urlscan.io logo urlscan.io
SecurityTrails logo

taraa.xyz Open in urlscan Pro
172.67.223.164  Public Scan

Go To Rescan Add Verdict Report
URL: http://taraa.xyz/1FVR
Submission: On May 04 via manual from AR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 19 domains to perform 126 HTTP transactions. The main IP is 172.67.223.164, located in United States and belongs to CLOUDFLARENET, US. The main domain is taraa.xyz.
This is the only time taraa.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.223.164 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 104.21.38.143 13335 (CLOUDFLAR...)
1 52.222.190.25 16509 (AMAZON-02)
1 104.21.27.152 13335 (CLOUDFLAR...)
1 172.67.194.125 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
33 67.212.191.158 32475 (SINGLEHOP...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 103.235.46.191 55967 (BAIDU Bei...)
9 95.211.229.247 60781 (LEASEWEB-...)
4 192.229.221.206 15133 (EDGECAST)
3 64.88.244.16 29789 (REFLECTED)
2 208.99.84.104 29789 (REFLECTED)
1 205.185.216.10 20446 (HIGHWINDS3)
1 205.185.216.42 20446 (HIGHWINDS3)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 185.75.253.87 48684 (VIKINGHOST)
1 4 31.192.112.221 48684 (VIKINGHOST)
24 208.99.84.116 29789 (REFLECTED)
8 195.85.23.30 209242 (CLOUDFLAR...)
4 64.210.156.16 29789 (REFLECTED)
1 2 195.85.23.89 209242 (CLOUDFLAR...)
126 25
6    172.67.223.164 (United States)

ASN13335 (CLOUDFLARENET, US)
taraa.xyz
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
10    104.21.38.143 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.taraa.xyz
1    52.222.190.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-25.ham50.r.cloudfront.net
d3t5ngjixpjdho.cloudfront.net
1    104.21.27.152 (United States)

ASN13335 (CLOUDFLARENET, US)
adult.xyz
1    172.67.194.125 (United States)

ASN13335 (CLOUDFLARENET, US)
ay.gy
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
33    67.212.191.158 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: c11.tmdcloud.com
bestsexfan.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
a.realsrv.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
9    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exoclick.com
4    192.229.221.206 (United States)

ASN15133 (EDGECAST, US)
ci.rdtcdn.com
ci-ph.rdtcdn.com
3    64.88.244.16 (United States)

ASN29789 (REFLECTED, US)
ei-ph.rdtcdn.com
2    208.99.84.104 (United States)

ASN29789 (REFLECTED, US)
ei.rdtcdn.com
1    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
di-ph.rdtcdn.com
1    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
di.rdtcdn.com
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
s3t3d2y7.ackcdn.net
2    185.75.253.87 (Netherlands)

ASN48684 (VIKINGHOST, NL)
promo-bc.com
4    31.192.112.221 (Netherlands)

ASN48684 (VIKINGHOST, NL)
bngpt.com
24    208.99.84.116 (United States)

ASN29789 (REFLECTED, US)
i.bngprl.com
i.bongacash.com
8    195.85.23.30 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
i.bimbolive.com
4    64.210.156.16 (United States)

ASN29789 (REFLECTED, US)
db.bngpt.com
2    195.85.23.89 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
bongacams.com
Domain Requested by
33 bestsexfan.com taraa.xyz
bestsexfan.com
21 i.bongacash.com bngpt.com
promo-bc.com
i.bongacash.com
10 cdn.taraa.xyz taraa.xyz
9 syndication.exoclick.com a.realsrv.com
8 i.bimbolive.com promo-bc.com
i.bongacash.com
bestsexfan.com
6 taraa.xyz taraa.xyz
adult.xyz
ajax.googleapis.com
4 db.bngpt.com promo-bc.com
bngpt.com
4 bngpt.com 1 redirects syndication.exoclick.com
a.realsrv.com
3 i.bngprl.com bestsexfan.com
3 ci-ph.rdtcdn.com bestsexfan.com
3 ei-ph.rdtcdn.com bestsexfan.com
3 a.realsrv.com bestsexfan.com
3 www.google-analytics.com taraa.xyz
2 bongacams.com 1 redirects
2 promo-bc.com syndication.exoclick.com
2 s3t3d2y7.ackcdn.net syndication.exoclick.com
2 ei.rdtcdn.com bestsexfan.com
2 hm.baidu.com bestsexfan.com
1 di.rdtcdn.com bestsexfan.com
1 di-ph.rdtcdn.com bestsexfan.com
1 ci.rdtcdn.com bestsexfan.com
1 www.googletagmanager.com bestsexfan.com
1 ay.gy taraa.xyz
1 adult.xyz taraa.xyz
1 d3t5ngjixpjdho.cloudfront.net taraa.xyz
1 ajax.googleapis.com taraa.xyz
126 26

This site contains links to these domains. Also see Links.

Domain
support.adult.xyz
adult.xyz
www8.christianivory.pro
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
bestsexfan.com
R3		 2021-03-14 -
2021-06-12		 3 months crt.sh
realsrv.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
exoclick.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.rdtcdn.com
DigiCert SHA2 High Assurance Server CA		 2019-10-26 -
2021-10-29		 2 years crt.sh
ackcdn.net
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.promo-bc.com
GoGetSSL RSA DV CA		 2020-08-06 -
2021-11-04		 a year crt.sh
bngpt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-18		 a year crt.sh
i.bngprl.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
*.bongacash.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-05 -
2021-06-03		 a year crt.sh
i.bimbolive.com
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh
db.bngwlt.com
GoGetSSL RSA DV CA		 2021-04-15 -
2022-04-15		 a year crt.sh
*.bongacams.com
GoGetSSL RSA DV CA		 2021-02-18 -
2022-03-21		 a year crt.sh

This page contains 13 frames:

Primary Page: http://taraa.xyz/1FVR
Frame ID: 09F14CAFA4E298D63DFE39CA297BBB9D
Requests: 22 HTTP requests in this frame

Frame: http://taraa.xyz/2market.php?i=4b1a5ac40e02f1b31515207c60dfc237&n=119491&p=aFGG5chibwWiUIiiOoijIIv0MJU3ZbWwUJiCILsiIonXNel4Y5XSJYjhaJCXIY60IJiiIOsiIUmWhbhhc52GgdizO9iGIaiifwSiwIi6ZlmHxehucE2WgYiyOFjGAdsiIomj1Iv0YNm3lbsoZJSCIL6iMoCDwci0bRWH9aiiaoWjxIlsX9229YzvIRj3obiyTBmn8IisLICiJek5ZhXnNLrhdFGm9cwhXR239LzvIojDoci0VR2HlauiZoGj9I3ucly2IZspIJn3RbvidwWiNIoSYZWlJRsxZ8SiIe65MhCnwLihdFXmNclhcRm3FLnvZoWD5c00IRjHoaiiToWj9I6maVWmxcsoYJSC8L19LtjnAOgiKMFndbppbdmWRavyd93kMcgvTRl3QcglMNTmAbuhMJDyseg6VI2ClbuyNVjnQI7sIEHTgO20NkCTkMgxQoXjBIwubJGCVLX3ZIWDJOL1aEXTQOv6NITCMZ3iLwjiMI23IMCjhMLjSZFGRZNwTYCzwYg3bAGjlMr1ZESTBNHxZMWjNYrxbYymkMgwQU2GhMy0bM2W1Yl1LEzWgM5iLRjjAIu6NIDCMd4iOwSi4I3xMIiiBOTiYMW2ZchicwmikIvtNNTjMI36LIjiMY2jIJny0e0=
Frame ID: 8F5F55A483BF5D54C158FA0626EF4814
Requests: 1 HTTP requests in this frame

Frame: https://bestsexfan.com/?from=adult.xyz
Frame ID: FF1B988579BC4F370B7AC56E0F3E90CD
Requests: 58 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148348&type=728x90&p=http%3A//taraa.xyz/&dt=1620099920829&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: B9BA2181C965141FC712270454018DE5
Requests: 2 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4194796&type=300x100&p=http%3A//taraa.xyz/&dt=1620099920830&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: F6BA62C04EC9734F51593A68C257FADD
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148356&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920862&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 8278C6753E73F9956AF26640DC85D5A0
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148376&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920865&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: B7E4F8F0586126BAA3757D29696FC243
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148372&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920909&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: A93C2B94E51C1D34A45E8D778A644543
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148346&type=900x250&p=http%3A//taraa.xyz/&dt=1620099920910&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 7DE887E5132762FABB644DBFDB37B607
Requests: 2 HTTP requests in this frame

Frame: https://promo-bc.com/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: BEDBF311395AE22EDE1E9C787EA2CB88
Requests: 4 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: E368FF29860EC22C83DB993C4CF6B31C
Requests: 15 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: FFE7BEC0C62B530029297045C5C5D5F0
Requests: 6 HTTP requests in this frame

Frame: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Frame ID: D538FFBB1729DB13F3463CA8116C501A
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

126
Requests

86 %
HTTPS

21 %
IPv6

19
Domains

26
Subdomains

25
IPs

5
Countries

5977 kB
Transfer

7619 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 19
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099910301&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1178697697.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106797759&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099910301&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1178697697.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106797759&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 21
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099915242&utmac=UA-6469700-20&utmcc=__utma%3D15539635.2024617605.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099915242&utmac=UA-6469700-20&utmcc=__utma%3D15539635.2024617605.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAgE~
Request Chain 115
  • https://bongacams.com/track?c=581512&no_content&no_track&odc HTTP 302
  • https://bngpt.com/hit.php?c=581512&no_content&no_track&odc HTTP 302
  • https://bongacams.com/?bcs=aGVpczhkMzc5MjVjMDEzNGU5ZjdlMzJhZGE0OTNiN2U3YzJlOjoxODY0Mjc6Omh0dHBzOi8vYmVzdHNleGZhbi5jb20vP2Zyb209YWR1bHQueHl6Ojo6Ojo6NTgxNTEyOjowOjowOjowOjo6OjA6OmRlZmF1bHQ6OjA~&no_content&odc

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 1FVR
taraa.xyz/ 		19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
0b78336e5fe21ae5a15eb1d756c7ece7e68f1fa6e99a7476386168cf905593ba
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
taraa.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d8cee2f9c1446f036fdc9773d3d2404441620099909; expires=Thu, 03-Jun-21 03:45:09 GMT; path=/; domain=.taraa.xyz; HttpOnly; SameSite=Lax FLYSESSID=8gv5hcputgrp85f331fuldi590; path=/; HttpOnly; SameSite=Lax yp1=1b21a2881e030773169e022719c18dfb; expires=Wed, 05-May-2021 03:45:09 GMT; Max-Age=86400; path=/; domain=.taraa.xyz yp2=ab97303749673be2418ff76bc9e1fe4e; expires=Wed, 05-May-2021 03:45:09 GMT; Max-Age=86400; path=/; domain=.taraa.xyz yp3=628675428; expires=Wed, 05-May-2021 03:45:09 GMT; Max-Age=86400; path=/; domain=.taraa.xyz
X-Powered-By
adfly
P3P
policyref="http://adult.xyz/w3c/p3p_adult.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 04 May 2021 03:45:09 GMT
X-Frame-Options
DENY
Referrer-Policy
no-referrer-when-downgrade
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
CF-Cache-Status
DYNAMIC
cf-request-id
09d713dea300001ea1e91cf000000001
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2co%2FNty2FwiI2x4kTI7HOBF6RBKNolrRsnIoB4EYGADaNtkdzraMFoswnO6svLMy4FZI3r2B3ByIL2obQc5hj%2Fi0tgeYA3HEh30%3D"}],"group":"cf-nel"}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
649ebc110f711ea1-AMS
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 11:18:35 GMT
x-content-type-options
nosniff
age
491194
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Apr 2022 11:18:35 GMT
ad_default_2.css
cdn.taraa.xyz/static/css/adult/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.taraa.xyz/static/css/adult/ad_default_2.css
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5f9e6f9fac878f301545a1f7651b590646ee35cb2a5992a133fe24c0bbc001

