urlscan.io logo urlscan.io
SecurityTrails logo

anfisasiberia.sextgem.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Submission: On July 29 via manual from RU — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 19 domains to perform 91 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is anfisasiberia.sextgem.com.
This is the only time anfisasiberia.sextgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.36.158.42 16276 (OVH)
6 93.93.51.191 34655 (DOCLER-AS)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 141.94.172.213 16276 (OVH)
1 173.233.137.52 7979 (SERVERS-COM)
1 2 2a00:1178:1:4... 35415 (WEBZILLA)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.104.29.90 63949 (AKAMAI-LI...)
1 2620:116:800d... 16509 (AMAZON-02)
20 2606:4700:311... 13335 (CLOUDFLAR...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700:311... 13335 (CLOUDFLAR...)
5 2606:4700:311... 13335 (CLOUDFLAR...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700:311... 13335 (CLOUDFLAR...)
12 93.93.51.200 34655 (DOCLER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
6 93.93.51.190 34655 (DOCLER-AS)
2 93.93.51.225 34655 (DOCLER-AS)
91 21
2    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
anfisasiberia.sextgem.com
6    93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
embwmpt.com
pt.cdctwm.com
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
www.supercounters.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    141.94.172.213 (France)

ASN16276 (OVH, FR)
xtgem.com
sextgem.com
enif.images.xtstatic.com
1    173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)
pl13048200.trustedcpmrevenue.com
2    2a00:1178:1:4b::f (Netherlands)

ASN35415 (WEBZILLA, NL)
fagywalu.pro
6    2606:4700::6812:6528 (United States)

ASN13335 (CLOUDFLARENET, US)
chaturbate.com
1    172.104.29.90 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1848-90.members.linode.com
service.supercounters.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
20    2606:4700:3110::6812:3b96 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.xlirdr.com
video.xlirdr.com
go.xlirdr.com
1    2600:9000:223c:6800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:223c:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    2606:4700:3110::6812:3eeb (United States)

ASN13335 (CLOUDFLARENET, US)
video.ktkjmp.com
5    2606:4700:3110::6812:336a (United States)

ASN13335 (CLOUDFLARENET, US)
go.xlirdr.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2606:4700:311f::6812:3f84 (United States)

ASN13335 (CLOUDFLARENET, US)
img.strpst.com
12    93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
pt-static2.ptwmstcnt.com
pt-static4.ptwmstcnt.com
pt-static3.ptwmstcnt.com
4    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
galleryn1.vcmdiawe.com
galleryn0.vcmdiawe.com
galleryn3.vcmdiawe.com
gallery.vcmdiawe.com
2    93.93.51.225 (Luxembourg)

ASN34655 (DOCLER-AS, LU)
api-protected.protoawegw.com
Apex Domain
Subdomains		 Transfer
25 xlirdr.com
creative.xlirdr.com — Cisco Umbrella Rank: 26448 Failed
go.xlirdr.com — Cisco Umbrella Rank: 20956
video.xlirdr.com — Cisco Umbrella Rank: 253450
333 KB
12 ptwmstcnt.com
pt-static2.ptwmstcnt.com — Cisco Umbrella Rank: 90630
pt-static4.ptwmstcnt.com — Cisco Umbrella Rank: 151282
pt-static3.ptwmstcnt.com — Cisco Umbrella Rank: 139368
406 KB
6 vcmdiawe.com
galleryn1.vcmdiawe.com — Cisco Umbrella Rank: 28438
galleryn0.vcmdiawe.com — Cisco Umbrella Rank: 23392
galleryn3.vcmdiawe.com — Cisco Umbrella Rank: 29736
gallery.vcmdiawe.com — Cisco Umbrella Rank: 116061
1 MB
6 chaturbate.com
chaturbate.com — Cisco Umbrella Rank: 13963
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
297 KB
4 cdctwm.com
pt.cdctwm.com — Cisco Umbrella Rank: 81341
11 KB
4 ktkjmp.com
video.ktkjmp.com — Cisco Umbrella Rank: 15124
916 B
4 supercounters.com
widget.supercounters.com — Cisco Umbrella Rank: 108274
service.supercounters.com — Cisco Umbrella Rank: 110921
www.supercounters.com
9 KB
3 sextgem.com
anfisasiberia.sextgem.com
sextgem.com — Cisco Umbrella Rank: 846374
9 KB
2 protoawegw.com
api-protected.protoawegw.com — Cisco Umbrella Rank: 35865
2 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1198
1 KB
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 19055
pixel.quantserve.com — Cisco Umbrella Rank: 1017
10 KB
2 fagywalu.pro
fagywalu.pro
810 B
2 embwmpt.com
embwmpt.com — Cisco Umbrella Rank: 191724
6 KB
1 strpst.com
img.strpst.com — Cisco Umbrella Rank: 10269
12 KB
1 xtstatic.com
enif.images.xtstatic.com
328 B
1 trustedcpmrevenue.com
pl13048200.trustedcpmrevenue.com
1 xtgem.com
xtgem.com — Cisco Umbrella Rank: 466331
21 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
902 B
91 19
Domain Requested by
10 go.xlirdr.com creative.xlirdr.com
anfisasiberia.sextgem.com
9 creative.xlirdr.com anfisasiberia.sextgem.com
creative.xlirdr.com
6 pt-static2.ptwmstcnt.com pt.cdctwm.com
6 video.xlirdr.com anfisasiberia.sextgem.com
creative.xlirdr.com
6 chaturbate.com anfisasiberia.sextgem.com
4 www.googletagmanager.com pt.cdctwm.com
www.googletagmanager.com
4 pt-static4.ptwmstcnt.com pt.cdctwm.com
pt-static4.ptwmstcnt.com
4 pt.cdctwm.com embwmpt.com
4 video.ktkjmp.com creative.xlirdr.com
2 gallery.vcmdiawe.com
2 galleryn0.vcmdiawe.com pt.cdctwm.com
2 api-protected.protoawegw.com pt-static2.ptwmstcnt.com
2 pt-static3.ptwmstcnt.com pt.cdctwm.com
2 www.supercounters.com anfisasiberia.sextgem.com
2 rules.quantcount.com 1 redirects anfisasiberia.sextgem.com
2 fagywalu.pro 1 redirects anfisasiberia.sextgem.com
2 embwmpt.com anfisasiberia.sextgem.com
2 anfisasiberia.sextgem.com anfisasiberia.sextgem.com
1 galleryn3.vcmdiawe.com
1 galleryn1.vcmdiawe.com pt.cdctwm.com
1 img.strpst.com anfisasiberia.sextgem.com
1 pixel.quantserve.com anfisasiberia.sextgem.com
1 enif.images.xtstatic.com anfisasiberia.sextgem.com
1 edge.quantserve.com anfisasiberia.sextgem.com
1 service.supercounters.com widget.supercounters.com
1 sextgem.com anfisasiberia.sextgem.com
1 pl13048200.trustedcpmrevenue.com anfisasiberia.sextgem.com
1 xtgem.com anfisasiberia.sextgem.com
1 fonts.googleapis.com anfisasiberia.sextgem.com
1 widget.supercounters.com anfisasiberia.sextgem.com
91 30

This site contains links to these domains. Also see Links.

