-44"
cache-control: max-age=3600
x-request-id: 86df3a5c40ef9717f3e54593d6bb16f6
expires: Mon, 01 Nov 2021 09:41:39 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

server: nginx/1.17.2
date: Mon, 01 Nov 2021 08:41:38 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://cdn.1vag.com/1x1.png
vary: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache

GET
H2 200 33482-1565950536-0787326001565950536.jpg
ads-g.juicyads.com/network/user500/ Frame BB91 40 KB
40 KB 130ms
30ms Image
image/jpeg 2a03:90c0:9995::9995
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads-g.juicyads.com/network/user500/33482-1565950536-0787326001565950536.jpg
Requested by: Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=772775
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9995::9995 , Singapore, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 10379fed273d0812cb4fb0c372370caee7321745853bfbdf9e290aa8d2f40891

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://adserver.juicyads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-id: cc1-up-gc23
date: Mon, 01 Nov 2021 08:41:38 GMT
last-modified: Fri, 16 Aug 2019 10:15:36 GMT
server: nginx
etag: "5d568248-9e0f"
x-cached-since: 2021-10-30T14:13:53+00:00
content-type: image/jpeg
cache: HIT
accept-ranges: bytes
content-length: 40463

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/ Frame 3428 65 KB
65 KB 355ms
355ms XHR
video/mp2t 54.36.168.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/seg-1-v1-a1.ts
Requested by: Host: upstream.to
URL: https://upstream.to/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.168.71 , France, ASN16276 (OVH, FR),
Reverse DNS: s16.upstream.to
Software: nginx /
Resource Hash: cd906e7ff44d255608078a9905384f40496f627f0e4b6a735aa46e88d34d419c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:38 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx
ETag: "-1-103f8"
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66552
Expires: Mon, 01 Nov 2021 20:41:38 GMT

GET
BLOB 200
OK c7d94e35-b254-49b5-be5e-ea838e83c10d
https://upstream.to/ Frame 3428 66 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://upstream.to/c7d94e35-b254-49b5-be5e-ea838e83c10d
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38a0682f8453d3ecdd700ed8b115bacd4ade7284b74d5204ebd2882104cd680

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 68010
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23A6 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SG_2b05828f1853b06660d931ef6e0ed27f23543bcd.webp
static.bookmsg.com/creatives/SG/ Frame 23A6 2 KB
2 KB 774ms
265ms Image
image/webp 88.198.204.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_2b05828f1853b06660d931ef6e0ed27f23543bcd.webp
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-166.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: b99f00c37babd03643c50c3432678687a642153e0a8d57a19ebfd3bf90d6c03d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:39 GMT
last-modified: Mon, 30 Nov 2020 08:59:25 GMT
server: nginx/1.18.0
etag: "5fc4b46d-73a"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 1850

GET
DATA 200
OK truncated
/ Frame 23A6 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

SG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp
static.bookmsg.com/creatives/SG/ Frame 23A6
Redirect Chain

https://ntvpever.com/in/show/?mid=3801088811&pid=0&site=native-push&sc=JP&subid=272110606&sid=826397194&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=0&ver=4.2.0&ver_c=&refdom=g...
https://static.bookmsg.com/creatives/SG/SG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp

542 B
698 B

261ms
261ms

Image
image/webp

88.198.204.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Server: 88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-166.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 6325c875f65edbb526bb04d5f0ef14ceeeaeec2991426ca1d62f8e9588dcca28

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:39 GMT
last-modified: Mon, 30 Nov 2020 08:59:25 GMT
server: nginx/1.18.0
etag: "5fc4b46d-21e"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 542

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 08:41:39 GMT
server: nginx/1.18.0
access-control-allow-origin: *
vary: Origin
location: https://static.bookmsg.com/creatives/SG/SG_2b05828f1853b06660d931ef6e0ed27f23543bcd_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1396 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
static.bookmsg.com/creatives/US/ Frame 1396
Redirect Chain

https://ntvpever.com/in/show/?mid=2936700460&pid=0&site=native-push&sc=JP&subid=335450235&sid=317863132&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=0&ver=4.2.0&ver_c=&refdom=g...
https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp

590 B
746 B

260ms
260ms

Image
image/webp

88.198.204.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
Requested by: Host: gaypornsex.men
URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
Protocol: H2
Server: 88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-166.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 08:41:39 GMT
last-modified: Tue, 24 Nov 2020 14:24:12 GMT
server: nginx/1.18.0
etag: "5fbd178c-24e"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 590