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
2533
Cf-Polished
origSize=4230
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713dff60000fa70319cf000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
W/"1086-5faa60e6-6b7fe9de9ae4e368;gz"
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B34zfhyuqn2vW%2FwYvxihAlO1ZvDxvUiLV4ryh%2BuUqDwGFtt1MfXWS8gIpy6l9HLXc3XZgQGIqmjBeQZjC19H0wnTbDvu5qr%2BLGfGIqRk"}],"group":"cf-nel"}
Content-Type
text/css
Expires
Tue, 11 May 2021 03:02:56 GMT
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
CF-RAY
649ebc132dc4fa70-AMS
Cf-Bgj
minify
/
d3t5ngjixpjdho.cloudfront.net/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3t5ngjixpjdho.cloudfront.net/?jgntd=788614
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
52.222.190.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-25.ham50.r.cloudfront.net
Software
/
Resource Hash
1c72132cb24d65c82b6aa568fb793cf32569e8093db7085f279adc9b56a2c138

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 03:45:09 GMT
content-encoding
gzip
X-Amz-Cf-Pop
HAM50-C2
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
36687
Via
1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
X-Amz-Cf-Id
04U-D_9A24jfiNskjLOnNTu37ZLOmglAhjxFQIh2SAWLw8WWi5M65w==
b64.js
cdn.taraa.xyz/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taraa.xyz/static/js/b64.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8adfe744263040fb80cb604e1802f8eee68e028b4ad74bc1398a19cd292edafe

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
2533
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1098
cf-request-id
09d713dff600004c85ab107000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"dc0-5faa60e6-2ffc9e652babccd0;gz"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=chETA6LokjKC8FTwsZJKRkHsh0pTeNyKPNV2MqgzFI7xe3rQaBr0qoBXgPmbZ0nc2nY6DDSyh%2FxzPooP6UcRePww8wNZ79QVxrJp9Oc%2B"}],"max_age":604800,"group":"cf-nel"}
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc1329b54c85-AMS
Expires
Tue, 11 May 2021 03:02:56 GMT
view112.js
cdn.taraa.xyz/static/js/ 		211 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taraa.xyz/static/js/view112.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cd933b69c768a55e5f89997fa090b287a7f752ab36532973a331f060564943

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2533
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
71791
cf-request-id
09d713dff30000fa44b9843000000001
Last-Modified
Mon, 25 Jan 2021 13:47:53 GMT
Server
cloudflare
Etag
"34cb0-600ecc09-ce6c7c27d2644c7c;gz"
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EqcSra%2FfjxOVL7cKYIpbqmQ7JcLxNWRded5IyyC%2F7g7C3tBdTx%2BApX1qiBnGbaev%2FtXVemXOBQ94vZ8kWNXyGyS7zhjD1tlPy%2Fs73S6v"}],"max_age":604800}
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc1319bdfa44-AMS
Expires
Tue, 11 May 2021 03:02:56 GMT
main.js
cdn.taraa.xyz/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taraa.xyz/static/js/main.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:09 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2247
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
667
cf-request-id
09d713dff700004c9de62c3000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"6f6-5faa60e6-5a0b6a8c1f70ff01;gz"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3BzHGxdFENFsqG8IWHMa%2FVaw8%2FwG5X5WwiSRX9Mh%2Bs8GVVChk8URBWAm5mmg27EB4m2jEnxuEktVVPIj7%2FP7Bqz2Qg3AcsJF9ziJVe2M"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc132b234c9d-AMS
Expires
Tue, 11 May 2021 03:07:42 GMT
logo_fb2.png
cdn.taraa.xyz/static/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/logo_fb2.png
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2244
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6283
cf-request-id
09d713e1e40000fa441fa4e000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"188b-5faa60e6-50f7a0a7015a0140;;;"
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UpGVIbOpIORsnLszzxW52ggj2bENxOJRi5ZZ1qvoLjokywo59hXV9CR9qUZunxVNrsNPLRP8EvaysK8KX2TCnFbZqiNqs25WiA0sHoUw"}],"max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc163bf0fa44-AMS
Expires
Tue, 11 May 2021 03:07:46 GMT
ad_top_bg2.png
cdn.taraa.xyz/static/image/ 		156 B
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/ad_top_bg2.png?&ad_box_=1
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
156
cf-request-id
09d713e2670000fa44bb281000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"9c-5faa60e6-616091c58406c4e2;;;"
Vary
Accept-Encoding
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sod5XXPoF2sW3f5CZLDkubutWQJcBBmuEbSb0092xN4D0UzmkdDcOoqcvJngghlJQ1bLeMG7lq3WxR1GRktrP5xrHgnt352a%2FIy675sH"}],"max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc170c5dfa44-AMS
Expires
Tue, 11 May 2021 03:45:10 GMT
logo.png
cdn.taraa.xyz/static/image/adult/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/adult/logo.png
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24db3841268bf9a96b73062bf2a7d6e44b032fe0b842f6dea7889b86bd044d3f

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
2241
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
6603
cf-request-id
09d713e27c0000fa70f5116000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"19cb-5faa60e6-f2ed6439e8df75ff;;;"
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ek9%2Bz%2BGLC4Tzf%2BOLN72vns3UD5ii0oidqstlx2PJHYKyMyTqmGTAQ4jFzqwMT8vPHkF8woJqTJVwoOP63%2Br9iJn4ZXYG8fBQn7d1b4It"}],"group":"cf-nel"}
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc172ffbfa70-AMS
Expires
Tue, 11 May 2021 03:07:49 GMT
spinner.gif
cdn.taraa.xyz/static/image/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/spinner.gif
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
2241
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35453
cf-request-id
09d713e27d00004c85c214b000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"8a7d-5faa60e6-abbbac75116acc85;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S%2BexNoCTxszfultJHVEubohKozQyDm5VggZRkB38WxNZL0gaP0SzGc59wmIzafQ9MQN87No090Eicy%2FKcLJz06a51JLjHI1uljs3cZZs"}],"max_age":604800,"group":"cf-nel"}
Content-Type
image/gif
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc172dd94c85-AMS
Expires
Tue, 11 May 2021 03:07:49 GMT
fp.rev11.php
adult.xyz/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://adult.xyz/fp.rev11.php?ver=22510453&nocache=698
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.27.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
97295cc695d292467470cfd92b960af76502e94f8e405b437cee389779711e24

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
X-Powered-By
PHP/7.3.27
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7gZvC9ht3OdsFbRipAxseURERpEEboS4ZoDqqlzDAUOSCf5ikWY%2BYRdvhNFyzKUk1KBqoBqdEno83acxBuFhtLmKMu3eS7QxpkQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-Turbo-Charged-By
LiteSpeed
Connection
keep-alive
CF-RAY
649ebc1478fe011d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713e0c90000011d3299e000000001
delete2.png
cdn.taraa.xyz/static/image/ 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/delete2.png
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2240
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
577
cf-request-id
09d713e27d00004c9db611c000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"241-5faa60e6-a0c39838649de106;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iv2QOTcNd3bStt7D6QPSySbtLlPAAwqUXmMglVCf1KcSntNk4B%2Fcyw%2FfGSziUAvwmN0pcsxj1CWWiJI%2Bcy5Pv%2Fnad5ckno4NDd62TZ2g"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc172f514c9d-AMS
Expires
Tue, 11 May 2021 03:07:50 GMT
advert.js
ay.gy/static/js/ 		112 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ay.gy/static/js/advert.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
172.67.194.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15e28fd94f4d039e91ca193ad45ef045980218d8068961c163e1a6f70817156

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2624
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713e22a00000c09ee3ab000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
W/"70-5faa60e6-ff90785759cf611e;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J1BkxKtzMQY5Lshb4V9d496OLEoVRS7JtCfNU2Km13NyY%2BdIP6gp7sGwQSXv95fW5Gre1XjSUNfemOwhv3Vkvz5xrps%2F3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
CF-RAY
649ebc16aba00c09-AMS
Expires
Tue, 11 May 2021 03:01:26 GMT
display.js
taraa.xyz/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://taraa.xyz/js/display.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed833bdbb60e381d73fbc327aeead6589c3b429f29b881c10ef55bef09bc6905

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
taraa.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://taraa.xyz/1FVR
Cookie
__cfduid=d8cee2f9c1446f036fdc9773d3d2404441620099909; FLYSESSID=8gv5hcputgrp85f331fuldi590; yp1=1b21a2881e030773169e022719c18dfb; yp2=ab97303749673be2418ff76bc9e1fe4e; yp3=628675428
Connection
keep-alive
Cache-Control
no-cache
Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
2151
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
13457
cf-request-id
09d713e22100001ea1058bf000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"ac8c-5faa60e6-2ebef0cf5c1dbf29;gz"
Vary
Accept-Encoding
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8JjhvSEIscaSotybrJmBGvXPUw7Yf4pKSmxl9YT1Ly1I6J8lwHVHsRrwNUg6I8EXEqCjgp7vwK7A1epL2ErIV%2FWimyp0WafSo8s%3D"}],"group":"cf-nel"}
Content-Type
application/x-javascript
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc169c631ea1-AMS
Expires
Tue, 11 May 2021 03:09:19 GMT
funcript1620099910237.php
taraa.xyz/ 		0
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://taraa.xyz/funcript1620099910237.php?pub=22510453&v=WZNHrBbSyZkrglQG2bhgywbC2T1NlRLFzSgL5hLCjIA2uMNjDLM34MOTSN4v3QMXiaBLTJYWWZZXhVcGmbkwvBNXTQMg3kLCjNM22gIHiIw7iQdjWNQuilO2jVIgysNDTMEuwANTDMUgzQLlCTJg2MI3jdovyRLmCbJpjdaFyKIg6AdjHLJ118ZSSYwsixcWGaF609IWjToi0oMjiIw0i5YWmZlnuFZmEcVlsNZXWd1ilwbinIQzidO3ibJkz5aW2alXwJXi2OJi1MM3nbRf0Bb32b40itL2CcJloRYmXINsoIIyjboOiJYijORikMM3DbQf2VZGWbZpiJM2zbItzJMC2LIw5oMjjIQlzxNWTaEi29ZWDbZihwYCWMR6mIYCTaIzwFMGWbMmiJfyQe==
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/js/display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.27
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713e2f300000b74ea99f000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QtVU62oSx1n5Dfx9yo9JG0W3LQ3%2BJkl9f%2F3tPzwXdcHy31wfc16O3sNknpk1CW83MCQ%2Bw3tAa87ZWHZR20LCt8GnvSvyT93KLX4%3D"}]}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
649ebc17ed790b74-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2623
date
Tue, 04 May 2021 03:01:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 04 May 2021 05:01:27 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
d_top_bg.png
cdn.taraa.xyz/static/image/ 		156 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taraa.xyz/static/image/d_top_bg.png
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
HTTP/1.1
Server
104.21.38.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
CF-Cache-Status
HIT
NEL
{"max_age":604800,"report_to":"cf-nel"}
Age
2240
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
156
cf-request-id
09d713e2c300009c756e36c000000001
Last-Modified
Tue, 10 Nov 2020 09:44:06 GMT
Server
cloudflare
Etag
"9c-5faa60e6-6bfb178d8ae4aca5;;;"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ew71VB5vYex8coB%2FCV66GCUavq6sVJXLeOmDDiQbsV%2BuiQAxKFHHcVA5xh5FF7rEEsN6zT0gXyMJSmEpIvYxED25cbsYSTAQurKw9bZE"}],"max_age":604800,"group":"cf-nel"}
Content-Type
image/png
Cache-Control
public, max-age=604800
X-Turbo-Charged-By
LiteSpeed
Accept-Ranges
bytes
CF-RAY
649ebc179e019c75-AMS
Expires
Tue, 11 May 2021 03:07:50 GMT
ping
taraa.xyz/index/ 		0
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://taraa.xyz/index/ping
Requested by
Host: adult.xyz
URL: http://adult.xyz/fp.rev11.php?ver=22510453&nocache=698
Protocol
HTTP/1.1
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / adfly
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Origin
http://taraa.xyz
Accept-Encoding
gzip, deflate
Host
taraa.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
http://taraa.xyz/1FVR
Cookie
__cfduid=d8cee2f9c1446f036fdc9773d3d2404441620099909; FLYSESSID=8gv5hcputgrp85f331fuldi590; yp1=1b21a2881e030773169e022719c18dfb; yp2=ab97303749673be2418ff76bc9e1fe4e; yp3=628675428
Connection
keep-alive
Content-Length
87
Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
X-Powered-By
adfly
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713e29e00001ea1d520f000000001
Pragma
no-cache
Server
cloudflare
X-Frame-Options
SAMEORIGIN
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpC%2BzjxCX8180s2R9ftQJG3KwCUV0Hws3T%2BWCrQwMS%2BbO0GibC1D1WIWojxcH%2Fz953o%2B7Xc8UXXIhVm%2FoiXbkEXCSQle3cpcalk%3D"}],"group":"cf-nel"}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
X-Turbo-Charged-By
LiteSpeed
CF-RAY
649ebc176d251ea1-AMS
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cookie set 2market.php
taraa.xyz/ Frame 8F5F 		1000 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://taraa.xyz/2market.php?i=4b1a5ac40e02f1b31515207c60dfc237&n=119491&p=aFGG5chibwWiUIiiOoijIIv0MJU3ZbWwUJiCILsiIonXNel4Y5XSJYjhaJCXIY60IJiiIOsiIUmWhbhhc52GgdizO9iGIaiifwSiwIi6ZlmHxehucE2WgYiyOFjGAdsiIomj1Iv0YNm3lbsoZJSCIL6iMoCDwci0bRWH9aiiaoWjxIlsX9229YzvIRj3obiyTBmn8IisLICiJek5ZhXnNLrhdFGm9cwhXR239LzvIojDoci0VR2HlauiZoGj9I3ucly2IZspIJn3RbvidwWiNIoSYZWlJRsxZ8SiIe65MhCnwLihdFXmNclhcRm3FLnvZoWD5c00IRjHoaiiToWj9I6maVWmxcsoYJSC8L19LtjnAOgiKMFndbppbdmWRavyd93kMcgvTRl3QcglMNTmAbuhMJDyseg6VI2ClbuyNVjnQI7sIEHTgO20NkCTkMgxQoXjBIwubJGCVLX3ZIWDJOL1aEXTQOv6NITCMZ3iLwjiMI23IMCjhMLjSZFGRZNwTYCzwYg3bAGjlMr1ZESTBNHxZMWjNYrxbYymkMgwQU2GhMy0bM2W1Yl1LEzWgM5iLRjjAIu6NIDCMd4iOwSi4I3xMIiiBOTiYMW2ZchicwmikIvtNNTjMI36LIjiMY2jIJny0e0=
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
dacb00b7849cc86750b80b84d935d98fc5d57f7cd4a8946df7459865e6f2820f