Domain
lovrschat.chaturbate.com
youngtube.wapka.xyz
Subject Issuer Validity Valid
embwmpt.com
R3		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.highwebmedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-03 -
2023-10-05		 a year crt.sh
xlirdr.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-01		 a year crt.sh
video.ktkjmp.com
Cloudflare Inc ECC CA-3		 2023-07-02 -
2024-07-01		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
img.strpst.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.vcmdiawe.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-02 -
2024-05-02		 a year crt.sh

This page contains 18 frames:

Primary Page: http://anfisasiberia.sextgem.com/anfisasiberia
Frame ID: CC3D28C7AE3B51C410D2BF54E8BECD35
Requests: 16 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
Frame ID: 1F7BC885B713BCB1E298AE79654CA952
Requests: 1 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
Frame ID: B53EE2E82DE717716ABEC4962EBEE12D
Requests: 1 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
Frame ID: 3EECE777D83822C02D7344CE9393842D
Requests: 1 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 429E82B6B59E926C5589F418ABE5CEEC
Requests: 1 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 22A13B451EEE82799407FFA4CB40DB2C
Requests: 1 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 896615CFE08B66DC96F6663F7062C9D4
Requests: 1 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Frame ID: AB97BF6A14B115EF915F1DDC0F84B78F
Requests: 1 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
Frame ID: 05DA7F059C6473D56FF6561A2BAC266A
Requests: 7 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
Frame ID: 8C854B1202B53995D55451BAA69E9E23
Requests: 7 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
Frame ID: C7B649EDD416917164EA8A9F1E4A0D29
Requests: 7 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 20B735C3945C752C0D155D1C39DBCF6A
Requests: 1 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: A236B4E99C74D5553D5F4C8E55FF486A
Requests: 1 HTTP requests in this frame

Frame: https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 7D017FB5CAE26837E99179B0AFAAEF87
Requests: 1 HTTP requests in this frame

Frame: https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Frame ID: 6869B07435EC053C0D9A788248258566
Requests: 9 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 45CCB9A182070A3CD476027960D92533
Requests: 1 HTTP requests in this frame

Frame: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Frame ID: CD931F08C18245049338F0199759C503
Requests: 14 HTTP requests in this frame

Frame: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Frame ID: 10546819B77BBACAFC95AEA50AFF79BA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anfisa-Siberia.AnfisaSiberia

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

91
Requests

49 %
HTTPS

62 %
IPv6

19
Domains

30
Subdomains

21
IPs

5
Countries

2621 kB
Transfer

5668 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T HTTP 301
  • https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
Request Chain 31
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request anfisasiberia
anfisasiberia.sextgem.com/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
ff543ce7874e778ebf35cc9a3c092ecfe82bd194c0023f50af6d1ccc4f83d525

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
close
Content-Encoding
gzip
Content-Length
4469
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jul 2023 11:57:49 GMT
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Pragma
no-cache
Vary
Host,Accept-Encoding
lf
embwmpt.com/embed/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embwmpt.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID}
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
f3a826f182b41438a8efadd6bf54a94891e3f386a0117271f8e36ba2fad07ec6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cache-control
no-cache
x-ud-id
3tc4A/MfZ
server
unknown
x-cache-status
R-MISS
content-type
application/javascript
lf
embwmpt.com/embed/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embwmpt.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&category=hot_flirt&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID}
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
c807fe1cd5993840d0714978ca49784a2a2c4bed896cbcc49012eb11d1225d82

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cache-control
no-cache
x-ud-id
6q3T0/c7c
server
unknown
x-cache-status
R-MISS
content-type
application/javascript
tab.js
widget.supercounters.com/ssl/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.supercounters.com/ssl/tab.js
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41e01fe3a0214dee147e3053c88bc40bec6caaeff53b2b02bb82f97b23cc519

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2779
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Thu, 03 Mar 2022 12:17:42 GMT
Server
cloudflare
ETag
W/"6220b1e6-210c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSaFHFg6iuCSkvqghTucKZpVGbiaFB6BgL95BSKd1iTL%2B8eCuDcz3LpzPKoQ%2FWE8HrgxhKGUrGNhipa2tRe%2BYIuVOUp9DxA%2B%2BZ3DPxPKlJyVNDenGH6XPduMOzmKSzt1BtxU%2FyFe2H1opmz6CFnAFp%2FYv77EL08%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=300
CF-RAY
7ee52fbf98c8d273-CDG
xtgem_template.css
anfisasiberia.sextgem.com/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://anfisasiberia.sextgem.com/xtgem_template.css?v=1598509184
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
fdef54289f76b5f57ef51e1a6a0211ad16800da8207ead4c42a4c57beecbbc38