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 08:41:39 GMT
server: nginx/1.18.0
access-control-allow-origin: *
vary: Origin
location: https://static.bookmsg.com/creatives/US/US_34c3a6403004486b593fb6a3428d7a2748437f4f_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/ Frame 3428 65 KB
65 KB 322ms
322ms XHR
video/mp2t 54.36.168.71
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s16.upstreamcdn.co/hls/w47rz637snbnx2nro3qkcrfji26mcdmpmbieajd6bvwz6zocbwm2chiyssaq/seg-2-v1-a1.ts
Requested by: Host: upstream.to
URL: https://upstream.to/player8/provider.hlsjs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.36.168.71 , France, ASN16276 (OVH, FR),
Reverse DNS: s16.upstream.to
Software: nginx /
Resource Hash: d5a58ad9743b3e4b08051e3fe8f37893669bd0a65fdf89bd12a0e980b020adf3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://upstream.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:39 GMT
Last-Modified: Sun, 11 Sep 2000 09:00:00 GMT
Server: nginx
ETag: "-1-103f8"
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66552
Expires: Mon, 01 Nov 2021 20:41:39 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 692d961256981374.jpg
thumbs2.imagebam.com/bc/19/8c/ 24 KB
25 KB 1018ms
498ms Image
image/jpeg 103.252.221.5
HWSPL-AS-AP HostP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs2.imagebam.com/bc/19/8c/692d961256981374.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.252.221.5 Philadelphia, United States, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS: hosted-by.host-palace.com
Software: nginx/1.14.2 /
Resource Hash: 8d521790c72992f8538f13cbf0279cdfab1ccc3dd72bfb6b5a83d08773e5bb7e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:40 GMT
last-modified: Fri, 21 Jun 2019 03:53:53 GMT
Server: nginx/1.14.2
etag: "264ed26c5-60fb-58bcd69321640"
X-Cache: HIT
Content-Type: image/jpeg
X-Whom: srv1583
Accept-Ranges: bytes
Content-Length: 24827

GET
H/1.1 200
OK 1f95e51256981404.jpg
thumbs2.imagebam.com/71/f0/61/ 26 KB
26 KB 1042ms
512ms Image
image/jpeg 103.252.221.5
HWSPL-AS-AP HostP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs2.imagebam.com/71/f0/61/1f95e51256981404.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.252.221.5 Philadelphia, United States, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS: hosted-by.host-palace.com
Software: nginx/1.14.2 /
Resource Hash: 3439591f65104d5a79694a55c60f9e3b5215918af77f3c8e5ee3c951e9d5b8a4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:40 GMT
last-modified: Fri, 21 Jun 2019 03:53:54 GMT
Server: nginx/1.14.2
etag: "264e0b125-66c4-58bcd69415880"
X-Cache: HIT
Content-Type: image/jpeg
cache-control: max-age=10712930
X-Whom: srv1535
Accept-Ranges: bytes
Content-Length: 26308
expires: Sat, 19 Feb 2022 11:40:17 GMT

GET
H/1.1 200
OK 692d961256981374.jpg
thumbs2.imagebam.com/bc/19/8c/ 24 KB
25 KB 250ms
250ms Image
image/jpeg 103.252.221.5
HWSPL-AS-AP HostP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs2.imagebam.com/bc/19/8c/692d961256981374.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.252.221.5 Philadelphia, United States, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS: hosted-by.host-palace.com
Software: nginx/1.14.2 /
Resource Hash: 8d521790c72992f8538f13cbf0279cdfab1ccc3dd72bfb6b5a83d08773e5bb7e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:40 GMT
last-modified: Fri, 21 Jun 2019 03:53:53 GMT
Server: nginx/1.14.2
etag: "264ed26c5-60fb-58bcd69321640"
X-Cache: HIT
Content-Type: image/jpeg
X-Whom: srv1583
Accept-Ranges: bytes
Content-Length: 24827

