1st-studio.waplist.eu Open in urlscan Pro
2606:4700:3035::ac43:b347  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 1st-studio.waplist.eu/	10 KB 4 KB	204ms 154ms	Document text/html	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62605f62c1fa0e737b2f2df897cf19e15e8c7ad0d880d83b507b38d411595d28 Security Headers Name Value X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 711885450bd4900d-FRA content-encoding br content-type text/html date Thu, 26 May 2022 18:19:42 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sd58QR2HzCQkwOrLLetXUQWSMbBaCFPfnW6BQgJsvT4YWs5hRcoEcpHwkqmGdXvf7rcZ9BlEmxTJvGeKFQklWS%2FAGKPl%2BnwB%2FxcqfgCXZ6CI3m0FoOn33ztgaZP4s7%2FZkCYqohOlg%2BNSnAwZ5S6slPcb0Jc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options DENY
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/	156 KB 25 KB	91ms 44ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://1st-studio.waplist.eu/ Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 864 access-control-allow-origin * cdn-cachedat 03/08/2022 20:52:45 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:09 GMT server cloudflare cdn-requestpullcode 200 etag W/"7cc40c199d128af6b01e74a28c5900b0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5047513f11922b4673386620365a24ca cf-ray 7118854649859097-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/	56 KB 11 KB	70ms 24ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://1st-studio.waplist.eu/ Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 75939 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10022 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-de0a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F83tr2gbBo4%2Fe9bvs14fTJ%2BaBqRrSllnG4ADvz%2B1GX7aaxcgtWh9dCb5O%2BiwW91dqYSehmv6XOmpUSjFckU5psFmIU82%2FFsFYaGyL%2FF%2BF7oNMnhg8Ont8gLYqyYsguPb%2BkbN1%2FGTEZCg4j1OrdH%2FaVwZ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 711885464c8b9bd6-FRA expires Tue, 16 May 2023 18:19:42 GMT
GET H2	200	7.css waplist.eu/css/	2 KB 1 KB	60ms 25ms	Stylesheet text/css	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waplist.eu/css/7.css?v=4 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7aa5bde2060b5b3cc444c393f746caddb18958b405465380596c6c497ec49a6 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 78618 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 18 Dec 2019 16:29:44 GMT server cloudflare etag W/"7f9-599fcf3c2ee00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFy0eHemWAxvmQBe1KzmxHt6nWmKjO1rau34MfzDuapjMjJXf5oJBoxpzTKxgWldsoFEjyWofqUxdLCVxY1CzAlmCoHaj5fLpV41ee%2BInVnv1svrgSDtwXEcQMgELM7LLfCzbaffON8Y"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 711885463810900d-FRA expires Wed, 01 Jun 2022 20:29:24 GMT
GET H2	200	invisible.js Show response 1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/scripts/	43 KB 16 KB	31ms 29ms	Script application/javascript	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1653588000 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d45f269bbea2f0aee49c7bc43df5d8d5dce5ff82d43bb73a84144c6f0402835 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUReg16wZ2HwoOipsTP7noRfjnuBOcGv1rnjHo9zrg2mOth7scOOw0787fT%2Bs5U6nWJoaEFYRcMKaoxLIsCvV%2Fvi973PN2TjsCX99Lh%2BSsrWGmcVQJnD4p%2FQTk8zlXHfTzD%2BzYY024stJ45Ab3Rvy5gbPxI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 711885462fd2900d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	jailbaittop_1.gif xfap.sextgem.com/PICS/	35 KB 36 KB	190ms 127ms	Image image/gif	54.36.158.42 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://xfap.sextgem.com/PICS/jailbaittop_1.gif Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 54.36.158.42 Paris, France, ASN16276 (OVH, FR), Reverse DNS lb.xtgem.com Software / Resource Hash 50a69e6e23fdba24d6f29b84e015cbb8e27255893e84f637dcc2fe0ce6bbb1ce Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT X-Ngz 1 Last-Modified Thu, 11 Nov 2021 17:45:48 GMT ETag "8ce3-5d086e9b26007" Content-Type image/gif Cache-Control max-age=2592000 Content-Length 36067 Expires Sat, 25 Jun 2022 18:19:42 GMT
GET H/1.1	200 OK	modeltop468.gif xfap.sextgem.com/	38 KB 38 KB	174ms 112ms	Image image/gif	54.36.158.42 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://xfap.sextgem.com/modeltop468.gif Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 54.36.158.42 Paris, France, ASN16276 (OVH, FR), Reverse DNS lb.xtgem.com Software / Resource Hash ae792c01c41d765d570a317a6172af4e0ed7a150eb8b3ceabd699a462824e8a4 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT X-Ngz 1 Last-Modified Fri, 12 Nov 2021 13:56:42 GMT ETag "977e-5d097d43a8da1" Content-Type image/gif Cache-Control max-age=2592000 Content-Length 38782 Expires Sat, 25 Jun 2022 18:19:42 GMT
GET H/1.1	200 OK	180627029_x-mobi-x.gif img49.pixhost.to/images/165/	31 KB 32 KB	119ms 54ms	Image image/gif	94.229.35.89 DATANETWORKS
General Check archive.org Show headers Download Go to Show image Full URL https://img49.pixhost.to/images/165/180627029_x-mobi-x.gif Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.229.35.89 Dunajska Luzna, Slovakia, ASN48326 (DATANETWORKS, SK), Reverse DNS s7.euroshare.eu Software nginx/1.18.0 (Ubuntu) / Resource Hash 8ad28971ad69a805956470075019fde67e0403d475c0ed65b3a643c410ad4a46 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT Last-Modified Wed, 09 Mar 2022 00:01:18 GMT Server nginx/1.18.0 (Ubuntu) ETag "6227ee4e-7cec" Content-Type image/gif Cache-Control max-age=604800, public Connection keep-alive Accept-Ranges bytes Content-Length 31980
GET H2	200	rocket-loader.min.js Show response 1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	23ms 22ms	Script application/javascript	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 25 May 2022 09:50:37 GMT server cloudflare etag W/"628dfbed-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDl4ceEFv4cDMhIoXE7SS9dpW3%2FZVymPya07c8g7ZFdtGrz9c9%2F1Ok80uaxAgPOcfbkufPwL1bTd0IElyIZ76k3jE8WMRlvRx2hFSdDMWn3P9jZVZ6X2Azm2ssj2Dmm82706wMLWdGhw0ylWmUf4aL8TYPI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 711885462fd6900d-FRA vary Accept-Encoding expires Sat, 28 May 2022 18:19:42 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	89ms 61ms	Script text/javascript	2606:4700:440e::6812:2fe6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer https://1st-studio.waplist.eu/ Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 7118854659d69a11-FRA
GET H2	200	cifra Show response pt.pwmctl.com/ Frame 5664	18 KB 6 KB	150ms 103ms	Document text/html	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash c2f084d52085b06a44f5f2c24c8ffa3ba782978cc2affa25f24642c300fc47bb Request headers Referer https://1st-studio.waplist.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 26 May 2022 18:19:42 GMT server unknown vary Accept-Encoding
GET H2	200	Tokyodoll_tv-8.mp4 Show response upvideo.to/e/fmwlfj8jb6vu/ Frame 9FA6	106 KB 16 KB	524ms 476ms	Document text/html	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 006027c6f0909e1f6d436a8c5b4882bd3507df54f9f3b98c041084c5665ec6a5 Request headers Referer https://1st-studio.waplist.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin * * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status BYPASS cf-ray 711885468d3190e0-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 26 May 2022 18:19:42 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkJzbQDqdIOfc0p4EfBC7yltLa1PFybBx%2FsUtd%2BOP4KFAlMZ9kSCokFbarKqt15xatozjAPjJYUijYbbjs%2BQ9th5EpMDLwK1me3GPvpuzYTBW8H%2Bczke3WmgXlbq"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/	74 KB 75 KB	44ms 23ms	Font application/octet-stream	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 79193 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 75728 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-127d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRtiH66fpLL5VUt%2F%2Fm5Q7fYyMEKJs8i%2FJgs5wLRuWTpKGL52XdUn4Xo8SmypHm8z7rlA5u103xwC%2F1wvlNCicthQWvZx6cuBKC0DBaj2vEDQaQagYGPXXwOfg9NCm1j9zcNscRQuHilZF%2BRP6ZkeUuFK"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71188546cca990d4-FRA expires Tue, 16 May 2023 18:19:42 GMT