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/anfisasiberia
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Connection
close
Content-Length
3365
Vary
Host,Accept-Encoding
Content-Type
text/css;charset=UTF-8
css
fonts.googleapis.com/ 		385 B
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Cookie
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
43317436fc9cc4150c0c08885e660b95d54388b54456d717105b11167d2040f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sat, 29 Jul 2023 11:57:49 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Sat, 29 Jul 2023 11:57:49 GMT
indiandesibhabi.png
xtgem.com/images/xtvid/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/xtvid/indiandesibhabi.png
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"52ff-59774aa04e000"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
21247
Expires
Mon, 28 Aug 2023 11:57:49 GMT
e2683001b51a3e369fb2d16165c07e07.js
pl13048200.trustedcpmrevenue.com/e2/68/30/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
page_templates_simple.js
sextgem.com/js/ 		982 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
http://sextgem.com/js/page_templates_simple.js
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"3d6-59774aa04e000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
409
Expires
Mon, 28 Aug 2023 11:57:49 GMT
1T
fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/
Redirect Chain
  • http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
  • https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
0
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Server
2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 11:57:49 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
Cache-Control
max-age=315360000
Connection
keep-alive
Content-Length
162
Expires
Thu, 31 Dec 2037 23:55:55 GMT
wrapper
creative.xlirdr.com/widgets/ Frame 1F7B 		0
0
wrapper
creative.xlirdr.com/widgets/ Frame B53E 		0
0
wrapper
creative.xlirdr.com/widgets/ Frame 3EEC 		0
0
/
chaturbate.com/in/ Frame 429E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fbfd9e93cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVi8JR6vW5iynMjFUqBFsjrMnCGpbFwYVhv2Spsb8KtYi4fPBk9X3sE756BopwWDkT1guefCjUgI80HU2MitLxPjEvUnItJULEk%2BTRW8tP9QiqrbTT8Edst%2FUpbF78p2ovssVFUIBc%2Bys19r"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
/
chaturbate.com/in/ Frame 22A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fbfd9ea3cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTn1oCVusjsNJ2BU8agCc97ppH4CJjy234AGoAkoj4EjvbPCDo5NdpaTp8FQwBXC%2F9BNeu3cQoWCRL%2FvLrctgeDgWhiXGngTpgDRyS2RMyvyP%2F9WnpqljHFALyw5rv03XnsourPWX1iosTso"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
/
chaturbate.com/in/ Frame 8966 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fbfd9eb3cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAQ8WMAioO5PVrNXHmiWl8z3TIcgkBy7Qq9j879CuXBfKDpyDPNmzItcRzVmyQcl5iaAgFcMOPjnVW9lG7Vaw8bjnegaA0K8h%2F1G92BK1qztIAfob%2FXxeGbxVEUx3dP60goF%2F0Wic1U1aKat"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
Player
creative.xlirdr.com/widgets/ Frame AB97 		0
0
fc.php
service.supercounters.com/ 		26 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
http://service.supercounters.com/fc.php?id=1640083&w=1&v=3&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&ref=&url=http%3A%2F%2Fanfisasiberia.sextgem.com%2Fanfisasiberia&sw=1600&sh=1200&rand=92
Requested by
Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/tab.js
Protocol
HTTP/1.1
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.20.1 / PHP/7.4.13
Resource Hash
ef8b5345dccae15ff5f48c3a6c5bf5bd17bdcf25a13b3f14551ed52351309d9c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Server
nginx/1.20.1
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
quant.js
edge.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Etag
"sLp6xTjO7svFVaOemhLWUQ=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 05 Aug 2023 11:57:49 GMT
wrapper
creative.xlirdr.com/widgets/ Frame 05DA 		709 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321cb123c96e8798df771482620d7dd99b965131951506fa34dd1dfd617ae69c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
7ee52fc01fee3c7b-CDG
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Sat, 29 Jul 2023 11:57:54 GMT
last-modified
Tue, 11 Jul 2023 07:23:05 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
wrapper
creative.xlirdr.com/widgets/ Frame 8C85 		709 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321cb123c96e8798df771482620d7dd99b965131951506fa34dd1dfd617ae69c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
7ee52fc01ff03c7b-CDG
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Sat, 29 Jul 2023 11:57:54 GMT
last-modified
Tue, 11 Jul 2023 07:23:05 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
wrapper
creative.xlirdr.com/widgets/ Frame C7B6 		709 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321cb123c96e8798df771482620d7dd99b965131951506fa34dd1dfd617ae69c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
7ee52fc01ff13c7b-CDG
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Sat, 29 Jul 2023 11:57:54 GMT
last-modified
Tue, 11 Jul 2023 07:23:05 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
/
chaturbate.com/in/ Frame 20B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fc01a173cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy4KL8yooozLeHIr%2BjRC64kDmK4qHCq4XXsOyMp8ttPUMOkLqS9FusNhV6cTRFts%2FVIHWASFlg7Yvdgi6l5VECmK6jRXo6Kru4g6O8Y4GjKItJtN0Gmz3vXRc8kQohcbgitP5LIsP6faXJ%2B%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
/
chaturbate.com/in/ Frame A236 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fc01a183cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwqRV5jRjvotf3%2FROLF1P5eauWIa5p7MN%2FDK%2BuCxNMYRyWfkeDTbJN5G37VjAPhlEJFTeuKCbXoVSHekIrBZUNGc64qlK3R9%2B0Kq5yvlckqKjmJhDUybAR2a3pkwF5105lKECFhXnHNgeVfi"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
/
chaturbate.com/in/ Frame 7D01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/in/?tour=6o0b&campaign=ldZ4M&track=embed&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7ee52fc01a1a3cd4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnT%2BFfT5ROcEXhWUh0xsb7znI8ZHKreu139OamiMtAzLCyI956JAq8Xm%2FZvKfGTlkmGydhzEecOdTHalmw2a74tOCnWJIKqPiobVkVmFi6N54fP48jAWCXjJSCRgd72IKv97uaw7KYnp2WzM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
Player
creative.xlirdr.com/widgets/ Frame 6869 		824 B
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf713a0539fe553b2e8c31635ccbd31db0582e959b108de204227094d9316ccd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cache-control
max-age=10
cf-cache-status
HIT
cf-ray
7ee52fc02ff53c7b-CDG
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 11:57:49 GMT
expires
Sat, 29 Jul 2023 11:57:54 GMT
last-modified
Tue, 11 Jul 2023 07:22:18 GMT
pragma
public
report-to
{ "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
tp.gif
enif.images.xtstatic.com/ Frame 45CC 		42 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000
Connection
close
Content-Length
42
Content-Type
image/gif
Date
Sat, 29 Jul 2023 11:57:49 GMT
ETag
"2a-59774aa04e000"
Expires
Mon, 28 Aug 2023 11:57:49 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
index.b46f6a72402501f35744.js
creative.xlirdr.com/widgets/wrapper/ Frame 05DA 		165 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ad29cea5cce212d6ba029f2668fd9313218eb9251a06f7fd6da371f9e292eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
age
6
etag
W/"64ad03a9-292ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ee52fc048163c7b-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 11:57:52 GMT
index.b46f6a72402501f35744.js
creative.xlirdr.com/widgets/wrapper/ Frame 8C85 		165 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ad29cea5cce212d6ba029f2668fd9313218eb9251a06f7fd6da371f9e292eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
age
6
etag
W/"64ad03a9-292ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ee52fc048173c7b-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 11:57:52 GMT
index.b46f6a72402501f35744.js
creative.xlirdr.com/widgets/wrapper/ Frame C7B6 		165 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5ad29cea5cce212d6ba029f2668fd9313218eb9251a06f7fd6da371f9e292eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
age
6
etag
W/"64ad03a9-292ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ee52fc048193c7b-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 11:57:52 GMT
main.0ed095e39c748ed1b1bf.css
creative.xlirdr.com/widgets/Player/ Frame 6869 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.css
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5fcdd2ec44aab0590bbc9d1ef39ac720c4230a89ab3b1b52dc103f6c071f53e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
etag
W/"64ad03a9-11bf"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=10
cf-ray
7ee52fc058203c7b-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 11:57:58 GMT
main.0ed095e39c748ed1b1bf.js
creative.xlirdr.com/widgets/Player/ Frame 6869 		226 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6bcb75f66eb0c03dea7c0221cf5b986c4f22b7ee7eab0100cdad1a393214623

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 07:24:25 GMT
server
cloudflare
etag
W/"64ad03a9-38665"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=10
cf-ray
7ee52fc058223c7b-CDG
alt-svc
h3=":443"; ma=86400
expires
Sat, 29 Jul 2023 11:57:54 GMT
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Server
2600:9000:223c:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:38:42 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:42:04 GMT
server
AmazonS3
etag
"2440f0fe7f89d580c051f453f7cc5d22"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
UMiGUod0Sb9uH02Xw8iSeAfMklxM28Yg2bXhnEkIrsNYGjIokQHTjw==

Redirect headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
Via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
nOQVCkvG1NZBDDhz1jQ9h9hKTR8CFZeXxVPACgIRINoByXukM_PqRw==
adsbygoogle.js
video.ktkjmp.com/ Frame 05DA 		16 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
D5A8E55T31XXGFXD
age
6452
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
ccK/1i16xiC8HLAl5zLM+yAY4aWmKqMNWAdX2n7+BFQsk9F+LBkUFE7lx6JfPKs+IQRMkU8fG64=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlirdr.com
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc11f462a49-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
config
go.xlirdr.com/ Frame 05DA 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fwrapper%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154%26bb%3Da4b78162.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c3f558ef960bb88a8e0cba3ca75407bbefdfaddb30910a36ab062aa1235d2ab