Request headers

Host
taraa.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://taraa.xyz/1FVR
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d8cee2f9c1446f036fdc9773d3d2404441620099909; FLYSESSID=8gv5hcputgrp85f331fuldi590; yp1=1b21a2881e030773169e022719c18dfb; yp2=ab97303749673be2418ff76bc9e1fe4e; yp3=628675428
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://taraa.xyz/1FVR

Response headers

Date
Tue, 04 May 2021 03:45:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.27
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
policyref="http://adult.xyz/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
adult_1131873=4029303; expires=Wed, 05-May-2021 03:45:10 GMT; Max-Age=86400; path=/; domain=adult.xyz market_1131873=4029303; expires=Tue, 04-May-2021 03:46:10 GMT; Max-Age=60; path=/
Vary
Accept-Encoding
X-Turbo-Charged-By
LiteSpeed
CF-Cache-Status
DYNAMIC
cf-request-id
09d713e2e90000012e9ab9c000000001
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AGE2BsJWxejUfWiyJIpW9whD4fp%2B%2BP2QreIlQfz07rWnclZPt2Yy7os4eRrTW79%2F2IWg4u8gNO7yy4105mpDv30ABkKXyt4gVMo%3D"}],"max_age":604800}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Server
cloudflare
CF-RAY
649ebc17d956012e-AMS
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&ut...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&u...
35 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099910301&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1178697697.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106797759&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 May 2021 03:45:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=452844738&utmhn=taraa.xyz&utme=8(User)9(22510453)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099910301&utmac=UA-6469700-20&utmcc=__utma%3D15539635.1178697697.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=106797759&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
/
bestsexfan.com/ Frame FF1B 		106 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/?from=adult.xyz
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/2market.php?i=4b1a5ac40e02f1b31515207c60dfc237&n=119491&p=aFGG5chibwWiUIiiOoijIIv0MJU3ZbWwUJiCILsiIonXNel4Y5XSJYjhaJCXIY60IJiiIOsiIUmWhbhhc52GgdizO9iGIaiifwSiwIi6ZlmHxehucE2WgYiyOFjGAdsiIomj1Iv0YNm3lbsoZJSCIL6iMoCDwci0bRWH9aiiaoWjxIlsX9229YzvIRj3obiyTBmn8IisLICiJek5ZhXnNLrhdFGm9cwhXR239LzvIojDoci0VR2HlauiZoGj9I3ucly2IZspIJn3RbvidwWiNIoSYZWlJRsxZ8SiIe65MhCnwLihdFXmNclhcRm3FLnvZoWD5c00IRjHoaiiToWj9I6maVWmxcsoYJSC8L19LtjnAOgiKMFndbppbdmWRavyd93kMcgvTRl3QcglMNTmAbuhMJDyseg6VI2ClbuyNVjnQI7sIEHTgO20NkCTkMgxQoXjBIwubJGCVLX3ZIWDJOL1aEXTQOv6NITCMZ3iLwjiMI23IMCjhMLjSZFGRZNwTYCzwYg3bAGjlMr1ZESTBNHxZMWjNYrxbYymkMgwQU2GhMy0bM2W1Yl1LEzWgM5iLRjjAIu6NIDCMd4iOwSi4I3xMIiiBOTiYMW2ZchicwmikIvtNNTjMI36LIjiMY2jIJny0e0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed / PHP/7.2.34
Resource Hash
0504389486d111343d7dd03d60f9e73955f520b83c6cd5a6dd696933b0e52e9e

Request headers

:method
GET
:authority
bestsexfan.com
:scheme
https
:path
/?from=adult.xyz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://taraa.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://taraa.xyz/

Response headers

x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
link
<https://bestsexfan.com/wp-json/>; rel="https://api.w.org/"
content-encoding
br
vary
Accept-Encoding
date
Tue, 04 May 2021 03:45:20 GMT
server
LiteSpeed
referrer-policy
no-referrer-when-downgrade
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-u...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099915242&utmac=UA-6469700-20&utmcc=__utma%3D15539635.2024617605.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: taraa.xyz
URL: http://taraa.xyz/1FVR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://taraa.xyz/1FVR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 May 2021 21:37:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=130388942&utmhn=taraa.xyz&utmt=event&utme=5(Ad*Paid*Success)(0)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=jovenes%20son%20descubiertos%20cogiendo%20por%20sus%20padres%20-%20XVIDEOS.COM&utmhid=373532137&utmr=-&utmp=%2F1FVR&utmht=1620099915242&utmac=UA-6469700-20&utmcc=__utma%3D15539635.2024617605.1620099910.1620099910.1620099910.1%3B%2B__utmz%3D15539635.1620099910.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAgE~
Non-Authoritative-Reason
HSTS
Cookie set 4b1a5ac40e02f1b31515207c60dfc237
taraa.xyz/callback/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://taraa.xyz/callback/4b1a5ac40e02f1b31515207c60dfc237
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Server
172.67.223.164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
http://taraa.xyz
Accept-Encoding
gzip, deflate
Host
taraa.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
__utma=15539635.2024617605.1620099910.1620099910.1620099910.1; __utmb=15539635.1.9.1620099915242; __utmc=15539635; __utmz=15539635.1620099910.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Connection
keep-alive
Referer
http://taraa.xyz/1FVR
Content-Length
680
Accept
*/*
Referer
http://taraa.xyz/1FVR
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 04 May 2021 03:45:16 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"max_age":604800,"report_to":"cf-nel"}
X-Powered-By
PHP/7.3.27
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09d713fbd60000012e9292a000000001
Pragma
no-cache
Server
cloudflare
Report-To
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=59IX9Tp1eKnhjUFE4DmoiRNkaXJD3MY9GusVhCyMJMguIBSopeFj5%2Blz6fGQlPPrOg9mI7C9ciz6Y3GaeQQRSuA8YJhWJkwEvm0%3D"}],"max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
X-Turbo-Charged-By
LiteSpeed
Set-Cookie
__cfduid=d8013e0e42e6a3c1b3189ea9d2541602c1620099916; expires=Thu, 03-Jun-21 03:45:16 GMT; path=/; domain=.taraa.xyz; HttpOnly; SameSite=Lax FLYSESSID=8i2cnvpg1008r7orh8q2l34d3p; path=/; HttpOnly; SameSite=Lax
CF-RAY
649ebc3fbd9a012e-AMS
Expires
Thu, 19 Nov 1981 08:52:00 GMT
style.min.css
bestsexfan.com/wp-includes/css/dist/block-library/ Frame FF1B 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.1
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Apr 2021 12:24:23 GMT
server
LiteSpeed
etag
"e33b-60783077-0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
8146
expires
Wed, 04 May 2022 03:45:20 GMT
font-awesome.min.css
bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/ Frame FF1B 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"7918-60345391-0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
6658
expires
Wed, 04 May 2022 03:45:20 GMT
style.css
bestsexfan.com/wp-content/themes/retrotube/ Frame FF1B 		73 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/style.css?ver=1.5.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
baeccebc7aa9ba536fe1cbcb819d57decebfa55739902d34fe0cd2cc71ec6105

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"125a5-60345391-0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
13761
expires
Wed, 04 May 2022 03:45:20 GMT
jquery.min.js
bestsexfan.com/wp-includes/js/jquery/ Frame FF1B 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Oct 2020 22:03:26 GMT
server
LiteSpeed
etag
"15d98-5f7e3b2e-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
30287
expires
Wed, 04 May 2022 03:45:20 GMT
jquery-migrate.min.js
bestsexfan.com/wp-includes/js/jquery/ Frame FF1B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Nov 2020 15:01:14 GMT
server
LiteSpeed
etag
"2bd8-5fb688ba-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
3995
expires
Wed, 04 May 2022 03:45:20 GMT
js
www.googletagmanager.com/gtag/ Frame FF1B 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZSSZX6521T
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7a80d7f67bd74db0a4ed82420c2554f2b8a4afa8e91512e5dd63cbfc5b1071b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46189
x-xss-protection
0
expires
Tue, 04 May 2021 03:45:20 GMT
vercompressed-BestSexFan-lgoo.png
bestsexfan.com/wp-content/uploads/2021/01/ Frame FF1B 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/01/vercompressed-BestSexFan-lgoo.png
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
bfe61928cc26971c004fcd29076d4b719ba25f22a74ef89943972eaa0409b867

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 08:44:10 GMT
server
LiteSpeed
etag
"228b7-6003f8da-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
141495
expires
Wed, 04 May 2022 03:45:20 GMT
ads.js
a.realsrv.com/ Frame FF1B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/ads.js
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c7bb5a38065389932bf7cd004edddf11c7a62df77057d4be869d8e7ae7897de8

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:20 GMT
Content-Encoding
gzip
X-HW
1620099920.dop208.fr8.t,1620099920.cds109.fr8.shn,1620099920.cds109.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
961
wp-emoji-release.min.js
bestsexfan.com/wp-includes/js/ Frame FF1B 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 00:25:32 GMT
server
LiteSpeed
etag
"3795-601b3efc-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
4316
expires
Wed, 04 May 2022 03:45:21 GMT
navigation.js
bestsexfan.com/wp-content/themes/retrotube/assets/js/ Frame FF1B 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/js/navigation.js?ver=1.0.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
802bc6725fd37d15aa9d599fa3f921fca0d4c585162c7b23da8ccd6f3ded751d