GET H2	200	flag.js Show response widget.supercounters.com/ssl/	13 KB 4 KB	73ms 27ms	Script application/javascript	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.supercounters.com/ssl/flag.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a163f0eefc2aa40fba80c87cd391355bd5c9b8caaef9c732c81f747cbcc3b74 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br cf-cache-status HIT last-modified Thu, 03 Mar 2022 12:17:40 GMT server cloudflare age 2896 etag W/"6220b1e4-34b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTOQmh0S5UhzE27UuDvdvWLa1hS6HzBxwbXOsxd4cFVvzG2Q03ucMO44U0X6xAuUIaGyCpl4CVRw5n%2Bd1YymkTRZydIFOICgJPYptbHguiGoV7X7dNvp%2BvNgDbTlEn%2FcC3gcx%2FHl2xLTyVyhOc6ErjyeeKOY2Ik%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 711885471d869130-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	script Show response pt.pwmctl.com/cifra/	2 KB 2 KB	23ms 22ms	Script application/javascript	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt.pwmctl.com/cifra/script?id=awe-customiframe-container&row=1&column=2&border=6&wide=1&padding=6px&model=insidehover&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&legacyRedirect=1 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 49ce8a4dbb42213b6b6f3c77698dd1013f982b0fd97d2a84de0b8dd21f346a4e Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT cache-control no-cache server unknown content-type application/javascript
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 967 B	150ms 63ms	Script text/javascript	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7eb0d21ad8b5f6db08f3b4ae96aa3e92a7923fe25b8da9cca40cecd9474725d7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Thu, 26 May 2022 18:19:42 GMT
GET H2	200	LogRocket.min.js Show response cdn.lr-ingest.io/	37 KB 11 KB	85ms 40ms	Script text/javascript	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.io/LogRocket.min.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a9b67d525db8715d6b09be00cbf5199dcea99697a432008ff2c27de632cc1b9 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://1st-studio.waplist.eu/ Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31556926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19125-FRA last-modified Thu, 26 May 2022 17:51:58 GMT server cloudflare x-timer S1653589183.590860,VS0,VE0 etag W/"1642d2ddb5da683491ec733b9757db8590222e757f1cc90c791b7250c44f4612" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTVU99Lvt6gwU1UJDBRZifjCPno68QNfFkdlxhBt%2FI7AAB%2FQcY69kaY8asXWhLlYxjFvbTIB1CLJprtRhvUVVRI1JUiguKN0582%2BqIXiX1j6Pyyiqp7%2BvDqt%2F3GhP7dc%2BmC1mFNtlwuw2tfc5Tqn"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 711885471c52900c-FRA x-cache-hits 18
GET H/1.1	200 OK	ads.js Show response a.realsrv.com/	2 KB 1 KB	71ms 14ms	Script application/javascript	2001:4de0:ac19::1:b:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/ads.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash b300bf1cad50f8afd2712de0ba4aa2277bf5607d07dd2cbee450e1579a8ccec7 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT Content-Encoding gzip Server nginx etag W/"f4fddb85b686269b678e3caf766" X-HW 1653589182.dop131.am5.t,1653589182.cds226.am5.shn,1653589182.cds226.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 974
GET H/1.1	200 OK	popunder1000.js Show response a.realsrv.com/	94 KB 40 KB	73ms 17ms	Script application/javascript	2001:4de0:ac19::1:b:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/popunder1000.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7b3a25f46e182f7b7c98d8b8412c8db0ca7ae8fb4fd02159a986f73327d69821 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT Content-Encoding gzip Server nginx etag W/"717d1e695e18ae1f91654dda15a" X-HW 1653589182.dop208.am5.t,1653589182.cds203.am5.shn,1653589182.dop208.am5.t,1653589182.cds130.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 40330
GET H/1.1	200 OK	fp-interstitial.js Show response a.realsrv.com/	28 KB 9 KB	73ms 15ms	Script application/javascript	2001:4de0:ac19::1:b:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/fp-interstitial.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 734be13de1318175142b0cf78140bc166e4a78c09fe64ca9dc7c6944cac305bb Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:42 GMT Content-Encoding gzip Server nginx etag W/"c8235d0460f36838d9faddcb21d" X-HW 1653589182.dop136.am5.t,1653589182.cds007.am5.shn,1653589182.cds007.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Access-Control-Allow-Credentials true Connection Keep-Alive Accept-Ranges bytes Content-Length 8389
GET H2	200	js Show response www.googletagmanager.com/gtag/	100 KB 39 KB	138ms 53ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-58825785-33 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d75b2bc534781cf8382136a26bb4e298f05d2050d470bb1d9207156512697a3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39500 x-xss-protection 0 last-modified Thu, 26 May 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 26 May 2022 18:19:42 GMT
GET H3	200	pica.js 1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/scripts/	20 KB 8 KB	28ms 28ms	Other application/javascript	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eedfec9491add69126582c2400f339726909ceb0b734e9d1e94b1a2d9f15b869 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGuGMVACgCHQ%2FD0ABxdhqgVQp3Re9p874E%2Fvj5qipzpz0ulRwyh12XmWKxvo%2Bb6B7jKAWsXezWAwfDlZW7ST%2F1kgmaL1QZ7cNRp9GQcrFkpsjU4w6%2Br%2F0xQW1T5p8wWwpMjJfL1ZyXthZ9dBd5uvQBUhTnU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=604800, public x-control-type-options nosniff cf-ray 71188546d9a19c0a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	advertisement-v250987.js Show response pt-static1.ptlwmstc.com/_common/script/adblock/ Frame 5664	21 B 224 B	39ms 6ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.ptlwmstc.com/_common/script/adblock/advertisement-v250987.js Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT last-modified Thu, 26 May 2022 09:29:27 GMT server unknown etag "628f4877-15" x-cache-status R-HIT content-type application/javascript access-control-allow-origin * accept-ranges bytes content-length 21
GET H2	200	cifra-v250987.css pt-static5.ptlwmstc.com/cifra/styles/ Frame 5664	13 KB 3 KB	37ms 6ms	Stylesheet text/css	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static5.ptlwmstc.com/cifra/styles/cifra-v250987.css Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 3bf48b2fa1a1d7bc2dea03652e6cea6c747908a2ec194ddfe2a96d7c9feb21b8 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip last-modified Thu, 26 May 2022 09:29:28 GMT server unknown etag W/"628f4878-3352" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin *
GET H2	200	cifrafk-v250987.js Show response pt-static1.ptlwmstc.com/cifra/script/ Frame 5664	317 KB 114 KB	44ms 12ms	Script application/javascript	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://pt-static1.ptlwmstc.com/cifra/script/cifrafk-v250987.js Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 00c836d7881bc0698906efc0d88cb2fe6eaeb775151729d8e0890a5e42b1ab5f Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip last-modified Thu, 26 May 2022 09:29:28 GMT server unknown etag W/"628f4878-4f315" x-cache-status R-HIT vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin *