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 29 Jul 2023 11:29:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7ee52fc11eae0356-CDG
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame 8C85 		16 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
D5A8E55T31XXGFXD
age
6452
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
ccK/1i16xiC8HLAl5zLM+yAY4aWmKqMNWAdX2n7+BFQsk9F+LBkUFE7lx6JfPKs+IQRMkU8fG64=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlirdr.com
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc11f492a49-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
config
go.xlirdr.com/ Frame 8C85 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fwrapper%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154%26bb%3D0976e3d5.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ecafa098bab1649d4c9477707c474431fbd4d8d385ce629ff90f19c5e21db5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 29 Jul 2023 11:11:30 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7ee52fc11eb10356-CDG
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame C7B6 		16 B
670 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
D5A8E55T31XXGFXD
age
6452
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
ccK/1i16xiC8HLAl5zLM+yAY4aWmKqMNWAdX2n7+BFQsk9F+LBkUFE7lx6JfPKs+IQRMkU8fG64=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlirdr.com
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc11f4b2a49-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
config
go.xlirdr.com/ Frame C7B6 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2Fwrapper%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154%26bb%3D126196bb.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4df85cd91e4a3e562efcdd321a22a41df43111ae54ff4f925eded4766844a13a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 29 Jul 2023 11:47:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7ee52fc11eb20356-CDG
alt-svc
h3=":443"; ma=86400
config
go.xlirdr.com/ Frame 6869 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/config?url=https%3A%2F%2Fcreative.xlirdr.com%2Fwidgets%2FPlayer%3FuserId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e270941b57e0be42f5f0a1614d302f7693bd25d78a14742c61cdf4e2121ca5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 29 Jul 2023 11:29:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7ee52fc11eb00356-CDG
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
video.ktkjmp.com/ Frame 6869 		16 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video.ktkjmp.com/adsbygoogle.js
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3eeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status
HIT
x-amz-request-id
D5A8E55T31XXGFXD
age
6452
alt-svc
h3=":443"; ma=86400
content-length
16
x-amz-id-2
ccK/1i16xiC8HLAl5zLM+yAY4aWmKqMNWAdX2n7+BFQsk9F+LBkUFE7lx6JfPKs+IQRMkU8fG64=
last-modified
Thu, 10 Mar 2022 13:52:07 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag
"3d7f7a60216d40dea48e495fef6903c9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://creative.xlirdr.com
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc11f4a2a49-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
tab_b.png
www.supercounters.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.supercounters.com/images/tab_b.png
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2c325e007039151dc2fbfe670bfad07d9da4340ca2a55af21dc0203d4b3d1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
505505
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2470
Last-Modified
Wed, 13 Nov 2013 06:27:47 GMT
Server
cloudflare
ETag
"52831be3-9a6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n21EwbEk18mROL5mqMQmoXEa41fvw9UDd4o4BWqX37IQRs7zy4SSKtUhB7XPJZwl3Px9VkO2DICnDi8rqx%2BjVPsRg8hM8kI4x6yPx9Mg9KlFAKjZKbrsr0c5jmZwgRkOZGjRWAhQaCSck8VZ4zIilKrtx3s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
7ee52fc168fa0494-CDG
Expires
Fri, 18 Aug 2023 10:45:14 GMT
a4b78162.gif
video.xlirdr.com/b/ Frame 05DA 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/a4b78162.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06be7f943cfd8ba83160b16fbbdf816d6eab72aea06c772677db94ecbad8d41f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
x1mpuzT38SU819TXl2RlvLV9blVqyxup
cf-cache-status
HIT
x-amz-request-id
ZQQS5N71GPAA77HT
age
2137
alt-svc
h3=":443"; ma=86400
content-length
9043
x-amz-id-2
ELmxIjXEQiSn9Y0ykTo+536iGjX+QLUPVJv6AK1bGuqziRnazsbGF7gOBC8u8bu8qlA9DB1qtzk=
last-modified
Mon, 15 Feb 2021 08:27:47 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:581371bac0f7ce99abb73b3d2384f92e
etag
"581371bac0f7ce99abb73b3d2384f92e"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc1791c3c7b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
126196bb.gif
video.xlirdr.com/b/ Frame C7B6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/126196bb.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed0daebc23bf730030eb2f90e6de783430267176d068c9d0fdf293997d12c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
n6rFKZ6MqkcnTXvPXYZRTPj5SQ8j4zIT
cf-cache-status
HIT
x-amz-request-id
BWGY000WGK2F8D70
age
2137
alt-svc
h3=":443"; ma=86400
content-length
9265
x-amz-id-2
DQ74eTho0fT/eMEilGbiuhaQ36P5LjM/+7HVeUXmcZ4oTBLFK/5Egs39puLIgkm0kF/oVg1RPcY=
last-modified
Mon, 15 Feb 2021 08:24:47 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:8e5bfeeab1dad7a7d1fc2cf9eb485723
etag
"8e5bfeeab1dad7a7d1fc2cf9eb485723"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc1791b3c7b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
0976e3d5.gif
video.xlirdr.com/b/ Frame 8C85 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/0976e3d5.gif
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7dbbca40848a3604b1a245b7d8e3f4c42f70955ced2d9695d014f4a1a63e69a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
n93uC9JCEC4qzEh9_WUMgy1bWNiWqj.2
cf-cache-status
HIT
x-amz-request-id
PJ50YT7YNYRGTZG3
age
2137
alt-svc
h3=":443"; ma=86400
content-length
34975
x-amz-id-2
rX14tjdPTNwEGY9A3WDkonnadlhuGyuot90N2D7JyRQWS3POcQoGORFBkIWdwa7qpSghHCUzVVo=
last-modified
Mon, 15 Feb 2021 08:24:38 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:64f9b36e6222095cb69145001dd956b3
etag
"64f9b36e6222095cb69145001dd956b3"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc179193c7b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
models
go.xlirdr.com/api/ Frame 6869 		2 KB
847 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/api/models?forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c34443fd8fa6ee3223492fabb405a011a231bd44091356f2806d79a78437d7e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Jul 2023 11:57:30 GMT
server
cloudflare
age
11
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://creative.xlirdr.com
access-control-allow-credentials
true
cf-ray
7ee52fc17c792a3b-CDG
alt-svc
h3=":443"; ma=86400
pixel;r=1201822318;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fanfisasiberia.sextgem.com%2Fanfisasiberia;uht=2;fpan=1;fpa=P0-715454693-1690631869511;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;...
pixel.quantserve.com/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1201822318;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fanfisasiberia.sextgem.com%2Fanfisasiberia;uht=2;fpan=1;fpa=P0-715454693-1690631869511;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1690631869678;tzo=0;ogl=;ses=fac01e10-adba-4eee-8914-88bc9687140b;mdl=