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"1194-60345391-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
1389
expires
Wed, 04 May 2022 03:45:20 GMT
jquery.bxslider.min.js
bestsexfan.com/wp-content/themes/retrotube/assets/js/ Frame FF1B 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/js/jquery.bxslider.min.js?ver=4.2.15
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
9a32744fa4707d6ea1ad2b696c644c4f45d327509989b4625b8a980e4a45e271

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"5ebc-60345391-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
6043
expires
Wed, 04 May 2022 03:45:20 GMT
jquery.touchSwipe.min.js
bestsexfan.com/wp-content/themes/retrotube/assets/js/ Frame FF1B 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/js/jquery.touchSwipe.min.js?ver=1.6.18
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"4fce-60345391-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
4899
expires
Wed, 04 May 2022 03:45:20 GMT
main.js
bestsexfan.com/wp-content/themes/retrotube/assets/js/ Frame FF1B 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/js/main.js?ver=1.5.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
e7e1e8f6e2a83c8eab1b2959c1453abf185813b56996c6a6187df21f65854823

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"98f0-60345391-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
9629
expires
Wed, 04 May 2022 03:45:20 GMT
skip-link-focus-fix.js
bestsexfan.com/wp-content/themes/retrotube/assets/js/ Frame FF1B 		683 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/js/skip-link-focus-fix.js?ver=1.0.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:00:01 GMT
server
LiteSpeed
etag
"2ab-60345391-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
329
expires
Wed, 04 May 2022 03:45:20 GMT
wp-embed.min.js
bestsexfan.com/wp-includes/js/ Frame FF1B 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 00:25:32 GMT
server
LiteSpeed
etag
"592-601b3efc-0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
663
expires
Wed, 04 May 2022 03:45:20 GMT
video-slider.js
a.realsrv.com/ Frame FF1B 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/video-slider.js
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53ca537e9b58c463300287bdfe9a3254cc77f17a0bfb2cd033861b0ff4207337

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:20 GMT
Content-Encoding
gzip
X-HW
1620099920.dop208.fr8.t,1620099920.cds109.fr8.shn,1620099920.cds109.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9468
hm.js
hm.baidu.com/ Frame FF1B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f74d04f1638cc3f504202827ea916110
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
5705cc2aa4209e15efa0c012f899f0d62a55c60561c7c2f4846914513af00beb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Content-Encoding
gzip
Server
apache
Etag
521a52edbbd0f45a66f5640b519a17f2
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14672
backgr.png
bestsexfan.com/wp-content/uploads/2021/02/ Frame FF1B 		299 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/02/backgr.png
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
1d55918a6a8bae360ed6a2d7d4836b1a232a06e1a5dc52504e2d82cf64b4adec

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 01:11:10 GMT
server
LiteSpeed
etag
"12b-6034562e-0;;;"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
299
expires
Wed, 04 May 2022 03:45:20 GMT
fontawesome-webfont.woff2
bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/fonts/ Frame FF1B 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://bestsexfan.com
Referer
https://bestsexfan.com/wp-content/themes/retrotube/assets/stylesheets/font-awesome/css/font-awesome.min.css?ver=4.7.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:20 GMT
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
etag
"12d68-60345391-0;;;"
content-type
application/font-woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
77160
expires
Wed, 04 May 2022 03:45:20 GMT
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame B9BA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148348&type=728x90&p=http%3A//taraa.xyz/&dt=1620099920829&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
8ebe59a78541b464f91037953fb8dbb69243b21caad60f75d402bc9fb732b061

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:20 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226090c350eb9b94.330612792748924285%22%3B%7D; expires=Thu, 04 May 2023 03:45:20 GMT; path=; domain=.exoclick.com; Secure; SameSite=none impressions=x%9C%ABV212%B6413%D351735624S%B2%8A6%D414320%B0%B4%B442%D0Q2411P%8A%AD%05%00%C1%19%09%0C; expires=Wed, 05 May 2021 03:45:20 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame F6BA 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4194796&type=300x100&p=http%3A//taraa.xyz/&dt=1620099920830&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e7373ed2de67ae7e6ae7ef6e68f0b1de5bde82d7da77175a5451db487c87b146

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:20 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%226090c350ef69e2.2236042428060852%22%3B%7D; expires=Thu, 04 May 2023 03:45:20 GMT; path=; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame 8278 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148356&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920862&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2cae88e554cea2cb59ba8b0764f1ba614be7d1dcf2123a856c051e71ae6e322c

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226090c351036200.598069962100034296%22%3B%7D; expires=Thu, 04 May 2023 03:45:21 GMT; path=; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame B7E4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148376&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920865&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
031c8bb71d635a4b439a3765b7ab870e867fdc2d050193972f36fae759dda406

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226090c35109d865.273552931553476630%22%3B%7D; expires=Thu, 04 May 2023 03:45:21 GMT; path=; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame A93C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148372&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920909&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
45e0bdfcd742149e5b7a6a84f321831cd8e0b62d29f0f37b60cf56d41b25d208

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226090c35108f978.962644221352339618%22%3B%7D; expires=Thu, 04 May 2023 03:45:21 GMT; path=; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame 7DE8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148346&type=900x250&p=http%3A//taraa.xyz/&dt=1620099920910&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
da1404ce922a830a71d53157d2684be1eac51ae0511524a310aa3841ca83d611

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bestsexfan.com/?from=adult.xyz

Response headers

Server
nginx
Date
Tue, 04 May 2021 03:45:21 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%226090c3510b39d5.398948563892803715%22%3B%7D; expires=Thu, 04 May 2023 03:45:21 GMT; path=; domain=.exoclick.com; Secure; SameSite=none
Content-Encoding
gzip
12.jpg
ci.rdtcdn.com/m=eW0Q8f/media/videos/201808/28/9909731/original/ Frame FF1B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci.rdtcdn.com/m=eW0Q8f/media/videos/201808/28/9909731/original/12.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amb/6AF6) /
Resource Hash
a74a5beeadea6f10fbf21237af1ab218af768c63e56e569bda9790fb37895495

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 28 Aug 2018 21:11:09 GMT
server
ECAcc (amb/6AF6)
age
996323
etag
"1e94fec27-d217-5748547e1b540"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10450020
accept-ranges
bytes
timing-allow-origin
*
content-length
8254
expires
Thu, 02 Sep 2021 02:32:21 GMT
white-wife-stretched-by-bbc.jpg
bestsexfan.com/wp-content/uploads/2021/04/ Frame FF1B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/04/white-wife-stretched-by-bbc.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
e8057a4ebef6ad94536bcf888225f500f9b7414e8e64912060c8bb5feef809b3

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 16 Apr 2021 20:03:12 GMT
server
LiteSpeed
etag
"2b46-6079ed80-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
11078
expires
Wed, 04 May 2022 03:45:21 GMT
massage-rooms-blonde-and-redhead-european-babes-lesbian-tribbing-orgasm.jpg
bestsexfan.com/wp-content/uploads/2021/02/ Frame FF1B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/02/massage-rooms-blonde-and-redhead-european-babes-lesbian-tribbing-orgasm.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
a8879a1c3b7f8382a602c7313406ebe4d7ebfcfa167bcc10f6d8ed984c97774d

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 20:10:19 GMT
server
LiteSpeed
etag
"280a-6035612b-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
10250
expires
Wed, 04 May 2022 03:45:21 GMT
(m=eW0Q8f)(mh=iCdUVIr2S5CakNTJ)13.jpg
ei-ph.rdtcdn.com/videos/201906/13/229181482/thumbs_5/ Frame FF1B 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ei-ph.rdtcdn.com/videos/201906/13/229181482/thumbs_5/(m=eW0Q8f)(mh=iCdUVIr2S5CakNTJ)13.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.244.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
00dbfd7ec07056614b4ccd9a190efbd16989039c40cc901f56f65263699f70a8

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 22 Sep 2020 05:25:29 GMT
etag
"15ce6d77f-13a4d-5afe031faa9fb"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10177467
x-cdn-diag
syd1-22003-1-32607-h-0-0---;22003-265-22745----0-0-0
timing-allow-origin
*
content-length
7355
expires
Mon, 26 Apr 2021 06:21:51 GMT
(m=eW0Q8f)(mh=fMx8TSho4eJ_a6Gi)1.jpg
ci-ph.rdtcdn.com/videos/202003/31/298671441/thumbs_5/ Frame FF1B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci-ph.rdtcdn.com/videos/202003/31/298671441/thumbs_5/(m=eW0Q8f)(mh=fMx8TSho4eJ_a6Gi)1.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B18) /
Resource Hash
e0ae1296a38bbcd46d6c89a94f2fa4b4db186e468a202073136aba75634cd996

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 31 Mar 2020 06:36:33 GMT
server
ECAcc (ama/8B18)
age
1650247
etag
"110496ce5-de5b-5a220c9ed8f4d"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10520119
accept-ranges
bytes
content-length
11273
expires
Thu, 02 Sep 2021 22:00:40 GMT
8.jpg
ei.rdtcdn.com/m=eW0Q8f/media/videos/201804/12/5652011/original/ Frame FF1B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ei.rdtcdn.com/m=eW0Q8f/media/videos/201804/12/5652011/original/8.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.104 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
0e2f8594655c8f1911c9b99a0b1b87996abdccf84eaee84392db30d9342338d6

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Wed, 24 Apr 2019 09:39:41 GMT
etag
"20d18fbbb-195a8-587437b13b140"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10463985
x-cdn-diag
lal1-14003-2-45646-h-0-0---;140033-165-3344----0-0-1
timing-allow-origin
*
content-length
12091
expires
Wed, 14 Apr 2021 19:26:10 GMT
(m=eW0Q8f)(mh=fD2T0f1zsd8fqywT)11.jpg
ci-ph.rdtcdn.com/videos/202009/27/355410452/original/ Frame FF1B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci-ph.rdtcdn.com/videos/202009/27/355410452/original/(m=eW0Q8f)(mh=fD2T0f1zsd8fqywT)11.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A9F) /
Resource Hash
759d6733327117f54a79ebd363bb17d14eafc9c62484b85c0d25d0f6d6e85efc

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Sun, 27 Sep 2020 09:48:27 GMT
server
ECAcc (ama/8A9F)
age
6520650
etag
"1127d06ed-14373-5b048739790c0"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10773452
accept-ranges
bytes
content-length
9728
expires
Sun, 05 Sep 2021 20:22:53 GMT
(m=eW0Q8f)(mh=t4q98tNoPqQNgxIm)3.jpg
di-ph.rdtcdn.com/videos/201904/25/220153031/original/ Frame FF1B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di-ph.rdtcdn.com/videos/201904/25/220153031/original/(m=eW0Q8f)(mh=t4q98tNoPqQNgxIm)3.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
ae7c728ce3a330bbdf171f41cb59ff9cdb8d5ddd9f09f3d2966e9b4f04a43603

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Last-Modified
Thu, 25 Apr 2019 07:11:10 GMT
Server
nginx
ETag
"120a6ba6d-1c367-5875585d5bb5e"
X-HW
1620099921.dop107.lo4.t,1620099921.cds236.lo4.shn,1620099921.dop107.lo4.t,1620099921.cds242.lo4.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10587517
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11934
hidden-bedroom-camera-fuck-session-multiple-orgasms.jpg
bestsexfan.com/wp-content/uploads/2021/01/ Frame FF1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/01/hidden-bedroom-camera-fuck-session-multiple-orgasms.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
a69383b010777711591321ec7d9b452ad4bb23b06a80aeaac58449771fc017d3