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 5664	123 KB 43 KB	87ms 86ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c4881cbb1e069c9f3837fff609db8098cf9052195fdeab4b0ae210c6905a1220 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44061 x-xss-protection 0 last-modified Thu, 26 May 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 26 May 2022 18:19:42 GMT
GET H2	200	H4Y.gif pt.pwmctl.com/MQUAF/ Frame 5664	43 B 296 B	10ms 10ms	Image image/gif	93.93.51.191 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt.pwmctl.com/MQUAF/H4Y.gif?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&campaign_id=&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&categoryName=girl&cobrandId=246032&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0 Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server unknown content-type image/gif access-control-allow-origin * cache-control no-cache content-length 43 expires Thu, 26 May 2022 18:19:41 GMT
GET H2	200	cbbe7a44feece1ee28137ee7fe2b84c1_glamour_445x250.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/ Frame 5664	14 KB 14 KB	28ms 7ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1c/cbbe7a44feece1ee28137ee7fe2b84c1_glamour_445x250.jpg?cno=b972 Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash a8e8da07ce1c6ec80e8f096bd2e890734dc6f6b00267a0ff58ba87d0532eeca7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT x-content-type-options nosniff last-modified Tue, 24 May 2022 04:02:24 GMT server unknown etag "2f0e54450c1be010608d86065e1dc286" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 x-cache-source Origin x-real-source - accept-ranges bytes content-length 14479 expires Thu, 09 Jun 2022 18:19:42 GMT
GET H2	200	37a1ebb06ea3619015dd16a883c846cc_glamour_445x250.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 5664	19 KB 19 KB	33ms 13ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f13/37a1ebb06ea3619015dd16a883c846cc_glamour_445x250.jpg?cno=4258 Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash e881fff1d19ac4af1785f5221366aa92cd8faee5cffb504adc8a10557093d512 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT x-content-type-options nosniff last-modified Wed, 13 Apr 2022 06:14:10 GMT server unknown etag "280ebe5cc9b857ce1b43c98b06f39978" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 x-cache-source Origin x-real-source - accept-ranges bytes content-length 19030 expires Thu, 09 Jun 2022 18:19:42 GMT
POST H3	200	711885450bd4900d Show response 1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/cv/result/	2 B 737 B	44ms 43ms	XHR text/plain	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/cv/result/711885450bd4900d Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1653588000 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://1st-studio.waplist.eu/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type application/json Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD%2BHGjZKHTvdQOYC%2BTTsqUg8QEFcJHn6FS2rAh7bkWonZUqCwEuZL98X6R8%2Bc%2F70T6%2BQirITjlL4wl5zPBX%2BfbtO9J5kmtOne%2FB1INQHDNWyRPD1uvr3U%2FBGnADMM6yqgZ478iWATCMWnl6YKNyEV8mEPNA%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 71188548fef39c0a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	smilies_ex.png pt-static1.ptlwmstc.com/image/ Frame 5664	8 KB 9 KB	7ms 7ms	Image image/png	93.93.51.200 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pt-static1.ptlwmstc.com/image/smilies_ex.png Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT last-modified Mon, 25 Apr 2022 13:43:51 GMT server unknown etag "6266a597-2155" x-cache-status R-HIT content-type image/png access-control-allow-origin * accept-ranges bytes content-length 8533
GET H2	200	1dabf6875e425dc690e2564dbc98494f_glamour_896x504.jpg galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/ Frame 5664	80 KB 81 KB	8ms 8ms	Image image/jpeg	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f11/1dabf6875e425dc690e2564dbc98494f_glamour_896x504.jpg Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 4ae554c13371f5d5587d1e20260864de034d77b0fe34aa99ce270e1870de639d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT x-content-type-options nosniff last-modified Wed, 11 May 2022 13:48:10 GMT server unknown etag "0c76151c6615cae95d28609388f438bc" x-cache-status R-HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=1209600 x-cache-source Origin x-real-source - accept-ranges bytes content-length 82278 expires Thu, 09 Jun 2022 18:19:42 GMT
GET H2	206	9ac270fa1da3015690407d28da203ab9.mp4 galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a10/ Frame 5664	3 MB 3 MB	14ms 13ms	Media video/mp4	93.93.51.190 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a10/9ac270fa1da3015690407d28da203ab9.mp4?pstool=212_1&psid=djsilver Requested by Host: pt.pwmctl.com URL: https://pt.pwmctl.com/cifra?psid=djsilver&psprogram=cbrnd&pstool=212_1&site=wl3&cobrandid=246032&campaign_id=&category=girl&row=1&column=2&background=A60000&fill=0&border=6&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=0&height=0&imageWidth=0&imageHeight=0&stream=1&start=1&performerList=&subaffid={SUBAFFID}&legacyRedirect=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 48fffe5f495273b66ed4329cb69435772f708459f4cd69b60d0b04911ada5b9a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://pt.pwmctl.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Range bytes=0- Response headers x-cdn-node defra date Thu, 26 May 2022 18:19:42 GMT x-content-type-options nosniff last-modified Mon, 23 May 2022 23:44:45 GMT server unknown access-control-allow-origin * etag "e3bf57f78f078a7fbbc51f4b0a15e471" x-cache-status R-HIT content-type video/mp4 Content-Range bytes 0-2633820/2633821 cache-control max-age=1209600 x-cache-source Origin x-real-source - Content-Length 2633821 expires Thu, 09 Jun 2022 18:19:42 GMT
GET DATA	200 OK	truncated / Frame 5664	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 5664	49 KB 20 KB	130ms 44ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 2697 date Thu, 26 May 2022 17:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 26 May 2022 19:34:46 GMT
GET H2	200	get Show response api-protected.protoawegw.com/v2/player/performer/ Frame 5664	295 B 482 B	99ms 49ms	Fetch application/json	93.93.51.225 DOCLER-AS
General Check archive.org Show headers Download Go to Full URL https://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&streamType=rtmp&category=girl&performerIds[]=StacyOwen Requested by Host: pt-static1.ptlwmstc.com URL: https://pt-static1.ptlwmstc.com/cifra/script/cifrafk-v250987.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU), Reverse DNS Software unknown / Resource Hash 1ff288cf091f5a2ed764445b0aa51ff2b6a59629e0f4550a4fa6484bb4b17415 Request headers accept-language de-DE,de;q=0.9 Referer https://pt.pwmctl.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding gzip server unknown vary Accept-Encoding access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE, PATCH content-type application/json access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type