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 11:57:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
digit-b.png
www.supercounters.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.supercounters.com/images/digit-b.png
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256748ed30497423e69a44f121fa43da4b98ce69db717e3515312c355c3beae7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://anfisasiberia.sextgem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:49 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
501152
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2193
Last-Modified
Wed, 06 Nov 2013 11:19:30 GMT
Server
cloudflare
ETag
"527a25c2-891"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTGINz2uptlmDvE3yyQd4nAWTtqUQSMjeUeKZxCwX5w8cNVTckEHagHKLvwOpt3pYZB59eHm1MKsLSZ032QGsbWvrHcRk6%2BB9JqbkjvpahGLVpieQDhfE0cdjpuw18QcE1BhwugCttfzK1Ge2pryXKEedfw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
7ee52fc1a93b0494-CDG
Expires
Thu, 03 Aug 2023 01:58:49 GMT
abc.gif
go.xlirdr.com/ Frame C7B6 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.xlirdr.com/abc.gif?e=dXNlcklkPTM0Nzc4MzQwN2JjYWZmZDQzOTA0NGUxYzlkNDc3ODdkZjA0NGRlOWRlZjIwOThlNDhkMWI5MjUwYTcxYzkxNTQmYmI9MTI2MTk2YmIuZ2lmJm1vZGVsc0NvdW50PTAmcmVmZXJyZXImaT0wJmliPTA%3D&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A161.80000114440918%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A29.700000762939453%2C%22duration%22%3A87.39999961853027%2C%22transferSize%22%3A51295%7D%5D&mh=484701369
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
cf-ray
7ee52fc1ac9d2a3b-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
126196bb.gif
video.xlirdr.com/b/ Frame C7B6 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/126196bb.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ed0daebc23bf730030eb2f90e6de783430267176d068c9d0fdf293997d12c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
n6rFKZ6MqkcnTXvPXYZRTPj5SQ8j4zIT
cf-cache-status
HIT
x-amz-request-id
B9W5ME7VZ9NKNFCM
age
5642
alt-svc
h3=":443"; ma=86400
content-length
9265
x-amz-id-2
yNuzFRicVbjv5YTUYNeJnjb76zyGcxQWFLH6w6YbRzSyMJmHANjB/JNe89Bf7QI4GF0h53LRAzg=
last-modified
Mon, 15 Feb 2021 08:24:47 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:8e5bfeeab1dad7a7d1fc2cf9eb485723
etag
"8e5bfeeab1dad7a7d1fc2cf9eb485723"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc1ac9e2a3b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
abc.gif
go.xlirdr.com/ Frame 8C85 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.xlirdr.com/abc.gif?e=dXNlcklkPTM0Nzc4MzQwN2JjYWZmZDQzOTA0NGUxYzlkNDc3ODdkZjA0NGRlOWRlZjIwOThlNDhkMWI5MjUwYTcxYzkxNTQmYmI9MDk3NmUzZDUuZ2lmJm1vZGVsc0NvdW50PTAmcmVmZXJyZXImaT0wJmliPTA%3D&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A150.70000076293945%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A28.899999618530273%2C%22duration%22%3A73.10000038146973%2C%22transferSize%22%3A51295%7D%5D&mh=1964030144
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
cf-ray
7ee52fc1ac9f2a3b-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
0976e3d5.gif
video.xlirdr.com/b/ Frame 8C85 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/0976e3d5.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7dbbca40848a3604b1a245b7d8e3f4c42f70955ced2d9695d014f4a1a63e69a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
n93uC9JCEC4qzEh9_WUMgy1bWNiWqj.2
cf-cache-status
HIT
x-amz-request-id
95F3FA3AGM6PFC9G
age
636
alt-svc
h3=":443"; ma=86400
content-length
34975
x-amz-id-2
LgL+lLvzdsUaHkx1LJ5pwKozHKNOw+sLm+SWVNvqM9T/mIvPouyTPv1jaldsZqd7lo2cvOSSKm1hwyNdCZu8sQ==
last-modified
Mon, 15 Feb 2021 08:24:38 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:64f9b36e6222095cb69145001dd956b3
etag
"64f9b36e6222095cb69145001dd956b3"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc1aca12a3b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
abc.gif
go.xlirdr.com/ Frame 05DA 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.xlirdr.com/abc.gif?e=dXNlcklkPTM0Nzc4MzQwN2JjYWZmZDQzOTA0NGUxYzlkNDc3ODdkZjA0NGRlOWRlZjIwOThlNDhkMWI5MjUwYTcxYzkxNTQmYmI9YTRiNzgxNjIuZ2lmJm1vZGVsc0NvdW50PTAmcmVmZXJyZXImaT0wJmliPTA%3D&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A135.39999961853027%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A28.5%2C%22duration%22%3A63.5%2C%22transferSize%22%3A51295%7D%5D&mh=-797310870
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
cf-ray
7ee52fc1bca22a3b-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
a4b78162.gif
video.xlirdr.com/b/ Frame 05DA 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.xlirdr.com/b/a4b78162.gif
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/wrapper/index.b46f6a72402501f35744.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06be7f943cfd8ba83160b16fbbdf816d6eab72aea06c772677db94ecbad8d41f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
x-amz-version-id
x1mpuzT38SU819TXl2RlvLV9blVqyxup
cf-cache-status
HIT
x-amz-request-id
ZQQS5N71GPAA77HT
age
636
alt-svc
h3=":443"; ma=86400
content-length
9043
x-amz-id-2
ELmxIjXEQiSn9Y0ykTo+536iGjX+QLUPVJv6AK1bGuqziRnazsbGF7gOBC8u8bu8qlA9DB1qtzk=
last-modified
Mon, 15 Feb 2021 08:27:47 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:581371bac0f7ce99abb73b3d2384f92e
etag
"581371bac0f7ce99abb73b3d2384f92e"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee52fc1bca42a3b-CDG
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires
Sat, 29 Jul 2023 13:57:49 GMT
96015009_webp
img.strpst.com/thumbs/1690631760/ Frame 6869 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.strpst.com/thumbs/1690631760/96015009_webp
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:311f::6812:3f84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffac907cd6824de3ee69e124b68384593881a852a26760fa334b56f5b2cacf9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cf-cache-status
HIT
last-modified
Sat, 29 Jul 2023 11:55:44 GMT
server
cloudflare
age
102
etag
"f3eaae5e2099ea7aab3334a7e5dfd49e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=1800
accept-ranges
bytes
cf-ray
7ee52fc218cf008e-CDG
alt-svc
h3=":443"; ma=86400
content-length
11724
abc.gif
go.xlirdr.com/ Frame 6869 		103 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.xlirdr.com/abc.gif?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Player&referrer=http%3A%2F%2Fanfisasiberia.sextgem.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A159.60000038146973%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A33.89999961853027%2C%22duration%22%3A73.79999923706055%2C%22transferSize%22%3A1737%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A34%2C%22duration%22%3A81.19999885559082%2C%22transferSize%22%3A66256%7D%5D&mh=-610555476
Requested by
Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/anfisasiberia
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://creative.xlirdr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
*
cf-ray
7ee52fc1bca62a3b-CDG
alt-svc
h3=":443"; ma=86400
content-length
103
/
pt.cdctwm.com/live-stream/ Frame CD93 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Requested by
Host: embwmpt.com
URL: https://embwmpt.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
eb43d6823066e695fdd2d4a48bf8f0396ac6f9dc9de6629a1cb26490bd57b8b1

