swiftfling.com Open in urlscan Pro
151.101.1.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covid-19healthdata.org/
Effective URL:
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzE...
Submission: On June 02 via api (June 2nd 2020, 5:21:59 pm UTC) from BE

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 19 domains to perform 38 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is swiftfling.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 12th 2020. Valid for: 3 months.

This is the only time swiftfling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 6	199.59.242.153 199.59.242.153	395082 (BODIS-NJ) (BODIS-NJ)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1 2	198.54.112.216 198.54.112.216	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	35.156.152.207 35.156.152.207	16509 (AMAZON-02) (AMAZON-02)
1 8	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	188.42.160.69 188.42.160.69	35415 (WEBZILLA) (WEBZILLA)
1	67.22.42.112 67.22.42.112	48684 (VIKINGHOST) (VIKINGHOST)
1	2001:1aa8:185... 2001:1aa8:185::212:100	24642 (NL-CAVEO) (NL-CAVEO)
1	2606:4700::68... 2606:4700::6811:306b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	74.117.182.35 74.117.182.35	40824 (WZCOM-) (WZCOM-)
3	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.196.2.1 213.196.2.1	7979 (SERVERS) (SERVERS)
1	213.196.5.4 213.196.5.4	7979 (SERVERS) (SERVERS)
1	185.239.174.10 185.239.174.10	55081 (24SHELLS) (24SHELLS)
1	2600:1f18:454... 2600:1f18:454c:f510:df7f:62b0:28bf:4bbe	14618 (AMAZON-AES) (AMAZON-AES)
38	17

1 103.224.182.242 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

covid-19healthdata.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.59.242.153 (United States) 1 redirects

ASN395082 (BODIS-NJ, US)

ww25.covid-19healthdata.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.54.112.216 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

6491.negleyns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.152.207 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-152-207.eu-central-1.compute.amazonaws.com

wrison-subustall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.1.195 (United States) 1 redirects

ASN54113 (FASTLY, US)

swiftfling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.160.69 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.22.42.112 (Netherlands)

ASN48684 (VIKINGHOST, NL)

trafforsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1aa8:185::212:100 (Netherlands)

ASN24642 (NL-CAVEO, NL)

tracker.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:306b (United States)

ASN13335 (CLOUDFLARENET, US)

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.117.182.35 (Fort Lauderdale, United States)

ASN40824 (WZCOM-, US)

stats-d1272-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.2.1 (Netherlands) 1 redirects

ASN7979 (SERVERS, US)

r.remarketingpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.5.4 (Netherlands)

ASN7979 (SERVERS, US)

datadbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.174.10 (United Kingdom)

ASN55081 (24SHELLS, US)

d.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:454c:f510:df7f:62b0:28bf:4bbe (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ads.traffichunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	swiftfling.com 1 redirects swiftfling.com	127 KB
7	covid-19healthdata.org 2 redirects covid-19healthdata.org ww25.covid-19healthdata.org	14 KB
5	gstatic.com fonts.gstatic.com	51 KB
3	exoclick.com main.exoclick.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	stats-d1272-serving.com stats-d1272-serving.com	1 KB
2	rtmark.net my.rtmark.net	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	negleyns.com 1 redirects 6491.negleyns.com	907 B
1	traffichunt.com ads.traffichunt.com	594 B
1	adtelligent.com d.adtelligent.com	419 B
1	datadbs.com datadbs.com	513 B
1	remarketingpixel.com 1 redirects r.remarketingpixel.com	832 B
1	tsyndicate.com tsyndicate.com	622 B
1	ero-advertising.com tracker.ero-advertising.com	131 B
1	trafforsrv.com trafforsrv.com	389 B
1	googletagmanager.com www.googletagmanager.com	29 KB
1	wrison-subustall.com 1 redirects wrison-subustall.com	2 KB
1	google.com www.google.com	57 KB
38	19