GET H3	200	bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/ Frame 9FA6	137 KB 16 KB	26ms 17ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3698243 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15749 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:20 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04010-22485" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGsdh9sqKPgRhVTE%2FMkIpNfL%2FPhOQQABjjy%2BI1Z%2F%2FV13GqLeuC4kADosF5i%2Ftojx6Rlk82aY7JJm3vwdv0yf71daGRaxx%2BfHNu%2FuayQhnR1LNwTee3w48%2Fz93itf8kkfyO21nVY%2Fa7q7awT2xX5CQXVW"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 711885498fa95c6e-FRA expires Tue, 16 May 2023 18:19:42 GMT
GET H3	200	animate.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ Frame 9FA6	76 KB 4 KB	31ms 23ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.css Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 75890 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3779 timing-allow-origin * last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-12fb5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4e1MTZe6AKDste3U%2FJ2upmgTqU2JdrqpEK%2BlZItMeTRoGwNygeTFBzEM8sSIIk%2B7N%2BcSRnecK2xlaXBWZWK3B9r1x14PYCy%2Fuf34aRiDky8b1HrIfGOFgfwGZQHQPLitkz9WaKYzA0VYvRztIFrrjkbG"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 711885498fab5c6e-FRA expires Tue, 16 May 2023 18:19:42 GMT
GET H3	200	video-js.min.css upvideo.to/assets/player/ Frame 9FA6	59 KB 18 KB	91ms 65ms	Stylesheet text/css	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/player/video-js.min.css Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6c05666c31fe10ec0cc9277c52e7f99c9b3001badee96675fba4b940b5ebf7e Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1151 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 13 Apr 2021 20:43:46 GMT server cloudflare etag W/"60760282-ea9e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz2LWzUy%2FpCtVk5VOBjLjCOIdFwKBV5TxAUoj0tAIS8ht7JayS%2F8QmqLuHhrUp883Tpzja6ITdA1rltOHdS87bkzVEUQ2Jmzd0Bh76FpFa7c4mGO9ZC4wyTqJj%2B5"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ab9a9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	skin.css upvideo.to/assets/player/ Frame 9FA6	31 KB 7 KB	67ms 42ms	Stylesheet text/css	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/player/skin.css Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c07e0f764d7d5b4aa4cfa14efad77ec1b9d2ee5542c49ab0d6a24e379529286 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 755 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 09 Mar 2021 08:53:53 GMT server cloudflare etag W/"604737a1-7c3b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FJTMfNxMFtSrEZAaguQncY0A36UMy3rSQ6QftMONtAzxla3K%2B1N92SU5KuVrygICYNg36y1mMh5nmBPmk0Ma1yQBJYQTEj6z%2FZnttEMfe09xvGo5s5UFeqkc89A"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ab969004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	jquery.min.js Show response upvideo.to/assets/js/ Frame 9FA6	94 KB 34 KB	53ms 28ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/jquery.min.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1151 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 Jan 2020 19:46:04 GMT server cloudflare etag W/"5e16317c-1762a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow9A1xGAfbkB%2BpIAQgkX5RIbHvzlB%2BG%2FLzlK11qnbnfFHeeHAcv1SgINZVYusfuP08n%2FNVSA9irwyQU20PmeW5%2BZEdwZIJTrZ4pG9DgYmalXlLzWZSyjPiPmxPRy"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ab999004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	videojs-ie8.min.js Show response cdnjs.cloudflare.com/ajax/libs/video.js/6.13.0/ie8/ Frame 9FA6	27 KB 9 KB	22ms 15ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/video.js/6.13.0/ie8/videojs-ie8.min.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2490204 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8127 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:35 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0401f-6a8f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIHfJnYmW2ZhyMENS0c9%2BClMsRuRSJPiYJnP%2FxNfPBUE1IO3pOyhE9qLGcc2WlDbsB48RqwSuWwQtjpy3iIgp4PxHijxZHqah7m16rUiTbThC9eA711TpYimo4CNhFurtVu7JeYKgZyZRJxuH7KVR9OH"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 711885498fa75c6e-FRA expires Tue, 16 May 2023 18:19:42 GMT
GET H/1.1	200 OK	36430 Show response samplerpouch.com/rjcrtlnT5hLfz/ Frame 9FA6	5 B 1 KB	89ms 23ms	Script application/javascript	172.255.6.33 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://samplerpouch.com/rjcrtlnT5hLfz/36430 Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 172.255.6.33 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:43 GMT Content-Encoding gzip Strict-Transport-Security max-age=1 Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin https://upvideo.to Access-Control-Max-Age 600 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type, megageocheckolololo, x-forwarded-for X-Content-Type-Options nosniff Keep-Alive timeout=20
GET H/1.1	403 Forbidden	c583ab0d35d2cf85432b94875e00147c.js contagiousaugust.com/c5/83/ab/ Frame 9FA6	0 0	357ms 100ms	Script application/javascript	192.243.59.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://contagiousaugust.com/c5/83/ab/c583ab0d35d2cf85432b94875e00147c.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.9 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:43 GMT Server nginx/1.17.9 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Connection keep-alive Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent Content-Type application/javascript Content-Length 0
GET H2	200	tghr.js Show response pop5sjhspear.com/aas/r45d/vki/1851314/ Frame 9FA6	66 KB 26 KB	69ms 28ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://pop5sjhspear.com/aas/r45d/vki/1851314/tghr.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 61ff57b289ef2de5532226a91b2304890cfde07e861a1eb26964910a7f1f0b99 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:42 GMT content-encoding gzip last-modified Thu, 26 May 2022 09:40:55 GMT accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"628f4b27-10998" vary Accept-Encoding content-type application/javascript timing-allow-origin * server nginx
GET H3	200	popper.min.js Show response upvideo.to/assets/js/vendor/ Frame 9FA6	20 KB 8 KB	39ms 39ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/vendor/popper.min.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1151 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 Jan 2020 19:46:09 GMT server cloudflare etag W/"5e163181-500f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJMosHc5qr4%2BwdrIMPhPuTPbimkC9csyijZGnCpYXK8ghbY%2BLnB5tKCDKuNDZWXOUAnBcXARZKEWI%2FN%2FcZBPdWXmneqRALulLzStx1n9pGilc5kZRN5jLQFfucF2"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ec2c9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	bootstrap.min.js Show response upvideo.to/assets/js/ Frame 9FA6	54 KB 15 KB	40ms 40ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/bootstrap.min.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1151 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 Jan 2020 19:46:04 GMT server cloudflare etag W/"5e16317c-d9df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSM5XWCSW7MCMsEqKBMF3cA53T4g80qh6C2rQNUhXGWivczbV0GG47ERX0DNwdkY0BW45vGGeFHoRd6rdyImbivQAmc5Cjk8qKS59kHZu3HRdjzVDxPZdww4%2FAiA"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ec2d9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	feather.min.js Show response upvideo.to/assets/js/ Frame 9FA6	66 KB 18 KB	29ms 29ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/feather.min.