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Jul 2023 11:57:49 GMT
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
R-MISS
X-UD-Id
9ZmuQ/Xzf
/
pt.cdctwm.com/live-stream/ Frame 1054 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Requested by
Host: embwmpt.com
URL: https://embwmpt.com/embed/lf?c=object_container&site=jasmin&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&category=girl&forcedPerformers[]=&vp[showChat]=false&vp[chatAutoHide]=false&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&filters=&ms_notrack=1&subAffId={SUBAFFID}
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
f7f23256138880a95c99d25de3cfe61c61fae5d407970e4adc1da81f7a24db14

Request headers

Referer
http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Jul 2023 11:57:49 GMT
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache-Status
R-MISS
X-UD-Id
cETam/Ki0
view
go.xlirdr.com/thumbs/ Frame 6869 		90 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://go.xlirdr.com/thumbs/view
Requested by
Host: creative.xlirdr.com
URL: https://creative.xlirdr.com/widgets/Player/main.0ed095e39c748ed1b1bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2346e492db84474c55606512eaf57ad079fe43a139f851bc701ea8eae6f8b52c

Request headers

Referer
https://creative.xlirdr.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 29 Jul 2023 11:57:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
*
cf-ray
7ee52fc25fc70356-CDG
alt-svc
h3=":443"; ma=86400
di.min-v221513.js
pt-static2.ptwmstcnt.com/npe/_common/script/incognito/ Frame 1054 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/_common/script/incognito/di.min-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
W/"64c370b4-d47"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
advertisement-v221513.js
pt-static2.ptwmstcnt.com/npe/_common/script/adblock/ Frame 1054 		21 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-15"
X-Cache-Status
R-HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21
Expires
Sat, 12 Aug 2023 11:57:49 GMT
live-stream-v221513.css
pt-static4.ptwmstcnt.com/npe/ba/ls/css/ Frame 1054 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
b566986a71f1b28a1ef5f02aefa4573fb6d58f5e544cf8ba002b2c551aea4cdb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:33 GMT
Server
unknown
ETag
W/"64c370b5-903a"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
ls-v221513.js
pt-static2.ptwmstcnt.com/npe/ba/ls/script/ Frame 1054 		476 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/ba/ls/script/ls-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
470af42e342578c69099255498c28b08250b37cf66586c903af6d30fea8df6c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:33 GMT
Server
unknown
ETag
W/"64c370b5-77070"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
gtm.js
www.googletagmanager.com/ Frame 1054 		209 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0d72e4036184db70c3de7bd3135d30dda275593a5bf18a0593b4f4ec8e8736c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72124
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 11:57:50 GMT
di.min-v221513.js
pt-static2.ptwmstcnt.com/npe/_common/script/incognito/ Frame CD93 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/_common/script/incognito/di.min-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
W/"64c370b4-d47"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
advertisement-v221513.js
pt-static2.ptwmstcnt.com/npe/_common/script/adblock/ Frame CD93 		21 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-15"
X-Cache-Status
R-HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21
Expires
Sat, 12 Aug 2023 11:57:49 GMT
live-stream-v221513.css
pt-static4.ptwmstcnt.com/npe/ba/ls/css/ Frame CD93 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
b566986a71f1b28a1ef5f02aefa4573fb6d58f5e544cf8ba002b2c551aea4cdb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:33 GMT
Server
unknown
ETag
W/"64c370b5-903a"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
ls-v221513.js
pt-static2.ptwmstcnt.com/npe/ba/ls/script/ Frame CD93 		476 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pt-static2.ptwmstcnt.com/npe/ba/ls/script/ls-v221513.js
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
470af42e342578c69099255498c28b08250b37cf66586c903af6d30fea8df6c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 07:39:33 GMT
Server
unknown
ETag
W/"64c370b5-77070"
X-Cache-Status
R-HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Sat, 12 Aug 2023 11:57:49 GMT
gtm.js
www.googletagmanager.com/ Frame CD93 		209 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05ad69aba389314e5319fdf3684cfc5f493c4e37ddaa379b95c735c2ffe54405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72204
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Jul 2023 11:57:50 GMT
d409bfbd312933841131e109ec58e8af_glamour_726x408.jpg
galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame CD93 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://galleryn1.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/d409bfbd312933841131e109ec58e8af_glamour_726x408.jpg?cno=1bf6
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
4c31ccb4aa939244ed9c5e40ea07fbc9723077b8fb2d8198ac2fdfb5903253b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Connection
keep-alive
Content-Length
114971
X-Cdn-Node
frpar
Last-Modified
Sat, 03 Dec 2022 12:22:06 GMT
Server
unknown
ETag
"64648cd7985a7face5b6513685cc7ba1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Accept-Ranges
bytes
Expires
Sat, 12 Aug 2023 11:57:50 GMT
pt_di-v221513.png
pt-static3.ptwmstcnt.com/npe/image/ Frame CD93 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt-static3.ptwmstcnt.com/npe/image/pt_di-v221513.png
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
0d4451ade7ff63c59585c3637be283849dedd52d49886c6a7e73ec1364337ad4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-4f9d"
X-Cache-Status
R-HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20381
Expires
Sat, 12 Aug 2023 11:57:50 GMT
pt-icons-v221513.woff
pt-static4.ptwmstcnt.com/npe/_common/fonts/ Frame CD93 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://pt-static4.ptwmstcnt.com/npe/_common/fonts/pt-icons-v221513.woff
Requested by
Host: pt-static4.ptwmstcnt.com
URL: http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
33e3503ef3a7dc205b9a36025f8ec534daad28ae8773c930c245d463d250f472

Request headers

Referer
http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Origin
http://pt.cdctwm.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-5740"
X-Cache-Status
R-HIT
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22336
Expires
Sat, 12 Aug 2023 11:57:50 GMT
get
api-protected.protoawegw.com/v2/player/performer/ Frame CD93 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://api-protected.protoawegw.com/v2/player/performer/get?includeTestAccounts=&product=livejasmin&category=girl&withSb=1&psid=djsilver&pstool=302_2&profilePictureSize=896x504,504x896&ngs=1&performerIds[]=a00SpicyAlicia
Requested by
Host: pt-static2.ptwmstcnt.com
URL: http://pt-static2.ptwmstcnt.com/npe/ba/ls/script/ls-v221513.js
Protocol
HTTP/1.1
Server
93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
28d4dee0aa581ec4fd371ae8e97451d2eae5728d5c59fd9cfcc1649e1f419135

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
Content-Encoding
gzip
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
38b0a8e5e9d90a00995561c879407e74_glamour_726x408.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 1054 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/38b0a8e5e9d90a00995561c879407e74_glamour_726x408.jpg?cno=a67f
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
7d512754c041076a152f95eda1be2e6ee980fc69733eb4e3e04bca1baa811790
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Connection
keep-alive
Content-Length
28270
X-Cdn-Node
frpar
Last-Modified
Fri, 28 Jul 2023 16:15:32 GMT
Server
unknown
ETag
"4b58251b2d9dbf6e8147f313d2cacd1d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Accept-Ranges
bytes
Expires
Sat, 12 Aug 2023 11:57:50 GMT
pt_di-v221513.png
pt-static3.ptwmstcnt.com/npe/image/ Frame 1054 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt-static3.ptwmstcnt.com/npe/image/pt_di-v221513.png
Requested by
Host: pt.cdctwm.com
URL: http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
0d4451ade7ff63c59585c3637be283849dedd52d49886c6a7e73ec1364337ad4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-4f9d"
X-Cache-Status
R-HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20381
Expires
Sat, 12 Aug 2023 11:57:50 GMT
pt-icons-v221513.woff
pt-static4.ptwmstcnt.com/npe/_common/fonts/ Frame 1054 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://pt-static4.ptwmstcnt.com/npe/_common/fonts/pt-icons-v221513.woff
Requested by
Host: pt-static4.ptwmstcnt.com
URL: http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Protocol
HTTP/1.1
Server
93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
33e3503ef3a7dc205b9a36025f8ec534daad28ae8773c930c245d463d250f472