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 15:05:35 GMT
server
LiteSpeed
etag
"232c-6004523f-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
9004
expires
Wed, 04 May 2022 03:45:21 GMT
(m=eW0Q8f)(mh=OXI6HucRhAcR9Dk5)10.jpg
ei-ph.rdtcdn.com/videos/201908/04/239570771/original/ Frame FF1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ei-ph.rdtcdn.com/videos/201908/04/239570771/original/(m=eW0Q8f)(mh=OXI6HucRhAcR9Dk5)10.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.244.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-cdn-diag
access-control-allow-methods
GET,HEAD,OPTIONS
(m=eW0Q8f)(mh=eL6Y3zduHOYx4L5R)13.jpg
ei-ph.rdtcdn.com/videos/202101/30/382712132/original/ Frame FF1B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ei-ph.rdtcdn.com/videos/202101/30/382712132/original/(m=eW0Q8f)(mh=eL6Y3zduHOYx4L5R)13.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.88.244.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
4d9e4aae6f97a5cf0e8e4d56dff27ced9ad9e32823ad52c0c2332c06ed75b736

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Sat, 30 Jan 2021 20:51:16 GMT
etag
"11991ccc7-27a5d-5ba24482c3900"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10845909
x-cdn-diag
syd1-22001-2-44132-h-0-0---;22003-265-22745----0-0-1
timing-allow-origin
*
content-length
12369
expires
Wed, 23 Jun 2021 18:56:12 GMT
10.jpg
di.rdtcdn.com/m=eW0Q8f/media/videos/201503/14/1069231/original/ Frame FF1B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rdtcdn.com/m=eW0Q8f/media/videos/201503/14/1069231/original/10.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
nginx /
Resource Hash
c2c48c7ecbf5ce2cbce2392e644f84e19458777a4acde40f39186190492fc745

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Last-Modified
Thu, 27 Jul 2017 11:46:13 GMT
Server
nginx
ETag
"1af0b675e-a0e1-5554b1c85eb40"
X-HW
1620099921.dop218.lo4.t,1620099921.cds252.lo4.shn,1620099921.dop218.lo4.t,1620099921.cds255.lo4.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10470245
Connection
Keep-Alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
6533
10.jpg
ei.rdtcdn.com/m=eW0Q8f/media/videos/201906/12/17495281/original/ Frame FF1B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ei.rdtcdn.com/m=eW0Q8f/media/videos/201906/12/17495281/original/10.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.104 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e7e4283caa92b6b423224918642c5ed8be750f4a62ec62e97eee0b103ebeaad3

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 16 Jul 2019 05:45:13 GMT
etag
"215cadf9e-15043-58dc5e1632c40"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=10796082
x-cdn-diag
lal1-14036-3-36067-h-0-0---;140033-165-3344----0-0-1
timing-allow-origin
*
content-length
10175
expires
Sun, 18 Apr 2021 16:45:32 GMT
blonde-milf-gets-fingered-til-she-squirt-ass-fucked.jpg
bestsexfan.com/wp-content/uploads/2021/04/ Frame FF1B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/04/blonde-milf-gets-fingered-til-she-squirt-ass-fucked.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
bc297c9ac6cda1d9797b973f1601b1baa7d55f9c0760ef3465eddfff5ae0b16c

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 22 Apr 2021 02:03:02 GMT
server
LiteSpeed
etag
"573a-6080d956-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
22330
expires
Wed, 04 May 2022 03:45:21 GMT
i-can-barely-fit-my-bbc-because-my-pussy-is-so-tight.jpg
bestsexfan.com/wp-content/uploads/2021/01/ Frame FF1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/01/i-can-barely-fit-my-bbc-because-my-pussy-is-so-tight.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
7aecacb177a680f6844c976179d7db2675a0b638d1a2afdb7f38e666d29e292a

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 14:59:58 GMT
server
LiteSpeed
etag
"2520-600450ee-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
9504
expires
Wed, 04 May 2022 03:45:21 GMT
(m=eW0Q8f)(mh=07pVCuhL5o5MToGi)12.jpg
ci-ph.rdtcdn.com/videos/202102/19/383904252/original/ Frame FF1B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ci-ph.rdtcdn.com/videos/202102/19/383904252/original/(m=eW0Q8f)(mh=07pVCuhL5o5MToGi)12.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.206 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A94) /
Resource Hash
16520fe125daae80267df08ae58aee361da58dd8c6db94ce0693c0515c4541ec

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Fri, 19 Feb 2021 19:07:21 GMT
server
ECAcc (ama/8A94)
age
6331877
etag
"1201e2230-35df9-5bbb5295d2c40"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=9949150
accept-ranges
bytes
content-length
18441
expires
Fri, 27 Aug 2021 07:24:31 GMT
girlsoutwest-curvy-babes-pussy-and-ass-licking.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/girlsoutwest-curvy-babes-pussy-and-ass-licking.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
772b52a4670092bbc0e988f49f8a2dbed82accf16efed6a480bd7d31c27922d8

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 03:03:09 GMT
server
LiteSpeed
etag
"395d-6090b96d-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
14685
expires
Wed, 04 May 2022 03:45:21 GMT
hot-girls-enjoying-the-mormon-rituals.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/hot-girls-enjoying-the-mormon-rituals.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
9b3aade820df7e9add04b7752fec686f460629c811091f07c6856b24865efe5e

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 03:03:08 GMT
server
LiteSpeed
etag
"3e7b-6090b96c-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
15995
expires
Wed, 04 May 2022 03:45:21 GMT
hot-japanese-nurse-is-up-for-some-hot-fucking.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/hot-japanese-nurse-is-up-for-some-hot-fucking.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
76eed6a662ef6a9897309c1b804fa347b9f9379253c31889982ca9bb90984235

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 02:02:58 GMT
server
LiteSpeed
etag
"221f-6090ab52-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
8735
expires
Wed, 04 May 2022 03:45:21 GMT
mature-real-asian-woman-getting.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/mature-real-asian-woman-getting.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
ce95bb67ebbf1dfa209a2ba6b2c4a4017fdf862d8504ca94a7b9a61dcc04110f

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 02:02:57 GMT
server
LiteSpeed
etag
"1de9-6090ab51-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
7657
expires
Wed, 04 May 2022 03:45:21 GMT
japanese-woman-hikari-kazami-got-nailed-uncensored.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/japanese-woman-hikari-kazami-got-nailed-uncensored.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
426fcf314fc1891966bac71c2265d4dbc55a26181d0b6091e46958cd28c2ffb4

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 01:02:59 GMT
server
LiteSpeed
etag
"2638-60909d43-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
9784
expires
Wed, 04 May 2022 03:45:21 GMT
gorgeous-japanese-babe-gets-her-pussy-pounded-and-filled-with-cum-by-horny-guy.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/gorgeous-japanese-babe-gets-her-pussy-pounded-and-filled-with-cum-by-horny-guy.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
49c5d187751e40a242922dd14d3c205836f050e6fd5a9d7ea505c1ed559fcb36

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 01:02:59 GMT
server
LiteSpeed
etag
"4c49-60909d43-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
19529
expires
Wed, 04 May 2022 03:45:21 GMT
sorceress-sonora-summons-creature-to-fuck-her.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/sorceress-sonora-summons-creature-to-fuck-her.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
9d76c376e979c509bd5b369f3020f5c2f925e9bd64bae2928b0858f172730ed1

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 00:03:05 GMT
server
LiteSpeed
etag
"3802-60908f39-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
14338
expires
Wed, 04 May 2022 03:45:21 GMT
slut-princess-x-little-monsters.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/slut-princess-x-little-monsters.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
5376fc998ccc16b1f84d773ee689293cede39596f94b1b964d48a7f70fa65624

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 May 2021 00:03:02 GMT
server
LiteSpeed
etag
"37c1-60908f36-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
14273
expires
Wed, 04 May 2022 03:45:21 GMT
bangbros-mike-adriano-enjoying-karlee-greys-juicy-big-tits-and-fat-ass.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/bangbros-mike-adriano-enjoying-karlee-greys-juicy-big-tits-and-fat-ass.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
c2041fdac7c8c5033d2e14ac39b0066f14adb8afc87e32c185b175a280149bcf

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 May 2021 23:03:06 GMT
server
LiteSpeed
etag
"2b1e-6090812a-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
11038
expires
Wed, 04 May 2022 03:45:21 GMT
milf-phyllisha-anne-likes-to-get-all-her-holes-fucked.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/milf-phyllisha-anne-likes-to-get-all-her-holes-fucked.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
103ecf25883509f054511d65e0f5a8765b097e6e3a4c4cab803f130b23dc5224

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 May 2021 23:03:05 GMT
server
LiteSpeed
etag
"2961-60908129-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
10593
expires
Wed, 04 May 2022 03:45:21 GMT
tattooed-nayomi-sharp-harvest-sperm-in-glass-for-aperitiv-germangoogirls.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/tattooed-nayomi-sharp-harvest-sperm-in-glass-for-aperitiv-germangoogirls.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
d53283fbd958d12ceb6c95010b89cc31ea48b9ffa70a3addca818bfc77f50899

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 May 2021 22:03:04 GMT
server
LiteSpeed
etag
"2fcd-60907318-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
12237
expires
Wed, 04 May 2022 03:45:21 GMT
a-gang-banged-cum-filled-hairy-pussy.jpg
bestsexfan.com/wp-content/uploads/2021/05/ Frame FF1B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestsexfan.com/wp-content/uploads/2021/05/a-gang-banged-cum-filled-hairy-pussy.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.191.158 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c11.tmdcloud.com
Software
LiteSpeed /
Resource Hash
87eb011e15c3dcee69d99687610dbe51896bdd0a026bdd42c27f28624568b9da

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 May 2021 22:03:02 GMT
server
LiteSpeed
etag
"2a9c-60907316-0;;;"
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
content-length
10908
expires
Wed, 04 May 2022 03:45:21 GMT
popunder1000.js
a.realsrv.com/ Frame FF1B 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.realsrv.com/popunder1000.js
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4efe0953e95fc2288849c44faf64693a097a485a7d520b56ddc0fa77fc02de28

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Content-Encoding
gzip
X-HW
1620099920.dop208.fr8.t,1620099921.cds109.fr8.shn,1620099921.cds109.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40033
splash.php
syndication.exoclick.com/ Frame FF1B 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/splash.php?idzone=4148380&cookieconsent=true
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/video-slider.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2cd5365597935891890f72916fda7ea1bab0f2f1fd36d19c2c068fd46762a0b6

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://bestsexfan.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
0db728c1df674dca474ec252d757b711e1f93f8a.jpg
s3t3d2y7.ackcdn.net/library/475567/ Frame B9BA 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3t3d2y7.ackcdn.net/library/475567/0db728c1df674dca474ec252d757b711e1f93f8a.jpg
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148348&type=728x90&p=http%3A//taraa.xyz/&dt=1620099920829&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
d787dd05b138485bb1f667c1d0ea15084d7a6ac18749a2a9473d5c5841856e10

Request headers

Referer
https://syndication.exoclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Last-Modified
Sat, 30 Jan 2021 09:34:10 GMT
ETag
"1611999250"
X-HW
1620099921.dop041.fr8.t,1620099921.cds165.fr8.shn,1620099921.dop041.fr8.t,1620099921.cds053.fr8.c
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20960
promo.php
promo-bc.com/ Frame BEDB 		146 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-bc.com/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4194796&type=300x100&p=http%3A//taraa.xyz/&dt=1620099920830&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
f8e9e37eb7de2255d7dd33b8bd8062eddc1ae712322b95f54cd4abb7affab6be
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
promo-bc.com
:scheme
https
:path
/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exoclick.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exoclick.com/

Response headers

server
nginx
date
Tue, 04 May 2021 03:45:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 04 May 2021 03:45:21 GMT
cache-control
no-cache public
x-bcs
ded7384
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
promo.php
bngpt.com/ Frame E368 		142 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148356&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920862&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
540dfb29d5992f139d100dd6b1f2bd4338e196c29de09b176b6f443f85aa8492
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
bngpt.com
:scheme
https
:path
/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exoclick.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exoclick.com/