GET
H/1.1 200
OK 1f95e51256981404.jpg
thumbs2.imagebam.com/71/f0/61/ 26 KB
26 KB 258ms
257ms Image
image/jpeg 103.252.221.5
HWSPL-AS-AP HostP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumbs2.imagebam.com/71/f0/61/1f95e51256981404.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.252.221.5 Philadelphia, United States, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS: hosted-by.host-palace.com
Software: nginx/1.14.2 /
Resource Hash: 3439591f65104d5a79694a55c60f9e3b5215918af77f3c8e5ee3c951e9d5b8a4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 08:41:40 GMT
last-modified: Fri, 21 Jun 2019 03:53:54 GMT
Server: nginx/1.14.2
etag: "264e0b125-66c4-58bcd69415880"
X-Cache: HIT
Content-Type: image/jpeg
cache-control: max-age=10712930
X-Whom: srv1535
Accept-Ranges: bytes
Content-Length: 26308
expires: Sat, 19 Feb 2022 11:40:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=772775

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gaypornsex.men/	1970-01-19 22:22:43	Name: XSRF-TOKEN Value: eyJpdiI6InRQZ0JYRXhaMjlDQ01qNW5XdTFYZ0E9PSIsInZhbHVlIjoiMTFmVUxZQ2ZCSkxqL25tY09nQjBkK1NJaWpCS2l3WjNkRVdGUlNIYWpiTktpc0ZEd05GaDF2L2oyTDZKTGo1aTF1SzY1WU12aFpUNm1IbW1LQjBOYTNCeWtHZVVUVGY3dFF2ZGxuY013ZURSQ0NhTHNLek5tSksvYzJQYWgybzUiLCJtYWMiOiIxMTZlYTAxNDA3YTFmY2ZmMTNmNjc2Y2NkOTFhM2EyNzRmMWNkZDYxODE5ZDA3MzNmODY1NWM1Njg2ZmJjYjM4In0%3D
gaypornsex.men/	1970-01-19 22:22:43	Name: laravel_session Value: eyJpdiI6IkhiT1NGaWJhQVJHV05ZeitLS1oxM0E9PSIsInZhbHVlIjoidDJwcmpJZUtudjA4d2hlK2FkNFAvaWx4SnFUZExTYWlpcDRzallicENKMHpkVmgvdFZhdkRDUnZRaGtVaTVZK0QzUG0yOWhRdTFwMlVyVW9UV2UrK3I4Wmg4OCtDclZxdlp5V09BdENNRXMzbFJ6ak8rakZFNldFVHJ3WkpkbDQiLCJtYWMiOiI2ODkzNjQ0ZDFmMWY5MTk4NTA3MDcyNzc4OTYyNjE0ZjBkNzlmZmM1ZjQwNzg1Yjk2Yjg0ZWIyMDZjNTNkMjA3In0%3D
gaypornsex.men/	1970-01-20 07:51:24	Name: __atuvc Value: 1%7C44
gaypornsex.men/	1970-01-19 22:22:37	Name: __atuvs Value: 617fa83fa80051bc000
.addthis.com/	1970-01-20 07:51:24	Name: uvc Value: 1%7C44
.addthis.com/	1970-01-20 07:44:12	Name: ouid Value: 617fa83f00018ea1dda8ada134c46954f938aed1babc4778067a
.addthis.com/	1970-01-20 07:44:12	Name: di2 Value: aU~c^#&(z#%Pk#%If#$M`P9nP9lP9eM3qM3pM3oM3nM-tM-sM-_IDfI6y6Hq#1:R#19w#'7o
.addthis.com/	1970-01-20 07:44:12	Name: um Value: j.'2021110108413590300733421672'
.addthis.com/	1970-01-20 07:44:12	Name: uid Value: 617fa83f736ce0c2
.addthis.com/	1970-01-20 07:44:12	Name: na_id Value: 2021110108413590300733421672
.addthis.com/	1970-01-20 07:44:12	Name: vc Value: 2
.addthis.com/	1970-01-20 07:51:24	Name: loc Value: MDAwMDBBU0pQMTMyMTU2MzE5NzAwMTAwMDBDSA==
btds.zog.link/	1970-01-19 22:24:02	Name: 912.0 Value: 1