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 911510973d107733d5a8811570539d0808f81b0d7a636165f2edb45ccd1714a4 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6801 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 Jan 2020 19:46:02 GMT server cloudflare etag W/"5e16317a-10620" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CufmoCxWZNg2jKgibzuKnyhi7zwCd6nepI5gglDxK93r5lXwlhNpxc%2BF%2Fzf8DMdjrq9GGllnB6GAH8IqlSHX5WOLHKDzhZ5YmIHMo3ONfCr%2BqHXqk33BVEkoCJ3G"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ec2e9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H3	200	tabber.js Show response upvideo.to/assets/js/ Frame 9FA6	7 KB 2 KB	130ms 130ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/tabber.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2db6e923455de9086a9dd350cf9bbace1b20900dee7d3b116d15458f49b793c2 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin *, * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVwz2lMzDylQQ2MWMDbSzBHIbXn7W0Ug1D6K8NrNscI1vfw9mV%2BKnH1l76JI6wTAVFYpWd3naB%2FEUOmO276Y6c3vB7RWcP8pc590IDyLF4d2%2FRNBN5V4mzUN6soO"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 71188549ec2f9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	main.js Show response upvideo.to/assets/js/ Frame 9FA6	228 B 740 B	29ms 28ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/js/main.js Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08a614f0fd92d112799b8ca27dc51e638727d7ac1cea1688de8ae927afbe8a8f Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5695 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 08 Jan 2020 19:46:04 GMT server cloudflare etag W/"5e16317c-e4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exjVChFEcB24TCwafgIcWciHjNZn7AdcHbkPiKiBjWECmlTO%2F2ryrgmdBWuYRlOlEVt4gbs3Qwjf4VfZtUSe2y0jLMbGqE2r9ulVSX2Q51z16%2Bla7d1AEJg8OzE9"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 71188549ec309004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET DATA	200 OK	truncated / Frame 5664	1 KB 1 KB		Font font/woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9141e45366c427827365c117390486dc7f180c534a9a288517353efb2c546128 Request headers Referer Origin https://pt.pwmctl.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type font/woff
GET H2	200	4234501 Show response in-page-push.com/400/ Frame 9FA6	71 KB 28 KB	60ms 27ms	Script application/javascript	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/400/4234501 Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7408ad7ec9f385e8d92e1bb64c7ca96ae5bbe2ddb32b003dc484e347fc49ed9d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-trace-id b070b68d089c05a57df2887c89281c53 pragma no-cache date Thu, 26 May 2022 18:19:43 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/ Frame 9FA6	65 B 540 B	56ms 13ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: in-page-push.com URL: https://in-page-push.com/400/4234501 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash bcec86880a78246e0a4c34c0a56ab895474aaa25d02a93f11c858dbc73dc6a27 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://upvideo.to access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	4234501 Show response in-page-push.com/400/ Frame 9FA6	2 KB 1 KB	16ms 16ms	XHR application/json	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/400/4234501?oo=1&oaid=74ce9649901a4e61a2a221c4af7cb797 Requested by Host: in-page-push.com URL: https://in-page-push.com/400/4234501 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 8dda3ebddf915abcdb5641a8edaf0d3a642244bf7ca89f9557d5b5ef4954eed0 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-trace-id 73ad1a0011feed938ac74f5ea1fd55dd pragma no-cache date Thu, 26 May 2022 18:19:43 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/json access-control-allow-origin https://upvideo.to access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
POST H2	200	solid.gif pop5sjhspear.com/ Frame 9FA6	43 B 617 B	15ms 15ms	Ping image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://pop5sjhspear.com/solid.gif?z=1851314&abvar=0 Requested by Host: pop5sjhspear.com URL: https://pop5sjhspear.com/aas/r45d/vki/1851314/tghr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT x-route-id stats.tag.loaded accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H3	200	video.min.js Show response cdnjs.cloudflare.com/ajax/libs/video.js/6.13.0/ Frame 9FA6	201 KB 46 KB	30ms 29ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/video.js/6.13.0/video.min.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad21ec812f9512ca791fb66e05b29dfe67b8c889b57e5342c916f4b9ba79f586 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://upvideo.to/ Origin https://upvideo.to accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4323869 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 46368 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:35 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0401f-32545" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpR40Ax3JNNGb4EgPlTTlsjjAzxI8A97hlGtI4uCUytFDpL0CW1FrwKL9BWQtX6qIrX1vkUNmBoZ3dTGr6styhhjOPlsLbomV%2BGLQgu4z1xkCM%2Ffzs7S6yIXfXs2mpu2J9ThJPmB9fc126ka8%2BqypXL8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7118854c29ef90d4-FRA expires Tue, 16 May 2023 18:19:43 GMT
GET H2	200	fmwlfj8jb6vu.jpg cdn.upvideo.to/i/02/08306/ Frame 9FA6	53 KB 53 KB	38ms 27ms	Image image/jpeg	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.upvideo.to/i/02/08306/fmwlfj8jb6vu.jpg Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b844f639206d7733f21abea588e63cea940e3047cb6c52d4ba9a4789fdf1acd9 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS, * cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7064 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 26 May 2022 16:21:59 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0nhNL5t88bupSt1%2B1qz16jpJbIe%2F0UgSSxif3NE%2BQZziHJvm%2FLgL0dNmwCRHlUfLjtQU3MPOtyv7GHv82NKeu%2BXskHJr1yL1Ag1hjSHn%2FGwf25dMzc4HIArC6EaWuZGyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 7118854c3b6890e0-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization, *
GET H3	200	videojs-flash.min.js Show response cdnjs.cloudflare.com/ajax/libs/videojs-flash/2.1.2/ Frame 9FA6	8 KB 3 KB	20ms 19ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/videojs-flash/2.1.2/videojs-flash.min.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dac28f20f395f028f7e2bef866745c74aad0ec9aaa834a35cd1d9cef85435b5b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5435631 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2717 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:36 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04020-1f69" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FoLy5jTZoists1GmMEagQ5XzMO9b55nP6KnPhyAYnITGnszOr09t7QY4SZ2T0pfJ2NzazX%2FxnqWICmIj1FGN9l6o6tIrALzVTG4lGtSrk9%2BZxpcZPMbGM5IxmB0AygKYgt2lG5ZzVzIR%2Ffv%2BYRGk35d"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7118854c2d035c6e-FRA expires Tue, 16 May 2023 18:19:43 GMT
GET H2	200	/ Show response popcash.net/ Frame 9FA6	0 0	419ms 377ms	Script text/html	2606:4700:3034::ac43:c2cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://popcash.net/ Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:c2cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers
GET H3	200	videojs.js Show response upvideo.to/assets/player/ Frame 9FA6	80 KB 16 KB	23ms 23ms	Script application/javascript	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/assets/player/videojs.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbbece305205a3b25a1e5d626a0e4fd6b4027e1a54df7b23af6a7ee44931394a Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1149 access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 02 May 2021 10:42:56 GMT server cloudflare etag W/"608e8230-13ee7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut2i1uMUGRUj7tN7VGmQTu7W7xM7K8S4jXr4qqn7nQ9uwmRxoA3k%2FSVlzbFpkUKq%2F9kYfW%2Fq9MCgGWUJ%2BuCqQ6zwGdkrNGj4uNvRGuyUxHpzif1wH%2F38edl16C2t"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true cf-ray 7118854c28fc9004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H2	200	apu.php Show response cdn.itskiddoan.club/ Frame 9FA6	968 B 2 KB	56ms 19ms	Script application/javascript	139.45.197.236 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.itskiddoan.club/apu.php?zoneid=5096717 Requested by Host: in-page-push.com URL: https://in-page-push.com/400/4234501 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 05f00cb6602e36ef5ea467e781916b095565db4c654a1aa4488d4a02800fd325 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT x-content-type-options nosniff access-control-max-age 86400 content-length 968 x-trace-id 448a862ebee0e0347c658e2e8adbadea pragma no-cache server nginx strict-transport-security max-age=1 access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	1851314 Show response pop5sjhspear.com/get/ Frame 9FA6	3 KB 2 KB	16ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://pop5sjhspear.com/get/1851314?zoneid=1851314&jp=_cl25oddhf441czfx18ez5k&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6863769061813373 Requested by Host: pop5sjhspear.com URL: https://pop5sjhspear.com/aas/r45d/vki/1851314/tghr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 532618237fce823b69fd9e9d8e69dced36512234a66f1aa0726c4e8b426da437 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	/ Show response baradoot.com/ssp/req/1851314/ Frame 9FA6	7 B 679 B	57ms 18ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://baradoot.com/ssp/req/1851314/?pb=228e44263e75d576c87b6b5331eb11081653596383&psp=d5FhBt1lTxl29wJwHpbpoWEcpmA6x_85PYWaFsr0jnPprihkoQexJeoJtaxDMCeLBcLTah9g8qcW78Y91QdPFlVnG8Oyq5pNYSxr6D1zl3BePdH-pNRYnYNDbfWJ3rJkFiOLisYuTBO54tcY3J8GkczB2TKIsRnWfi4mUNxHbbOLpO4GYRX0cNNDW_BcMQ5b7HSXSEUH3SQYfzXN4LPVLJFCmMck8eBpR75ZZf4xKpbZVI2tPeoAKOFRswry7lYdRI2i-wtUqUGjw3ut5DSWJiWgvDWr0vKdVwTmAIiNWhoeUTi9BrtUcxPLikzTqyC_XaN83CeCZhG3Wqbd3oE0dNJTl9JQ6TC9n2Xm6LwigvQVgITN4_RytCF-8_B0W6kajUeojfugnkfXX2A6fLfFDq8FzV-H5IJS8fSdfD6tqFmDArRasL8g-xMlDMThA0p73t-_JL78k9ueRfdZRj1YlA==&cb=_cll9ia5nmardzbt7tetyad&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24 Requested by Host: pop5sjhspear.com URL: https://pop5sjhspear.com/aas/r45d/vki/1851314/tghr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT x-route-id ssp.bet accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 7 server nginx content-type text/javascript
GET DATA	200 OK	truncated / Frame 9FA6	715 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9FA6	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9FA6	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9FA6	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 9FA6	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	4234501 Show response in-page-push.com/500/ Frame 9FA6	3 KB 2 KB	137ms 137ms	XHR application/javascript	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/4234501?excludes=&oaid=74ce9649901a4e61a2a221c4af7cb797&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=260&wiw=260&wih=230&wfc=2&pl=https%3A%2F%2Fupvideo.to%2Fe%2Ffmwlfj8jb6vu%2FTokyodoll_tv-8.mp4&drf=https%3A%2F%2F1st-studio.waplist.eu%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Requested by Host: in-page-push.com URL: https://in-page-push.com/400/4234501 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 5093a225e156945951b46343ff4ff832fddc12fbbaec86bf5d52b45592f9a3a5 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://upvideo.to/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type application/json Response headers x-trace-id 5fd9dfcef1a14bbbc7e683aad8c7e270 pragma no-cache date Thu, 26 May 2022 18:19:43 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Origin content-type application/javascript access-control-allow-origin https://upvideo.to access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true strict-transport-security max-age=1 timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	4234501 in-page-push.com/500/ Frame	0 0	50ms 21ms	Preflight	139.45.197.15 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://in-page-push.com/500/4234501?excludes=&oaid=74ce9649901a4e61a2a221c4af7cb797&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=260&wiw=260&wih=230&wfc=2&pl=https%3A%2F%2Fupvideo.to%2Fe%2Ffmwlfj8jb6vu%2FTokyodoll_tv-8.mp4&drf=https%3A%2F%2F1st-studio.waplist.eu%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://upvideo.to Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://upvideo.to access-control-max-age 600 allow GET, OPTIONS content-length 0 date Thu, 26 May 2022 18:19:43 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H3	200	logo.png upvideo.to/assets/img/ Frame 9FA6	16 KB 16 KB	23ms 23ms	Image image/png	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://upvideo.to/assets/img/logo.png Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a378641cd44ad5ae3c10c17f6c0dad95432e13358ef2b3b8af79fe95d7a02b44 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:43 GMT access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6799 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16216 last-modified Fri, 12 Feb 2021 21:58:46 GMT server cloudflare etag "6026fa16-3f58" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krcPYkCNosLcuXp22aeLHOfh%2FnLQrDjMtsp3SgXtYvOjBkF0jLI4aGTm2jjYp0WAcZrfn3GtrpjeTKmpxZSAeKVhnZFyZLTaONTko2nahLiEy7nZO4%2BcmadoBMU5"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 7118854eff679004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET DATA	200 OK	truncated / Frame 9FA6	5 KB 5 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3cf60de17a8f3ef80eeaa8cdf3653cf443f4fee202977be9b667a99da3a0c93a Request headers Referer Origin https://upvideo.to accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
HEAD		/ popcash.net/ Frame 9FA6	0 0
GET H3	200	embedblocked Show response upvideo.to/ Frame 9FA6	2 KB 1 KB	115ms 115ms	Document text/html	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://upvideo.to/embedblocked?referer=https%3A%2F%2F1st-studio.waplist.eu%2F Requested by Host: upvideo.to URL: https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbe1b354ac9d3857d95fd032c2fbfa32a1e5bd92d3c88ed3a1022ef7824f4338 Request headers Referer https://upvideo.to/e/fmwlfj8jb6vu/Tokyodoll_tv-8.mp4 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS access-control-allow-origin * * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 711885502a1e9004-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 26 May 2022 18:19:44 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Chm0zrBPpbSxhTG2U0rQDFKZDd9XuL6aF3ULCEv9WFwpuAp3U2DFX%2BF09ap59NoFvtyP6LpvGH21gF2yAizsDrJDx19bmfmwxwxbzJx47acXapSmxxuOlN7UJy7"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css fonts.googleapis.com/ Frame 9FA6	2 KB 1 KB	132ms 48ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:500 Requested by Host: upvideo.to URL: https://upvideo.to/embedblocked?referer=https%3A%2F%2F1st-studio.waplist.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2887faeacf0e584471a973cf17b8d4434a443c89236d4d4f2cc36a403afeb47b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 26 May 2022 17:58:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 26 May 2022 18:19:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 26 May 2022 18:19:44 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9FA6	1 KB 479 B	133ms 49ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:700,900 Requested by Host: upvideo.to URL: https://upvideo.to/embedblocked?referer=https%3A%2F%2F1st-studio.waplist.eu%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5a4283901bc417a75e1fe443310c1d48f2b4e64a87fab951dae1ca8add0bf6ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 26 May 2022 18:19:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 26 May 2022 18:19:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 26 May 2022 18:19:44 GMT