Response headers

server
nginx
date
Tue, 04 May 2021 03:45:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 04 May 2021 03:45:21 GMT
cache-control
no-cache public
x-bcs
ded7015
strict-transport-security
max-age=0;
content-encoding
gzip
promo.php
bngpt.com/ Frame FFE7 		142 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148372&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920909&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
b459935f5e1fdad77379e1e36e94e8781110c3a85f5b4f4293176a1eb2d47ad6
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
bngpt.com
:scheme
https
:path
/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exoclick.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exoclick.com/

Response headers

server
nginx
date
Tue, 04 May 2021 03:45:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 04 May 2021 03:45:21 GMT
cache-control
no-cache public
x-bcs
ded7384
strict-transport-security
max-age=0;
content-encoding
gzip
c91053a0f1667ce1c626f6049d34a1ceea4bb1a4.mp4
s3t3d2y7.ackcdn.net/library/623611/ Frame 7DE8 		98 KB
99 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3t3d2y7.ackcdn.net/library/623611/c91053a0f1667ce1c626f6049d34a1ceea4bb1a4.mp4
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148346&type=900x250&p=http%3A//taraa.xyz/&dt=1620099920910&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
72340ac43da69c0f3448a4c0c3b44d0f978c0c5d414ef2a10e92b21c036fbf3c

Request headers

Referer
https://syndication.exoclick.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 04 May 2021 03:45:21 GMT
Last-Modified
Fri, 30 Apr 2021 10:36:34 GMT
Access-Control-Allow-Origin
*
ETag
"1619778994"
X-HW
1620099921.dop041.fr8.t,1620099921.cds165.fr8.shn,1620099921.dop041.fr8.t,1620099921.cds156.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-100456/100457
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
100457
promo.php
bngpt.com/ Frame FF1B 		1 KB
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bngpt.com/promo.php?c=581512&type=pre_roll&skipoffset=5&name=amg63&with_track&subid=ooc4QfnUzU20WyupqnltnundK51UtrqZnTupldK6V0rrKZnW1W2W2OsqrmoqdK6V07p3SuldM6V0rpnVy3S60VS76XaXUx0US1zT2XT2U23T0z21OdK7Tcpi7q4zBHqH9znSuldK6250rpXB9g--&subid2=4148380
Requested by
Host: a.realsrv.com
URL: https://a.realsrv.com/video-slider.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
135724890317d5de6555c7b4ab45afa7c3685fb6611af7e396489b24e6d95231
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0;
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://bestsexfan.com
cache-control
no-cache, public
access-control-allow-credentials
true
x-bcs
ded7724
expires
Tue, 04 May 2021 03:45:21 GMT
promo.php
promo-bc.com/ Frame D538 		142 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Requested by
Host: syndication.exoclick.com
URL: https://syndication.exoclick.com/ads-iframe-display.php?idzone=4148376&type=300x250&p=http%3A//taraa.xyz/&dt=1620099920865&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
30ab333fab55c1cd31c16d2a01511cf245a58299321cb8c2be54947a0e983f57
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

:method
GET
:authority
promo-bc.com
:scheme
https
:path
/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://syndication.exoclick.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://syndication.exoclick.com/

Response headers

server
nginx
date
Tue, 04 May 2021 03:45:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
expires
Tue, 04 May 2021 03:45:21 GMT
cache-control
no-cache public
x-bcs
ded7015
strict-transport-security
max-age=0;
content-encoding
gzip
x-bc-bl
105
en_z.mp4
i.bngprl.com/pre_roll/amg63/bonga/ Frame FF1B 		33 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://i.bngprl.com/pre_roll/amg63/bonga/en_z.mp4
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Thu, 15 Oct 2020 10:00:12 GMT
x-cdn-diag-r
lal1-14038-2-42596-h-0-0---
x-shm-miss
true
access-control-allow-methods
GET
content-type
video/mp4
Content-Range
bytes 0-3795451/3795452
cache-control
max-age=2592000
x-cdn-diag
lal1-14042-1-33090-h-0-0---;140386-170-43968----0-1-0
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
3795452
expires
Wed, 18 Nov 2020 03:51:17 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame FFE7 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
lal1-14043-2-37853-h-0-0---;140436-163-26742----0-0-1
expires
Sat, 14 Nov 2020 07:18:44 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame D538 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
lal1-14043-2-37746-h-0-0---;140436-163-26742----0-0-1
expires
Sat, 14 Nov 2020 07:18:44 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame D538 		44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-6-10771-h-0-0---;140436-163-26742----0-0-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:42 GMT
spanish.png
i.bongacash.com/dynamic_banner/images/lang/ Frame D538 		414 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/spanish.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14013-1-2095-h-0-0---;140436-165-26742----0-0-1
accept-ranges
bytes
content-length
414
expires
Sat, 14 Nov 2020 07:18:44 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame D538 		542 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-7-11011-h-0-0---;140436-171-26742----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:19:03 GMT
logo2_default.png
i.bongacash.com/dynamic_banner/images/ Frame FFE7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/logo2_default.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14047-7-34453-h-0-0---;140436-163-26742----0-0-0
accept-ranges
bytes
content-length
3813
expires
Fri, 02 Apr 2021 16:47:57 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame FFE7 		44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-6-10771-h-0-0---;140436-165-26742----0-0-1
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:42 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame FFE7 		542 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-7-10948-h-0-0---;140436-171-26742----0-0-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:19:03 GMT
slovenian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame FFE7 		347 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/slovenian.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WTupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148372&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
66fb6e64a8ecace8145412164afd42498d5aa878fd08fce0e1cf5bc08c0a9846

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14045-1-16897-h-0-0---;140436-171-26742----0-0-0
accept-ranges
bytes
content-length
347
expires
Sat, 14 Nov 2020 20:01:08 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame BEDB 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
lal1-14043-2-37843-h-0-0---;140436-163-26742----0-0-1
expires
Sat, 14 Nov 2020 07:18:44 GMT
jquery.tools.min.js
i.bongacash.com/dynamic_banner/ Frame E368 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
lal1-14043-2-37834-h-0-0---;140436-163-26742----0-0-1
expires
Sat, 14 Nov 2020 07:18:44 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame BEDB 		44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-6-10751-h-0-0---;140436-163-26742----0-0-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:42 GMT
logo2_default.png
i.bongacash.com/dynamic_banner/images/ Frame E368 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/logo2_default.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14047-7-34434-h-0-0---;140436-163-26742----0-0-0
accept-ranges
bytes
content-length
3813
expires
Fri, 02 Apr 2021 16:47:57 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame E368 		44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:21 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-6-10771-h-0-0---;140436-165-26742----0-0-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:42 GMT
spanish.png
i.bongacash.com/dynamic_banner/images/lang/ Frame E368 		414 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/spanish.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14013-1-2095-h-0-0---;140436-171-26742----0-0-1
accept-ranges
bytes
content-length
414
expires
Sat, 14 Nov 2020 07:18:44 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame E368 		542 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-7-10948-h-0-0---;140436-171-26742----0-1-0
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:19:03 GMT
en_z.mp4
i.bngprl.com/pre_roll/amg63/bonga/ Frame FF1B 		26 KB
27 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://i.bngprl.com/pre_roll/amg63/bonga/en_z.mp4
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
21d52545bedb47a30e02347e9300f733f738d5216cac47ab654193b0313ee28c

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=3768320-

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Thu, 15 Oct 2020 10:00:12 GMT
x-cdn-diag-r
lal1-14038-2-42594-h-0-0---
x-shm-miss
true
access-control-allow-methods
GET
content-type
video/mp4
Content-Range
bytes 3768320-3795451/3795452
cache-control
max-age=2592000
x-cdn-diag
lal1-14042-1-33090-h-0-0---;140386-185-43968----0-0-0
access-control-allow-origin
*
Content-Length
27132
expires
Wed, 18 Nov 2020 03:51:17 GMT
video_back.gif
i.bongacash.com/dynamic_banner/images/ Frame BEDB 		44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/video_back.gif
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680184&subid=oodRZHNPLHPNNHNLK4QfnUzXU2XVupltsrqmodK6iWVU0srqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4194796&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=100&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_2&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=custom&db%5Bmpad%5D=19&db%5Bmwidth%5D=120&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=none&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/gif
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-6-10771-h-0-0---;140436-171-26742----0-0-0
accept-ranges
bytes
content-length
44
expires
Sat, 14 Nov 2020 07:18:42 GMT
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame D538 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de208ff40065be94a014f2fd7c7a698d17145e38a8d44ce98e4702e38ede9a39

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:22 GMT
cf-cache-status
HIT
age
944268
x-o1-p3
HIT
content-length
9527
cf-request-id
09d71412cb0000201431089000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebc647dfb2014-AMS
cf-bgj
h2pri
stream_LizzTayler.webm
db.bngpt.com/ Frame D538 		190 KB
190 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://db.bngpt.com/stream_LizzTayler.webm
Requested by
Host: promo-bc.com
URL: https://promo-bc.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20WVupltsrsqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148376&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=10&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.210.156.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
87e5b58f21a9e535b434537cbf600c48f12a7e41f72df111019f3cf80bfda949

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Fri, 30 Apr 2021 19:17:00 GMT
etag
"608c57ac-2f67c"
content-type
video/webm
Content-Range
bytes 0-194171/194172
cache-control
max-age=43200
x-cdn-diag
lon1-16008-1-25763-h-0-0---;16009-28-23950----0-0-1
Content-Length
194172
expires
Sat, 01 May 2021 08:43:39 GMT
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame E368 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de208ff40065be94a014f2fd7c7a698d17145e38a8d44ce98e4702e38ede9a39

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:22 GMT
cf-cache-status
HIT
age
944268
x-o1-p3
HIT
content-length
9527
cf-request-id
09d71412cb00002014e73c4000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebc647e002014-AMS
cf-bgj
h2pri
stream_LizzTayler.webm
db.bngpt.com/ Frame E368 		190 KB
190 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://db.bngpt.com/stream_LizzTayler.webm
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?c=680190&subid=oodRZHNPLHPNNHNLK4QfnUzU20VVupmorlqqqdK6iWVU9UrqpbXUzOndTK6V0rpXWUzOtqtstsdZVXNRU6V0rp3TuldK6Z0rpXTOdVvdXxXNtTZxdtNLbbvNVPZnbXXvtLbLa6VxsyZ5xqWx01csqpp5ZXOldK6V1tzpXSuD7A--&subid2=4148356&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=300&db%5Bheight%5D=250&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=1&db%5Bfooter%5D=footer_text_1&db%5Bmlang%5D=1&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=1&db%5Bmsize%5D=auto&db%5Bmpad%5D=3&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23ffffff&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.210.156.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
87e5b58f21a9e535b434537cbf600c48f12a7e41f72df111019f3cf80bfda949

Request headers

Referer
https://bngpt.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 04 May 2021 03:45:22 GMT
last-modified
Fri, 30 Apr 2021 19:17:00 GMT
etag
"608c57ac-2f67c"
content-type
video/webm
Content-Range
bytes 0-194171/194172
cache-control
max-age=43200
x-cdn-diag
lon1-16008-1-25750-h-0-0---;16009-28-23950----0-0-0
Content-Length
194172
expires
Sat, 01 May 2021 08:43:39 GMT
hm.gif
hm.baidu.com/ Frame FF1B 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1111&et=0&ja=0&ln=en-us&lo=0&rnd=2080546387&si=f74d04f1638cc3f504202827ea916110&su=http%3A%2F%2Ftaraa.xyz%2F&v=1.2.80&lv=1&sn=9188&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fbestsexfan.com%2F%3Ffrom%3Dadult.xyz&tt=Free%20HD%20Porn%20videos%2C%20Sex%20Videos%20%E2%80%93%20BestSexFan%20%E2%80%93%20Watch%20Free%20Porn%20Videos%20porn%20videos%20for%20free%2C%20here%20on%20BestSexFan.com.%20Discover%20the%20growing%20collection%20of%20high%20quality%20Most%20Relevant%20Sex%20movies%20and%20videos.
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 May 2021 03:45:22 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/ Frame D538 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E368 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame D538 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de208ff40065be94a014f2fd7c7a698d17145e38a8d44ce98e4702e38ede9a39