Request headers

Referer
http://pt-static4.ptwmstcnt.com/npe/ba/ls/css/live-stream-v221513.css
Origin
http://pt.cdctwm.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

X-Cdn-Node
frpar
Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Fri, 28 Jul 2023 07:39:32 GMT
Server
unknown
ETag
"64c370b4-5740"
X-Cache-Status
R-HIT
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22336
Expires
Sat, 12 Aug 2023 11:57:50 GMT
get
api-protected.protoawegw.com/v2/player/performer/ Frame 1054 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://api-protected.protoawegw.com/v2/player/performer/get?includeTestAccounts=&product=livejasmin&category=hot_flirt&withSb=1&psid=djsilver&pstool=302_2&profilePictureSize=896x504,504x896&ngs=1&performerIds[]=2b298fff-3b15-4c1d-bd25-8b625ccfdc4d
Requested by
Host: pt-static2.ptwmstcnt.com
URL: http://pt-static2.ptwmstcnt.com/npe/ba/ls/script/ls-v221513.js
Protocol
HTTP/1.1
Server
93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
5824c0f1148b36b7cbdaf1c0e44a0b0c3aec401aac067595271eb41515bc61b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
Content-Encoding
gzip
Server
unknown
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type
js
www.googletagmanager.com/gtag/ Frame 1054 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
834c9655c88ea7aff6c9f3529e8950abeab74aae35a3318631471b80b2b51099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 11:57:50 GMT
Ki0.gif
pt.cdctwm.com/cETam/ Frame 1054 		43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt.cdctwm.com/cETam/Ki0.gif?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com&im=0
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=hot_flirt&embedTool=1&origin=anfisasiberia.sextgem.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
unknown
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 29 Jul 2023 11:57:49 GMT
js
www.googletagmanager.com/gtag/ Frame CD93 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
834c9655c88ea7aff6c9f3529e8950abeab74aae35a3318631471b80b2b51099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 11:57:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 11:57:50 GMT
Xzf.gif
pt.cdctwm.com/9ZmuQ/ Frame CD93 		43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pt.cdctwm.com/9ZmuQ/Xzf.gif?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com&im=0
Protocol
HTTP/1.1
Server
93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/live-stream/?c=object_container&site=jsm&cobrandId=&psid=djsilver&pstool=202_1&psprogram=revs&campaign_id=124042&forcedPerformers%5B0%5D=&vp%5BshowChat%5D=false&vp%5BchatAutoHide%5D=false&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&filters=&subAffId=%7BSUBAFFID%7D&categoryName=girl&embedTool=1&origin=anfisasiberia.sextgem.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
unknown
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 29 Jul 2023 11:57:49 GMT
d409bfbd312933841131e109ec58e8af_glamour_896x504.jpg
galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame CD93 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://galleryn3.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f1d/d409bfbd312933841131e109ec58e8af_glamour_896x504.jpg?cno=1bf6
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
23feccf45209ab0bfca503efcd455bdd68e9785463f502d18a3861eaa0afa5d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Connection
keep-alive
Content-Length
170341
X-Cdn-Node
frpar
Last-Modified
Sat, 03 Dec 2022 12:22:06 GMT
Server
unknown
ETag
"4025d89d53baf4898259c48d94b43e62"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Accept-Ranges
bytes
Expires
Sat, 12 Aug 2023 11:57:50 GMT
a00SpicyAlicia.20.mp4
gallery.vcmdiawe.com/lpp/1/a00SpicyAlicia/ Frame CD93 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://gallery.vcmdiawe.com/lpp/1/a00SpicyAlicia/a00SpicyAlicia.20.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.cdctwm.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

x-cdn-node
frpar
date
Sat, 29 Jul 2023 11:57:50 GMT
x-content-type-options
nosniff
last-modified
Sat, 29 Jul 2023 11:57:29 GMT
server
unknown
etag
"64c4fea9-128a50"
x-cache-status
R-MISS
content-type
video/mp4
x-cache-source
Streampreroll
access-control-allow-origin
*
cache-control
max-age=60
Content-Range
bytes 0-1215055/1215056
x-real-source
-, -
Content-Length
1215056
expires
Sat, 29 Jul 2023 11:58:50 GMT
2b298fff-3b15-4c1d-bd25-8b625ccfdc4d.20.mp4
gallery.vcmdiawe.com/lpp/3/2b298fff-3b15-4c1d-bd25-8b625ccfdc4d/ Frame 1054 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://gallery.vcmdiawe.com/lpp/3/2b298fff-3b15-4c1d-bd25-8b625ccfdc4d/2b298fff-3b15-4c1d-bd25-8b625ccfdc4d.20.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
594bdac906e6f63b2b9d9f4ee016d9470343b787cf7310adc6f80c65c061dd62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://pt.cdctwm.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

x-cdn-node
frpar
date
Sat, 29 Jul 2023 11:57:50 GMT
x-content-type-options
nosniff
last-modified
Sat, 29 Jul 2023 11:57:23 GMT
server
unknown
etag
"64c4fea3-1209f0"
x-cache-status
R-MISS
content-type
video/mp4
x-cache-source
Streampreroll
access-control-allow-origin
*
cache-control
max-age=60
Content-Range
bytes 0-1182191/1182192
x-real-source
-, -
Content-Length
1182192
expires
Sat, 29 Jul 2023 11:58:50 GMT
38b0a8e5e9d90a00995561c879407e74_glamour_896x504.jpg
galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/ Frame 1054 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://galleryn0.vcmdiawe.com/ff268cab8d9fbae1ed7506f97496274f13/38b0a8e5e9d90a00995561c879407e74_glamour_896x504.jpg?cno=a67f
Protocol
HTTP/1.1
Server
93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software
unknown /
Resource Hash
89bed831c05c692178a499ee87874626bda8e3f3d116a51b3d126ed4a0739fd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://pt.cdctwm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 11:57:50 GMT
X-Content-Type-Options
nosniff
X-Cache-Status
R-HIT
X-Cache-Source
Origin
Connection
keep-alive
Content-Length
39376
X-Cdn-Node
frpar
Last-Modified
Fri, 28 Jul 2023 16:15:32 GMT
Server
unknown
ETag
"f00423697a3001f5642b0decd3538b6d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
X-Real-Source
-
Accept-Ranges
bytes
Expires
Sat, 12 Aug 2023 11:57:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creative.xlirdr.com
URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=a4b78162.gif
Domain
creative.xlirdr.com
URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=0976e3d5.gif
Domain
creative.xlirdr.com
URL
https://creative.xlirdr.com/widgets/wrapper?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&bb=126196bb.gif
Domain
creative.xlirdr.com
URL
https://creative.xlirdr.com/widgets/Player?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| aweConfig function| ptInitPromoPlayer object| sc_tab_var function| sc_tab function| sc_show_tab function| sc_tab_animate function| ct_insert function| errorMsg object| _qevents boolean| cookies function| quantserve function| __qc object| ezt object| _qoptions