GET H3	200	text.png upvideo.to/assets/img/ Frame 9FA6	26 KB 26 KB	180ms 179ms	Image image/png	188.114.97.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://upvideo.to/assets/img/text.png Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.10 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d33fea3e9585043e40bcb24a774501b792ae96f64f0ecc28442fb353dd11170f Request headers accept-language de-DE,de;q=0.9 Referer https://upvideo.to/embedblocked?referer=https%3A%2F%2F1st-studio.waplist.eu%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:44 GMT access-control-allow-methods GET, POST, PATCH, PUT, DELETE, OPTIONS cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26491 last-modified Wed, 26 Sep 2018 16:22:03 GMT server cloudflare etag "5babb22b-677b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1twe0sDdF2A7X2EtrImOChbLGHRNY2EjdaM%2FPaXfzYAT1oMorff4ybnFDuXl96yZnO0uMYn%2BWwmKhqWiw2B0P20zh7F0sIc48m2AJv%2FfVxDP8iJzTaxpzxfQ1CLg"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin *, * cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 71188551ce219004-FRA access-control-allow-headers append,delete,entries,foreach,get,has,keys,set,values,Authorization
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v15/ Frame 9FA6	10 KB 11 KB	122ms 41ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffEDBGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Titillium+Web:700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e59456a560f58d0b6b7934bfc06e0b2faee5d61e2bdb10eef541dd66bfebe0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://upvideo.to accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 25 May 2022 21:00:51 GMT x-content-type-options nosniff age 76733 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10444 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:44:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 25 May 2023 21:00:51 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v15/ Frame 9FA6	12 KB 12 KB	129ms 48ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Titillium+Web:700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://upvideo.to accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Mon, 23 May 2022 23:57:04 GMT x-content-type-options nosniff age 238960 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11796 x-xss-protection 0 last-modified Wed, 27 Apr 2022 15:47:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 May 2023 23:57:04 GMT
GET H2	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v24/ Frame 9FA6	12 KB 13 KB	157ms 77ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1fc21927293f00261a8795efadbdfa16d14521479402d72328c00482a6ba6b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://upvideo.to accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 24 May 2022 17:12:00 GMT x-content-type-options nosniff age 176864 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12748 x-xss-protection 0 last-modified Tue, 26 Apr 2022 14:37:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 May 2023 17:12:00 GMT
GET H/1.1	200 OK	splash.php Show response syndication.realsrv.com/	1014 B 2 KB	65ms 23ms	XHR text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/splash.php?idzone=4136808&orientation=landscape&screen_resolution=1600x1200&p=https%3A%2F%2F1st-studio.waplist.eu%2F&cookieconsent=true Requested by Host: a.realsrv.com URL: https://a.realsrv.com/fp-interstitial.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 8687c2ae6a7c371566097b5fe84b78caff6290b58011e21a76073464dfdd0b56 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:44 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://1st-studio.waplist.eu Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	popunder1000.js Show response a.realsrv.com/	94 KB 40 KB	15ms 15ms	Script application/javascript	2001:4de0:ac19::1:b:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://a.realsrv.com/popunder1000.js Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7b3a25f46e182f7b7c98d8b8412c8db0ca7ae8fb4fd02159a986f73327d69821 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:44 GMT Content-Encoding gzip Server nginx etag W/"717d1e695e18ae1f91654dda15a" X-HW 1653589182.dop208.am5.t,1653589182.cds203.am5.shn,1653589182.dop208.am5.t,1653589184.cds130.am5.c Content-Type application/javascript Access-Control-Allow-Origin *, * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 40330
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	110ms 36ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-58825785-33 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 2698 date Thu, 26 May 2022 17:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 26 May 2022 19:34:46 GMT
GET H/1.1	200 OK	ads-iframe-display.php Show response syndication.realsrv.com/ Frame 49FF	3 KB 2 KB	24ms 24ms	Document text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/ads-iframe-display.php?idzone=4038304&type=900x250&p=https%3A//1st-studio.waplist.eu/&dt=1653589184356&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 1012fc63a4387c32edd56349eb9542aa31b9a9538ff0eb35b2b21a6dc8c90326 Request headers Referer https://1st-studio.waplist.eu/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 26 May 2022 18:19:44 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Pragma no-cache Server nginx Transfer-Encoding chunked
GET H3	200	logger-1.min.js Show response cdn.lr-ingest.io/	783 KB 162 KB	61ms 40ms	Script text/javascript	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.lr-ingest.io/logger-1.min.js Requested by Host: cdn.lr-ingest.io URL: https://cdn.lr-ingest.io/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a291bceadbd1d7f8d02016f5342b092f8357c2540695750b98d93f7b2620bb70 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:44 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 251 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31556926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-hhn4022-HHN last-modified Thu, 26 May 2022 17:51:58 GMT server cloudflare x-timer S1653587725.193414,VS0,VE1 etag W/"7e2042e8d4e514bfd841c08284b768292f859fe43b8fc954eb243f253613662d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary x-fh-requested-host, accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO5XwWpzbo4WlTWltfU0LvHJxA9rBSrj8TnCSN%2Bk8V1cyJe3tXTTqEnGf9fR2GxPD824YMzRJmli06B6Avy%2FEnnhjatq%2Fa0Zx9dGJxwwDIYQuWFlV3NlzhNzEY64YboDzOFc6N74PaJR6rEdpJxo"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=14400 cf-ray 711885526c469060-FRA x-cache-hits 1
GET H2	200	zGgr1n Show response biptolyla.com/c.DC9e6_b/2U5/laSnW/QB9GNaD-MmzhMTjTM/4iNFC/0Z0UMKzfM_yZM/	0 340 B	108ms 50ms	Script application/javascript	2a00:1178:1:4b::f WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://biptolyla.com/c.DC9e6_b/2U5/laSnW/QB9GNaD-MmzhMTjTM/4iNFC/0Z0UMKzfM_yZM/zGgr1n Requested by Host: 1st-studio.waplist.eu URL: https://1st-studio.waplist.eu/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Thu, 26 May 2022 18:19:44 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 0 server nginx expires Mon, 26 Jul 2011 05:00:00 GMT