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:22 GMT
cf-cache-status
HIT
age
944268
x-o1-p3
HIT
content-length
9527
cf-request-id
09d714134800002014232e2000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebc653ecc2014-AMS
cf-bgj
h2pri
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame E368 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de208ff40065be94a014f2fd7c7a698d17145e38a8d44ce98e4702e38ede9a39

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:22 GMT
cf-cache-status
HIT
age
944268
x-o1-p3
HIT
content-length
9527
cf-request-id
09d71413f800002014b416c000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebc665fab2014-AMS
cf-bgj
h2pri
en_z.mp4
i.bngprl.com/pre_roll/amg63/bonga/ Frame FF1B 		4 MB
4 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://i.bngprl.com/pre_roll/amg63/bonga/en_z.mp4
Requested by
Host: bestsexfan.com
URL: https://bestsexfan.com/?from=adult.xyz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
b407c34b5e403411e2fb861a456e5b148298e3df0677417b9794c5c070a4d794

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

date
Tue, 04 May 2021 03:45:23 GMT
last-modified
Thu, 15 Oct 2020 10:00:12 GMT
x-cdn-diag-r
lal1-14038-2-42594-h-0-0---
x-shm-miss
true
access-control-allow-methods
GET
content-type
video/mp4
Content-Range
bytes 32768-3795451/3795452
cache-control
max-age=2592000
x-cdn-diag
lal1-14042-1-33090-h-0-0---;140386-172-43968----0-0-1
access-control-allow-origin
*
Content-Length
3762684
expires
Wed, 18 Nov 2020 03:51:17 GMT
vregister.php
syndication.exoclick.com/ Frame FF1B 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.exoclick.com/vregister.php?a=vimp&tracking_event=impression&idzone=4148380&38011a5661f249d2e43d671144dd753e=tsVuZ8uHLjt4ddvDnq5c_XTr65cddlTlK8E.fPvu48uG7lx47uPDhramslrpwzMLI1wNxsSvWMPOZ9OOuqCtxd.aquViRzNlyqupy91iXc1NJrgbYbtcprgqcpz59PHblw1wNz2MxwVPuU59.XXxz4a4G6oK3M_Hnv248tcDeM0rmfTj08c_HDXA20xW49NThn14eNcDbTEk7ED0ufTjz58vHjXA3axTAxXBNLn068uHjl55a4G5qs.nDXA2zTNdU5Tny1wNtuWwNOZ8NcDbTFNMDlOfDXA3BVPn36cddVjOfDXaxHY5nw3cOHDrrnsZjgqfcpXpYrcz78Nc9jMcFT7lK7VlNLkrWGaJ4GtpiSdiB6VdqymlyVrDNE8DW5e0.xK84vXMvPYzHBU.5Tnx1uXtPsSvOL1zLyuV3TUxZ8dbDa9eE7mfPjrdmpkYrz1wNyuV3TUxZ8dbU1ktdOC81MD0ErEeZhZGt.uude9d2am5iltxtd2anPXA3PTM3Y1Wu0xW49NThnx7a56YGoJXl5Jm3I8.Wt.uuerPjrqapcclXpcqmjsrgmlz12VOUrwN59uHng1z68HGfLPnpu58.Hbjy7.eXfp488unLx112UxrvsVP5tO8.Pdjq105u82Xejvjj36Md.jfDi4zz4.XNcEk9LlVUE0q9VbFdlWfDXBJPS5VVBNKvBLaxHA2vS4xVNLny10uOuUuUr1QVuLvzVVysSOZsuVV1OXusS7mppNbDbMczUWfDXA3M665Tnw1wNxsStwSvLzsPOZ8Nbl7jVlcE0q9cEjmfDdw464G22K2GnJa3Kc.WuBtpimmByleqaylpzPhrlmqapgnrz4a4JWpnpYK5l5Jm3M.GutyqteSZtzPhrpcegmlXecmlYkcXgbz8dfHfx31z0zX4L1VsV2VZ7eOuBudimuVynPhragrwXecmlYkcXgbz79e3Hn11yuVsNWQV4Lz0zX4L14TuZvzVVwSva5XK2GrIK8F56Zr8F23KmqYJ64Jpc7Z5dbDbMczUS9rlOeuCSelyqqCaVdiONeCW1iOBtelxiqaWrPlrqsZ5Z8NdVjPPPhrqapgnrXrwncz11NUwT1rysSOZ66mqYJ617XKc9bNM11TlK9rlOfjzrtpz4a4Ja3KZWI8.GuypyldpieeCV7PhrsqcpXaYnngleXdpcosclawz4a7bLIG8.Pblw4efPnlx58OHbn27dvHbh54Nc.vHg4665rrgkcqrYknz49uXDh58.eXHW1NNFA41NLU5LXnxg--
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:23 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
/
bongacams.com/ Frame FF1B
Redirect Chain
  • https://bongacams.com/track?c=581512&no_content&no_track&odc
  • https://bngpt.com/hit.php?c=581512&no_content&no_track&odc
  • https://bongacams.com/?bcs=aGVpczhkMzc5MjVjMDEzNGU5ZjdlMzJhZGE0OTNiN2U3YzJlOjoxODY0Mjc6Omh0dHBzOi8vYmVzdHNleGZhbi5jb20vP2Zyb209YWR1bHQueHl6Ojo6Ojo6NTgxNTEyOjowOjowOjowOjo6OjA6OmRlZmF1bHQ6OjA~&no_co...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bongacams.com/?bcs=aGVpczhkMzc5MjVjMDEzNGU5ZjdlMzJhZGE0OTNiN2U3YzJlOjoxODY0Mjc6Omh0dHBzOi8vYmVzdHNleGZhbi5jb20vP2Zyb209YWR1bHQueHl6Ojo6Ojo6NTgxNTEyOjowOjowOjowOjo6OjA6OmRlZmF1bHQ6OjA~&no_content&odc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.89 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Tue, 04 May 2021 03:45:29 GMT
server
nginx
access-control-allow-origin
*
strict-transport-security
max-age=0;
content-type
text/html; charset=UTF-8
location
https://bongacams.com?bcs=aGVpczhkMzc5MjVjMDEzNGU5ZjdlMzJhZGE0OTNiN2U3YzJlOjoxODY0Mjc6Omh0dHBzOi8vYmVzdHNleGZhbi5jb20vP2Zyb209YWR1bHQueHl6Ojo6Ojo6NTgxNTEyOjowOjowOjowOjo6OjA6OmRlZmF1bHQ6OjA~&no_content&odc
cache-control
no-cache, public
x-bcs
ded7013
expires
Tue, 04 May 2021 03:45:28 GMT
vregister.php
syndication.exoclick.com/ Frame FF1B 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.exoclick.com/vregister.php?a=vview&tracking_event=progress&progress=00:00:10.000&idzone=4148380&38011a5661f249d2e43d671144dd753e=tsVuZ8uHLjt4ddvDnq5c_XTr65cddlTlK8E.fPvu48uG7lx47uPDhramslrpwzMLI1wNxsSvWMPOZ9OOuqCtxd.aquViRzNlyqupy91iXc1NJrgbYbtcprgqcpz59PHblw1wNz2MxwVPuU59.XXxz4a4G6oK3M_Hnv248tcDeM0rmfTj08c_HDXA20xW49NThn14eNcDbTEk7ED0ufTjz58vHjXA3axTAxXBNLn068uHjl55a4G5qs.nDXA2zTNdU5Tny1wNtuWwNOZ8NcDbTFNMDlOfDXA3BVPn36cddVjOfDXaxHY5nw3cOHDrrnsZjgqfcpXpYrcz78Nc9jMcFT7lK7VlNLkrWGaJ4GtpiSdiB6VdqymlyVrDNE8DW5e0.xK84vXMvPYzHBU.5Tnx1uXtPsSvOL1zLyuV3TUxZ8dbDa9eE7mfPjrdmpkYrz1wNyuV3TUxZ8dbU1ktdOC81MD0ErEeZhZGt.uude9d2am5iltxtd2anPXA3PTM3Y1Wu0xW49NThnx7a56YGoJXl5Jm3I8.Wt.uuerPjrqapcclXpcqmjsrgmlz12VOUrwN59uHng1z68HGfLPnpu58.Hbjy7.eXfp488unLx112UxrvsVP5tO8.Pdjq105u82Xejvjj36Md.jfDi4zz4.XNcEk9LlVUE0q9VbFdlWfDXBJPS5VVBNKvBLaxHA2vS4xVNLny10uOuUuUr1QVuLvzVVysSOZsuVV1OXusS7mppNbDbMczUWfDXA3M665Tnw1wNxsStwSvLzsPOZ8NdsDbky7lrkteetymmalqZtzPXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8Defjr47.O.uema_BeqtiuyrPbx1wNzsU1yuU58NbUFeC7zk0rEji8Deffr248.uuVythqyCvBeema_BevCdzN.aquCV7XK5Ww1ZBXgvPTNfgu25U1TBPXBNLnbPLrYbZjmaiXtcpz1wST0uVVQTSrsRxrwS2sRwNr0uMVTS1Z8tdVjPLPhrqsZ558NdTVME9a9eE7meupqmCeteViRzPXU1TBPWva5TnrZpmuqcpXtcpz8eddtOfDXBLW5TKxHnw122WQN58e3Lhw8.fPLj269OXjz55.e3Dzwa59ePBxrl511wSOVVsST58e3Lhw8.fPLjrammigcamlqclrz4wA--
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://bestsexfan.com/?from=adult.xyz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 04 May 2021 03:45:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame D538 		542 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-7-10948-h-0-0---;140436-178-26742----0-0-13
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:19:03 GMT
slovenian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame D538 		347 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/slovenian.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14045-1-16822-h-0-0---;140436-178-26742----0-0-1
accept-ranges
bytes
content-length
347
expires
Sat, 14 Nov 2020 20:01:08 GMT
73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
i.bimbolive.com/06b/314/1ea/ Frame D538 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/06b/314/1ea/73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 04 May 2021 03:45:39 GMT
cf-cache-status
HIT
age
944334
x-o1-p6
MISS
content-length
8487
cf-request-id
09d71454c300002014f62c0000000001
last-modified
Sat, 10 Apr 2021 04:17:45 GMT
server
cloudflare
etag
"607126e9-2127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 17 May 2021 15:49:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebcce0ecb2014-AMS
cf-bgj
h2pri
stream_VivienXx.webm
db.bngpt.com/ Frame D538 		123 KB
123 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://db.bngpt.com/stream_VivienXx.webm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.210.156.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://promo-bc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Sun, 02 May 2021 19:00:35 GMT
etag
"608ef6d3-1eaea"
content-type
video/webm
Content-Range
bytes 0-125673/125674
cache-control
max-age=43200
x-cdn-diag
lon1-16032-1-29975-h-0-0---;16009-30-23950----0-0-1
Content-Length
125674
expires
Mon, 03 May 2021 07:18:49 GMT
english.png
i.bongacash.com/dynamic_banner/images/lang/ Frame E368 		542 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/english.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14014-7-10948-h-0-0---;140436-178-26742----0-0-1
accept-ranges
bytes
content-length
542
expires
Sat, 14 Nov 2020 07:19:03 GMT
slovenian.png
i.bongacash.com/dynamic_banner/images/lang/ Frame E368 		347 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/dynamic_banner/images/lang/slovenian.png
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.99.84.116 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
cache-control
max-age=2592000
x-cdn-diag
lal1-14045-1-16822-h-0-0---;140436-178-26742----0-0-1
accept-ranges
bytes
content-length
347
expires
Sat, 14 Nov 2020 20:01:08 GMT
73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
i.bimbolive.com/06b/314/1ea/ Frame E368 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/06b/314/1ea/73a2b197aceac2d7421e17fb80b6083e_thumb_medium.jpg
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/dynamic_banner/jquery.tools.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
2
date
Tue, 04 May 2021 03:45:39 GMT
cf-cache-status
HIT
age
944334
x-o1-p6
MISS
content-length
8487
cf-request-id
09d71454ef0000201410301000000001
last-modified
Sat, 10 Apr 2021 04:17:45 GMT
server
cloudflare
etag
"607126e9-2127"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 17 May 2021 15:49:26 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebcce4f162014-AMS
cf-bgj
h2pri
stream_VivienXx.webm
db.bngpt.com/ Frame E368 		123 KB
123 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://db.bngpt.com/stream_VivienXx.webm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.210.156.16 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bngpt.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 04 May 2021 03:45:39 GMT
last-modified
Sun, 02 May 2021 19:00:35 GMT
etag
"608ef6d3-1eaea"
content-type
video/webm
Content-Range
bytes 0-125673/125674
cache-control
max-age=43200
x-cdn-diag
lon1-16032-1-29975-h-0-0---;16009-30-23950----0-0-1
Content-Length
125674
expires
Mon, 03 May 2021 07:18:49 GMT
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame D538 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://promo-bc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:39 GMT
cf-cache-status
HIT
age
944285
x-o1-p3
HIT
content-length
9527
cf-request-id
09d71455090000201410302000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebcce7f402014-AMS
cf-bgj
h2pri
8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
i.bimbolive.com/03c/02a/20c/ Frame E368 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bimbolive.com/03c/02a/20c/8577f99462cfcb30ba314e7e480c4de5_thumb_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.30 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bngpt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bc-o
1
date
Tue, 04 May 2021 03:45:39 GMT
cf-cache-status
HIT
age
944285
x-o1-p3
HIT
content-length
9527
cf-request-id
09d714560300002014ab2c9000000001
last-modified
Wed, 21 Apr 2021 21:10:06 GMT
server
cloudflare
etag
"608094ae-2537"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 21 May 2021 21:56:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
649ebcd0088a2014-AMS
cf-bgj
h2pri