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://hqq.tv/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other	error	URL: https://upstream.to/embed-ubyl5rp3n7mt.html Message: Invalid 'X-Frame-Options' header encountered when loading 'https://upstream.to/': '1' is not a recognized directive. The header will be ignored.
network	error	URL: https://upstream.to/advertisement/ads.js?adzone=popunder&popzone=34523729 Message: Failed to load resource: the server responded with a status of 404 ()
worker	info	URL: blob:https://upstream.to/c7d94e35-b254-49b5-be5e-ea838e83c10d Message: [log] > manifest codec:mp4a.40.2,ADTS data:type:2,sampleingIndex:3[48000Hz],channelConfig:2
worker	info	URL: blob:https://upstream.to/c7d94e35-b254-49b5-be5e-ea838e83c10d Message: [log] > parsed codec:mp4a.40.5,rate:48000,nb channel:2
worker	info	URL: blob:https://upstream.to/c7d94e35-b254-49b5-be5e-ea838e83c10d Message: [log] > audio sampling rate : 48000
security	warning	URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq Message: Mixed Content: The page at 'https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq' was loaded over HTTPS, but requested an insecure element 'http://thumbs2.imagebam.com/bc/19/8c/692d961256981374.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq Message: Mixed Content: The page at 'https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq' was loaded over HTTPS, but requested an insecure element 'http://thumbs2.imagebam.com/71/f0/61/1f95e51256981404.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq Message: Mixed Content: The page at 'https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq' was loaded over HTTPS, but requested an insecure element 'http://thumbs2.imagebam.com/bc/19/8c/692d961256981374.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq Message: Mixed Content: The page at 'https://gaypornsex.men/video/detail/coat-hello-5th-season-hello-soshi-5th-season-dh3vuwk3dq' was loaded over HTTPS, but requested an insecure element 'http://thumbs2.imagebam.com/71/f0/61/1f95e51256981404.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8cc179007.efe0df50ac.com
ads-g.juicyads.com
adserver.juicyads.com
btds.zog.link
cdn.1vag.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gaypornsex.men
gtube.men
hqq.tv
images.gtube.men
js.cabnnr.com
js.wpadmngr.com
m.addthis.com
nereserv.com
ntvpever.com
ntvpinp.com
rtbbnr.com
s16.upstreamcdn.co
s7.addthis.com
static.bookmsg.com
thumbs2.imagebam.com
upstream.to
v1.addthisedge.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
adserver.juicyads.com
s7.addthis.com
103.252.221.5
104.23.130.4
168.119.25.22
185.178.208.135
185.94.237.74
213.174.135.25
23.45.60.123
23.51.210.213
2404:6800:4004:80c::2003
2404:6800:4004:80f::2008
2404:6800:4004:81e::200a
2404:6800:4004:81f::200e
2404:6800:4004:826::2003
2606:4700:3032::ac43:c51e
2606:4700:3033::6815:5cbb
2606:4700:3034::6815:27bc
2606:4700::6810:135e
2a01:4f8:c0:33d8::1
2a01:4f8:e0:19cb::1
2a02:128:7:4715::2
2a03:90c0:9995::9995
54.36.168.71
88.198.204.166
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0945ee0afc424b68195ee1322a200720458af93eed2c483bccd9b6ca1e03979e
0a59262756f1ac3ac0d80f30f8c5eb406d27929ccdcff324a0ffeda268b9889c
10379fed273d0812cb4fb0c372370caee7321745853bfbdf9e290aa8d2f40891
11b8a7bb7b716d6212afcedaaaa981ee477b1b378a66a199dd897d80b0b153d3
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
16841c6cb99efce1a44e8ce1e0e5a0c14de17c1638e552722e5acf641eb3ec37
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
25cf23ed6b14156fbf5c4e1e15dd8dfef559f72df468352d8c4c293d2ce21155
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
274b159d1d23b6c5591efa72379d895d1e216aa9de86af428a142745b53a96dc
2c1fa8d90a4037b759e005c9216c36bdbf4ff3c695b4d31ccce7cc00ff403532
2e9c06706597aa91fe358cfdea02caf63bdb84140e4503989bac07c7f2811565
316b0051402e60172f1f22cc8e700eead114d301988f25b694628518b2632b75
3263e4378100c902c58d4024d324c6485e8f89fb86448bf7616ef6080a221c98
3439591f65104d5a79694a55c60f9e3b5215918af77f3c8e5ee3c951e9d5b8a4