GET H2	206	48896ba2039326c150785fcfbaeb2273cb56440a.mp4 s3t3d2y8.ackcdn.net/library/41682/	473 KB 474 KB	66ms 7ms	Media video/mp4	2a02:6ea0:c700::14 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://s3t3d2y8.ackcdn.net/library/41682/48896ba2039326c150785fcfbaeb2273cb56440a.mp4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::14 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 8c6a6dc897ca1f53ccc46735d8a1cd411ff9ca3cc54784ed16e92f56d9381bb0 Request headers Referer https://1st-studio.waplist.eu/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Range bytes=0- Response headers x-77-pop frankfurtDE date Thu, 26 May 2022 18:19:44 GMT x-77-nzt-ray 2tYf2NxQRWY x-77-cache HIT Content-Range bytes 0-484657/484658 x-cache HIT x-age 2351228 Content-Length 484658 x-77-nzt AYrHJQ0Ec2v/fOAjAA x-accel-expires @1682773956 last-modified Fri, 29 Apr 2022 10:46:02 GMT server CDN77-Turbo etag "626bc1ea-76532" content-type video/mp4 access-control-allow-origin * cache-control max-age=31536000 expires Sat, 29 Apr 2023 13:12:36 GMT
GET H/1.1	200 OK	fc.php Show response service.supercounters.com/	2 KB 1 KB	296ms 93ms	Script application/x-javascript	172.104.29.90 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://service.supercounters.com/fc.php?id=1400646&v=1&w=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&ref=&url=https%3A%2F%2F1st-studio.waplist.eu%2F&sw=1600&sh=1200&rand=78 Requested by Host: widget.supercounters.com URL: https://widget.supercounters.com/ssl/flag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li1848-90.members.linode.com Software nginx/1.20.1 / PHP/7.4.13 Resource Hash 737eab834ecc2018b615a8e2513e42d304a6809666ccec4dd8bb89b03645a50f Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 18:19:44 GMT Content-Encoding gzip Server nginx/1.20.1 Connection keep-alive X-Powered-By PHP/7.4.13 Transfer-Encoding chunked Content-Type application/x-javascript
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/	365 KB 145 KB	130ms 39ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://1st-studio.waplist.eu/ Origin https://1st-studio.waplist.eu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 17:36:12 GMT content-encoding gzip x-content-type-options nosniff age 2612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147703 x-xss-protection 0 last-modified Mon, 16 May 2022 04:03:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 May 2023 17:36:12 GMT
POST H3	200	rum Show response 1st-studio.waplist.eu/cdn-cgi/	0 170 B	25ms 25ms	XHR text/plain	2606:4700:3035::ac43:b347 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1st-studio.waplist.eu/cdn-cgi/rum? Requested by Host: cdn.lr-ingest.io URL: https://cdn.lr-ingest.io/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:b347 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://1st-studio.waplist.eu/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 content-type application/json Response headers date Thu, 26 May 2022 18:19:44 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://1st-studio.waplist.eu access-control-max-age 86400 access-control-allow-credentials true cf-ray 711885525a219c0a-FRA vary Origin
GET H2	206	d8396a7161b0e5a75879aa2b7c9272dfe7af4434.mp4 s3t3d2y8.ackcdn.net/library/140058/ Frame 49FF	23 KB 24 KB	67ms 31ms	Media video/mp4	2a02:6ea0:c700::14 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://s3t3d2y8.ackcdn.net/library/140058/d8396a7161b0e5a75879aa2b7c9272dfe7af4434.mp4 Requested by Host: syndication.realsrv.com URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4038304&type=900x250&p=https%3A//1st-studio.waplist.eu/&dt=1653589184356&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::14 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash f7b4420db6b8c6989d2236f0999764729808c04af97b12e82abd789ef2ec62e0 Request headers Referer https://syndication.realsrv.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Range bytes=0- Response headers x-77-pop frankfurtDE date Thu, 26 May 2022 18:19:44 GMT x-77-nzt-ray QR9Q/Bx0Hiw x-77-cache HIT Content-Range bytes 0-23723/23724 x-cache HIT x-age 3044020 Content-Length 23724 x-77-nzt AYrHJQ27nRz/tHIuAA x-accel-expires @1682081164 last-modified Thu, 26 Mar 2020 21:10:46 GMT server CDN77-Turbo etag "5e7d1a56-5cac" content-type video/mp4 access-control-allow-origin * cache-control max-age=31536000 expires Fri, 21 Apr 2023 12:46:04 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	43ms 43ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=71002352&t=pageview&_s=1&dl=https%3A%2F%2F1st-studio.waplist.eu%2F&ul=en-us&de=UTF-8&dt=1st-studio%20Siberian%20mouses&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=98427406&gjid=1031745145&cid=2025528410.1653589184&tid=UA-58825785-33&_gid=78202671.1653589184&_r=1&gtm=2ou5n0&z=1838703528 Requested by Host: cdn.lr-ingest.io URL: https://cdn.lr-ingest.io/LogRocket.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://1st-studio.waplist.eu/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 26 May 2022 18:19:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://1st-studio.waplist.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	32b6d73c-f3f7-402c-86fc-e64dd9ed7587 https://1st-studio.waplist.eu/	441 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://1st-studio.waplist.eu/32b6d73c-f3f7-402c-86fc-e64dd9ed7587 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash f1cc12d2833a24fd0f2eb4b6ece1673907c049755d7a319f8c52e565a4ff56fd Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Content-Length 451400
GET H3	200	flagsprites.png widget.supercounters.com/images/	68 KB 68 KB	46ms 26ms	Image image/png	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widget.supercounters.com/images/flagsprites.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5f7b1faf32c396ab4a0a1548547f6c7ff8037d1a7fb7d0ad633a3cbe2c0efe4 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5532 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69400 last-modified Tue, 11 Apr 2017 07:31:00 GMT server cloudflare etag "58ec8634-10f18" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjVS7HpDKXPbJuc584ityu6ys%2FtYojvLkLBv4q7mWIiC2i0M18Y14%2FX%2Bk%2Fk6Ck%2BzQ3U67MEkGsPFoncoIPJbqUPkeVXK0V2BFd5Bn7jM5mBRlD91FRR51elLWYQ5BrTJWtLQXy2HoLmgR7wf74Z3rkRTPTbRCJI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 711885545c8290ee-FRA
GET H3	200	flagsprites.png widget.supercounters.com/images/	68 KB 68 KB	31ms 31ms	Image image/png	2a06:98c1:3120::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widget.supercounters.com/images/flagsprites.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5f7b1faf32c396ab4a0a1548547f6c7ff8037d1a7fb7d0ad633a3cbe2c0efe4 Request headers accept-language de-DE,de;q=0.9 Referer https://1st-studio.waplist.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Thu, 26 May 2022 18:19:44 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5532 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69400 last-modified Tue, 11 Apr 2017 07:31:00 GMT server cloudflare etag "58ec8634-10f18" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZtoq20ru1gdYOBr3JvQZDv33Xlb%2BY1em76r2ENLr4WN1bekqZSHKp%2BnsG5%2FS1%2F9W7CheYD5FFR5gfRqHPQEQXZLH46rlOagUJw87AteRhiYLZRVO99O%2FgR%2BljbLi91GplwHlnhDPUI9iIpk2b4Q%2FpUIhFOPObE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 71188554bd3b90ee-FRA
POST		i r.lr-ingest.io/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

popcash.net

URL

https://popcash.net/

Domain

r.lr-ingest.io

URL

https://r.lr-ingest.io/i?a=w6kpfv%2Fwaplist&r=5-6f27de31-bdee-4e8b-a04a-5fb3b748ea79&t=bbf88a26-226a-4bcb-ae5e-9fd87547d7fe&s=0&rs=0%2Cu