9 Cookies

Domain/Path Name / Value
.sextgem.com/ Name: _xta_uid
Value: 8469c3576e6ca219b862d35dd90c2776
.sextgem.com/ Name: _xta_vid
Value: ab5a3cc49d7d3f4526fcce6505cceb01-1690631869
.chaturbate.com/ Name: __cf_bm
Value: g2ivsKMaPKBLL4m84aAzD.krG7RX7X.6ICoik07_rz8-1690631869-0-AUTKzJ7ZeXgglYSn5MBUY+GZDibQpiHMOxMuaOnnY+bnVM/KpjD/pv9wlMUqmxMamXSMNTDFnSs4QTsQcZ8naLU=
embwmpt.com/ Name: psui
Value: 17efe8559982b5b9d9ae480238d5f9cb
anfisasiberia.sextgem.com/ Name:
Value: test
creative.xlirdr.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrs3cUMT8mtwXgn4iLuhordPY8h2
go.xlirdr.com/ Name: __cflb
Value: 02DiuDFRFiBZBvMSLtrsEK7fDqK6EwaD86wNaBh1SarG4
.quantserve.com/ Name: mc
Value: 64c4febd-bb3dd-e3a1e-01f45
.sextgem.com/ Name: __qca
Value: P0-715454693-1690631869511

13 Console Messages

Source Level URL
Text
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: http://pl13048200.trustedcpmrevenue.com/e2/68/30/e2683001b51a3e369fb2d16165c07e07.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anfisasiberia.sextgem.com
api-protected.protoawegw.com
chaturbate.com
creative.xlirdr.com
edge.quantserve.com
embwmpt.com
enif.images.xtstatic.com
fagywalu.pro
fonts.googleapis.com
gallery.vcmdiawe.com
galleryn0.vcmdiawe.com
galleryn1.vcmdiawe.com
galleryn3.vcmdiawe.com
go.xlirdr.com
img.strpst.com
pixel.quantserve.com
pl13048200.trustedcpmrevenue.com
pt-static2.ptwmstcnt.com
pt-static3.ptwmstcnt.com
pt-static4.ptwmstcnt.com
pt.cdctwm.com
rules.quantcount.com
service.supercounters.com
sextgem.com
video.ktkjmp.com
video.xlirdr.com
widget.supercounters.com
www.googletagmanager.com
www.supercounters.com
xtgem.com
creative.xlirdr.com
141.94.172.213
172.104.29.90
173.233.137.52
2600:9000:223c:6800:6:44e3:f8c0:93a1
2600:9000:223c:e000:6:44e3:f8c0:93a1
2606:4700:3110::6812:336a
2606:4700:3110::6812:3b96
2606:4700:3110::6812:3eeb
2606:4700:311f::6812:3f84
2606:4700::6812:6528
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1178:1:4b::f
2a00:1450:4001:806::2008
2a00:1450:4001:827::200a
2a06:98c1:3120::3
54.36.158.42
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
05ad69aba389314e5319fdf3684cfc5f493c4e37ddaa379b95c735c2ffe54405
06be7f943cfd8ba83160b16fbbdf816d6eab72aea06c772677db94ecbad8d41f
0d4451ade7ff63c59585c3637be283849dedd52d49886c6a7e73ec1364337ad4
0d72e4036184db70c3de7bd3135d30dda275593a5bf18a0593b4f4ec8e8736c9
2346e492db84474c55606512eaf57ad079fe43a139f851bc701ea8eae6f8b52c
23feccf45209ab0bfca503efcd455bdd68e9785463f502d18a3861eaa0afa5d7
256748ed30497423e69a44f121fa43da4b98ce69db717e3515312c355c3beae7
28d4dee0aa581ec4fd371ae8e97451d2eae5728d5c59fd9cfcc1649e1f419135
321cb123c96e8798df771482620d7dd99b965131951506fa34dd1dfd617ae69c
33e3503ef3a7dc205b9a36025f8ec534daad28ae8773c930c245d463d250f472
41c494a4a40022a2a77b68e98d21730715263b026744c1e30a2efb3a6f6d3ed6
43317436fc9cc4150c0c08885e660b95d54388b54456d717105b11167d2040f0
470af42e342578c69099255498c28b08250b37cf66586c903af6d30fea8df6c3
47ecafa098bab1649d4c9477707c474431fbd4d8d385ce629ff90f19c5e21db5
4c31ccb4aa939244ed9c5e40ea07fbc9723077b8fb2d8198ac2fdfb5903253b1
4df85cd91e4a3e562efcdd321a22a41df43111ae54ff4f925eded4766844a13a
5824c0f1148b36b7cbdaf1c0e44a0b0c3aec401aac067595271eb41515bc61b3
594bdac906e6f63b2b9d9f4ee016d9470343b787cf7310adc6f80c65c061dd62
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f
5ffac907cd6824de3ee69e124b68384593881a852a26760fa334b56f5b2cacf9
7c34443fd8fa6ee3223492fabb405a011a231bd44091356f2806d79a78437d7e
7d512754c041076a152f95eda1be2e6ee980fc69733eb4e3e04bca1baa811790
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
834c9655c88ea7aff6c9f3529e8950abeab74aae35a3318631471b80b2b51099
89bed831c05c692178a499ee87874626bda8e3f3d116a51b3d126ed4a0739fd0
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
96e270941b57e0be42f5f0a1614d302f7693bd25d78a14742c61cdf4e2121ca5
9c3f558ef960bb88a8e0cba3ca75407bbefdfaddb30910a36ab062aa1235d2ab
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b3ed0daebc23bf730030eb2f90e6de783430267176d068c9d0fdf293997d12c6
b566986a71f1b28a1ef5f02aefa4573fb6d58f5e544cf8ba002b2c551aea4cdb
c41e01fe3a0214dee147e3053c88bc40bec6caaeff53b2b02bb82f97b23cc519
c7dbbca40848a3604b1a245b7d8e3f4c42f70955ced2d9695d014f4a1a63e69a
c807fe1cd5993840d0714978ca49784a2a2c4bed896cbcc49012eb11d1225d82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf713a0539fe553b2e8c31635ccbd31db0582e959b108de204227094d9316ccd
d5ad29cea5cce212d6ba029f2668fd9313218eb9251a06f7fd6da371f9e292eb
db2c325e007039151dc2fbfe670bfad07d9da4340ca2a55af21dc0203d4b3d1b
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fcdd2ec44aab0590bbc9d1ef39ac720c4230a89ab3b1b52dc103f6c071f53e
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
eb43d6823066e695fdd2d4a48bf8f0396ac6f9dc9de6629a1cb26490bd57b8b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8b5345dccae15ff5f48c3a6c5bf5bd17bdcf25a13b3f14551ed52351309d9c
f3a826f182b41438a8efadd6bf54a94891e3f386a0117271f8e36ba2fad07ec6
f6bcb75f66eb0c03dea7c0221cf5b986c4f22b7ee7eab0100cdad1a393214623
f7f23256138880a95c99d25de3cfe61c61fae5d407970e4adc1da81f7a24db14
fdef54289f76b5f57ef51e1a6a0211ad16800da8207ead4c42a4c57beecbbc38
ff543ce7874e778ebf35cc9a3c092ecfe82bd194c0023f50af6d1ccc4f83d525