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
4878a9312e744716a5caafd2d92707311690f250cba57e41531b4fd084e091e0
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
57a1b056b9e2caff0470d719b5d5fdc57988aed811ddd0b5eb925c6e151655f2
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5b2e4f8bb03a6897bbc6c25f907741f0f63988a9276e1357627b0ce63bbe4102
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
6325c875f65edbb526bb04d5f0ef14ceeeaeec2991426ca1d62f8e9588dcca28
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64ec438fb93dd924b2e8b942047ec7848d59fbfe3a986543b73df637f9d1f6be
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
76712caa880a80628c01960a083aac9bfa5decef2cf77fd0d0e3259e11637f63
7aca39e107e57716919735be5047a7777e1f4451553cb4d28c7608acc08b4813
7b4182a3bba9b25c72fa13bde9f60ef1aee78cfde8877f87b812504e1f732dbc
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7df02cbdad5be43843d5494d69649e6d3f15d3695b279f032af44c76c76afa5d
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
8353aa83e7f16580204e9b96fe4bd1e7097c00438161d1710c302b0d75f954c5
842b4a273b6a3e762330b007ac0b2de6ea7a81def5c309abb8b86ca2717e8a0b
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8d521790c72992f8538f13cbf0279cdfab1ccc3dd72bfb6b5a83d08773e5bb7e
8ffaa73818038726b1178c18e4d06259d9a7b49cb88830946dce416b65c92840
92c2d676389972c14595b6795d62803db6d8b5786d71cb65472c9e33657aba35
99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e
9cf612bd02b735cfbc5fd2ce98492593d8a0beace0dd7982bad9b1b5ddc5eedf
9e7cda239f42af9520bc34a39520d01b76d70b17ceeacc0e9e1a06806a93ed74
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96
a2dd7ad310e18233300d631121947c2a1a348dfab40f7dacc522d185025bb760
a7b7d76f345d70748cf215af46624df81f2e411780939b3fb35546c6638c9ed9
ab7f215f54907cfae94eda32396bc3a23340853e2068f73947586c93a8c4c516
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
b74a58316385de04b054737776e71c160cd60d2d01b5440b32c21651fb0ab8d3
b99f00c37babd03643c50c3432678687a642153e0a8d57a19ebfd3bf90d6c03d
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c
bae1e80afed243a4045a0bf1bd23fd93e696e085d76181a00c0952bee864874e
c2443b0a74b25158756abb7aa12832e5442adab247aab6e24514f54396c72579
c91a75b4331f5f78cdb3b1264724d73a79d10c83d0bd186261a7f7a2b8d04f1e
c9861aadce98ebdc5a95cdc17ebf871790c264ce986099b999e22b7aab54ef16
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
ca1237faa559c43589e706ccafeaee31392750a59a38672b1528e53e7d4b8060
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021
cd906e7ff44d255608078a9905384f40496f627f0e4b6a735aa46e88d34d419c
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
d06c0caa8631380ddcef124a4305228a4f2a1de526e99b64536a78fee1b15e6b
d094a9ac42b9a6186ca0a456127ee38a7bcf7de9a4f5ba8eeb4e6e1fe4f44599
d170a3bc260e3d403f8be539e1e95cfd416dc933bcaf29f623503feec435eb5b
d38a0682f8453d3ecdd700ed8b115bacd4ade7284b74d5204ebd2882104cd680
d5a58ad9743b3e4b08051e3fe8f37893669bd0a65fdf89bd12a0e980b020adf3
d8673d2db014059392fd90b879d3032be233944f674c9c505b09408751d6e938
da7957f6fe0ac3c1d8431423709855a79936308b2fc81e9430fa0245e2399965
dc16507d0b5d446b5495424b83e8b4766c02b76a33b23255ca5697fee0af0bf4
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f34499f5ee344b0f583deb61cee61db7d0c58c7711a7ee9f8bbbdeab8c978703
f3adadb235f7ecab4a68f4d0961640c155c0d2057d28fe24e19d36b04904ddc6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

gaypornsex.men Open in urlscan Pro 2606:4700:3034::6815:27bc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

76 Requests

93 %HTTPS

57 %IPv6

25 Domains

29 Subdomains

22 IPs

10 Countries

1625 kBTransfer

4164 kBSize

13 Cookies

9 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 37 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gaypornsex.men Open in urlscan Pro
2606:4700:3034::6815:27bc Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

93 %
HTTPS

57 %
IPv6

25
Domains

29
Subdomains

22
IPs

10
Countries

1625 kB
Transfer

4164 kB
Size

13
Cookies

76 HTTP transactions
37 data transactions