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| frame_check object| antiClickjack function| $ function| jQuery function| base64_encode function| base64_decode number| at string| log_token string| log_hash string| waitmsg string| zzz string| smk string| grk string| uid string| urid string| ref_i string| udid string| utime number| fp_ver string| abdo string| abb string| abmdl string| skbr number| d object| scripts undefined| ysmm string| easyUrl undefined| eu function| checkAndGo function| C7M8 function| U0AM function| v7dF function| K3aF function| N0MR function| c45A string| E1bi string| L1bi string| f1bi string| r1bi string| Y1bi string| u1bi string| P0bi function| stCntr function| setId function| cnt function| close_bar function| outputBanner function| sendInt function| bcf_fkillah number| rr function| onSubmitCaptcha function| onSubmitCompliantCaptcha object| fp2 number| fingerprint number| get_browser string| g_v3 string| skip_button string| skip_button_fake undefined| z1bi number| T9Ai number| y9Ai number| P8Ai string| N1bi function| murmurhash3_32_gc function| getOptOutCookie number| u8Ai function| u4HH function| sha1 function| FP number| intpop string| adult_id number| pat string| bindElement function| d4v6 function| P8wK function| G6eE function| N8wK string| jmbdd boolean| adult_google_compliant object| _gaq function| goal object| adReporter number| optout_adfly function| O1rr function| b5VV function| u1rr function| b7RR function| S7RR function| J9mm number| fff function| removeCookieNotice function| getCookie boolean| smres boolean| grres object| _gat object| gaGlobal number| bacon number| t

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://bestsexfan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.realsrv.com
adult.xyz
ajax.googleapis.com
ay.gy
bestsexfan.com
bngpt.com
bongacams.com
cdn.taraa.xyz
ci-ph.rdtcdn.com
ci.rdtcdn.com
d3t5ngjixpjdho.cloudfront.net
db.bngpt.com
di-ph.rdtcdn.com
di.rdtcdn.com
ei-ph.rdtcdn.com
ei.rdtcdn.com
hm.baidu.com
i.bimbolive.com
i.bngprl.com
i.bongacash.com
promo-bc.com
s3t3d2y7.ackcdn.net
syndication.exoclick.com
taraa.xyz
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
104.21.27.152
104.21.38.143
172.67.194.125
172.67.223.164
185.75.253.87
192.229.221.206
195.85.23.30
195.85.23.89
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
205.185.216.10
205.185.216.42
208.99.84.104
208.99.84.116
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:829::200a
31.192.112.221
52.222.190.25
64.210.156.16
64.88.244.16
67.212.191.158
95.211.229.247
00dbfd7ec07056614b4ccd9a190efbd16989039c40cc901f56f65263699f70a8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031c8bb71d635a4b439a3765b7ab870e867fdc2d050193972f36fae759dda406
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
0504389486d111343d7dd03d60f9e73955f520b83c6cd5a6dd696933b0e52e9e
097f8db12c193936f803052d0e27068c5e8959011a541b12d609c5c73d464d52
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
0b78336e5fe21ae5a15eb1d756c7ece7e68f1fa6e99a7476386168cf905593ba
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e2f8594655c8f1911c9b99a0b1b87996abdccf84eaee84392db30d9342338d6
103ecf25883509f054511d65e0f5a8765b097e6e3a4c4cab803f130b23dc5224
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
135724890317d5de6555c7b4ab45afa7c3685fb6611af7e396489b24e6d95231
16520fe125daae80267df08ae58aee361da58dd8c6db94ce0693c0515c4541ec
1a65eca7c102c3a7ec3da4f688c7fe2e88f5a3d6382a13d224938a8e66c65fac
1c72132cb24d65c82b6aa568fb793cf32569e8093db7085f279adc9b56a2c138
1d55918a6a8bae360ed6a2d7d4836b1a232a06e1a5dc52504e2d82cf64b4adec
21d52545bedb47a30e02347e9300f733f738d5216cac47ab654193b0313ee28c
24db3841268bf9a96b73062bf2a7d6e44b032fe0b842f6dea7889b86bd044d3f
29e25b67618ca08ad79a1d9e1ee3472a09ac377541da2783087f698a6d099c35
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cae88e554cea2cb59ba8b0764f1ba614be7d1dcf2123a856c051e71ae6e322c
2cd5365597935891890f72916fda7ea1bab0f2f1fd36d19c2c068fd46762a0b6
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
30ab333fab55c1cd31c16d2a01511cf245a58299321cb8c2be54947a0e983f57
426fcf314fc1891966bac71c2265d4dbc55a26181d0b6091e46958cd28c2ffb4
45e0bdfcd742149e5b7a6a84f321831cd8e0b62d29f0f37b60cf56d41b25d208
45ec8d91945614154aa6d7310bcfc5f00ea6d89647f51d8be503c988a3a91f13
49c5d187751e40a242922dd14d3c205836f050e6fd5a9d7ea505c1ed559fcb36
4d9e4aae6f97a5cf0e8e4d56dff27ced9ad9e32823ad52c0c2332c06ed75b736
4efe0953e95fc2288849c44faf64693a097a485a7d520b56ddc0fa77fc02de28
52cd933b69c768a55e5f89997fa090b287a7f752ab36532973a331f060564943
5376fc998ccc16b1f84d773ee689293cede39596f94b1b964d48a7f70fa65624
53ca537e9b58c463300287bdfe9a3254cc77f17a0bfb2cd033861b0ff4207337
540dfb29d5992f139d100dd6b1f2bd4338e196c29de09b176b6f443f85aa8492
5705cc2aa4209e15efa0c012f899f0d62a55c60561c7c2f4846914513af00beb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66fb6e64a8ecace8145412164afd42498d5aa878fd08fce0e1cf5bc08c0a9846
72340ac43da69c0f3448a4c0c3b44d0f978c0c5d414ef2a10e92b21c036fbf3c
759d6733327117f54a79ebd363bb17d14eafc9c62484b85c0d25d0f6d6e85efc
76eed6a662ef6a9897309c1b804fa347b9f9379253c31889982ca9bb90984235
772b52a4670092bbc0e988f49f8a2dbed82accf16efed6a480bd7d31c27922d8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aecacb177a680f6844c976179d7db2675a0b638d1a2afdb7f38e666d29e292a
802bc6725fd37d15aa9d599fa3f921fca0d4c585162c7b23da8ccd6f3ded751d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87e5b58f21a9e535b434537cbf600c48f12a7e41f72df111019f3cf80bfda949
87eb011e15c3dcee69d99687610dbe51896bdd0a026bdd42c27f28624568b9da
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8adfe744263040fb80cb604e1802f8eee68e028b4ad74bc1398a19cd292edafe
8b336e72ade9127a8f50308df1bc4f5cd3a89482832cd0768802b4e63bf1b25e
8ebe59a78541b464f91037953fb8dbb69243b21caad60f75d402bc9fb732b061
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
97295cc695d292467470cfd92b960af76502e94f8e405b437cee389779711e24
9a32744fa4707d6ea1ad2b696c644c4f45d327509989b4625b8a980e4a45e271
9b3aade820df7e9add04b7752fec686f460629c811091f07c6856b24865efe5e
9d76c376e979c509bd5b369f3020f5c2f925e9bd64bae2928b0858f172730ed1
a69383b010777711591321ec7d9b452ad4bb23b06a80aeaac58449771fc017d3
a74a5beeadea6f10fbf21237af1ab218af768c63e56e569bda9790fb37895495
a7a80d7f67bd74db0a4ed82420c2554f2b8a4afa8e91512e5dd63cbfc5b1071b
a8879a1c3b7f8382a602c7313406ebe4d7ebfcfa167bcc10f6d8ed984c97774d
ae7c728ce3a330bbdf171f41cb59ff9cdb8d5ddd9f09f3d2966e9b4f04a43603
b407c34b5e403411e2fb861a456e5b148298e3df0677417b9794c5c070a4d794
b459935f5e1fdad77379e1e36e94e8781110c3a85f5b4f4293176a1eb2d47ad6
baeccebc7aa9ba536fe1cbcb819d57decebfa55739902d34fe0cd2cc71ec6105
bc297c9ac6cda1d9797b973f1601b1baa7d55f9c0760ef3465eddfff5ae0b16c
bfe61928cc26971c004fcd29076d4b719ba25f22a74ef89943972eaa0409b867
c2041fdac7c8c5033d2e14ac39b0066f14adb8afc87e32c185b175a280149bcf
c2c48c7ecbf5ce2cbce2392e644f84e19458777a4acde40f39186190492fc745
c7bb5a38065389932bf7cd004edddf11c7a62df77057d4be869d8e7ae7897de8
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
ce95bb67ebbf1dfa209a2ba6b2c4a4017fdf862d8504ca94a7b9a61dcc04110f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5f9e6f9fac878f301545a1f7651b590646ee35cb2a5992a133fe24c0bbc001
d53283fbd958d12ceb6c95010b89cc31ea48b9ffa70a3addca818bfc77f50899
d787dd05b138485bb1f667c1d0ea15084d7a6ac18749a2a9473d5c5841856e10
da1404ce922a830a71d53157d2684be1eac51ae0511524a310aa3841ca83d611
dacb00b7849cc86750b80b84d935d98fc5d57f7cd4a8946df7459865e6f2820f
de208ff40065be94a014f2fd7c7a698d17145e38a8d44ce98e4702e38ede9a39
e0ae1296a38bbcd46d6c89a94f2fa4b4db186e468a202073136aba75634cd996
e15e28fd94f4d039e91ca193ad45ef045980218d8068961c163e1a6f70817156
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e7373ed2de67ae7e6ae7ef6e68f0b1de5bde82d7da77175a5451db487c87b146
e7e1e8f6e2a83c8eab1b2959c1453abf185813b56996c6a6187df21f65854823
e7e4283caa92b6b423224918642c5ed8be750f4a62ec62e97eee0b103ebeaad3
e8057a4ebef6ad94536bcf888225f500f9b7414e8e64912060c8bb5feef809b3
ea5bb79665ee9cab463d102ec757ae3028aab2c32267326aeb6c1a8aa978cc4f
ed833bdbb60e381d73fbc327aeead6589c3b429f29b881c10ef55bef09bc6905
f8e9e37eb7de2255d7dd33b8bd8062eddc1ae712322b95f54cd4abb7affab6be