	Domain	Requested by
8	swiftfling.com	1 redirects 6491.negleyns.com swiftfling.com
6	ww25.covid-19healthdata.org	1 redirects ww25.covid-19healthdata.org
5	fonts.gstatic.com	swiftfling.com
3	main.exoclick.com	swiftfling.com
3	fonts.googleapis.com	ww25.covid-19healthdata.org swiftfling.com
2	stats-d1272-serving.com	swiftfling.com
2	my.rtmark.net	www.googletagmanager.com swiftfling.com
2	www.google-analytics.com	www.googletagmanager.com swiftfling.com
2	6491.negleyns.com	1 redirects ww25.covid-19healthdata.org
1	ads.traffichunt.com	swiftfling.com
1	d.adtelligent.com	swiftfling.com
1	datadbs.com	swiftfling.com
1	r.remarketingpixel.com	1 redirects
1	tsyndicate.com	swiftfling.com
1	tracker.ero-advertising.com	swiftfling.com
1	trafforsrv.com	swiftfling.com
1	www.googletagmanager.com	swiftfling.com
1	wrison-subustall.com	1 redirects
1	www.google.com	ww25.covid-19healthdata.org
1	covid-19healthdata.org	1 redirects
38	20

This site contains links to these domains. Also see Links.

Domain
wrison-subustall.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
reports.applied.digital Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
*.trafforsrv.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-21` - `2020-11-20`	a year	crt.sh
*.ero-advertising.com RapidSSL TLS RSA CA G1	`2019-03-18` - `2021-04-16`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
stats-d1272-serving.com Let's Encrypt Authority X3	`2020-05-22` - `2020-08-20`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2019-09-18` - `2020-10-02`	a year	crt.sh
datadbs.com Let's Encrypt Authority X3	`2020-05-14` - `2020-08-12`	3 months	crt.sh
*.adtelligent.com COMODO RSA Domain Validation Secure Server CA	`2017-11-10` - `2020-11-09`	3 years	crt.sh
*.traffichunt.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-09` - `2020-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Frame ID: EC3DE243066069FC4024D0C6357DD44C
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid-19healthdata.org/ HTTP 302
http://ww25.covid-19healthdata.org/ Page URL
http://ww25.covid-19healthdata.org/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F174577497%2F15911... HTTP 302
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c84... Page URL
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c84... HTTP 302
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-covid-19... HTTP 302
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunett... HTTP 301
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunett... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

38
Requests

82 %
HTTPS

40 %
IPv6

19
Domains

20
Subdomains

17
IPs

5
Countries

304 kB
Transfer

573 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wrison-subustall.com/click
Title: Continuer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid-19healthdata.org/ HTTP 302
http://ww25.covid-19healthdata.org/ Page URL
http://ww25.covid-19healthdata.org/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F174577497%2F1591118503%2Fmf_e41c9040-3522-4d33-b424-cf9d6f54c845%2FYXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc%3D%2Ffeed&notadsafe&bod-31778a76-8fcb-11ea-bc55-0242ac130003 HTTP 302
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed Page URL
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc= HTTP 302
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id={flow_id}&cpv=0.001&clickid=1591118504.93-174577497-47735 HTTP 302
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735 HTTP 301
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://covid-19healthdata.org/ HTTP 302
http://ww25.covid-19healthdata.org/

Request Chain 9

http://ww25.covid-19healthdata.org/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F174577497%2F1591118503%2Fmf_e41c9040-3522-4d33-b424-cf9d6f54c845%2FYXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc%3D%2Ffeed&notadsafe&bod-31778a76-8fcb-11ea-bc55-0242ac130003 HTTP 302
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed

Request Chain 30

https://r.remarketingpixel.com/px.gif?akey=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1271807276 HTTP 307
https://datadbs.com/dbs?uuid=575c7f50-4a83-442f-92fb-47376b6d534e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoyLCJhY2kiOnsgIjE4MzAiOjE1OTExMTg1MDZ9LCJhY2NsIjp7ICIyMCwwIjoxNTkxMTE4NTA2fX0.x7cDlcciD0v4jsZxvD8FXj5O9fwAWWSKzKJYWCxMD68

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ww25.covid-19healthdata.org/
Redirect Chain

http://covid-19healthdata.org/
http://ww25.covid-19healthdata.org/

4 KB
4 KB

361ms
170ms

Document
text/html

199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.covid-19healthdata.org/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 950dd1b9e607054b21c49e128d281bd4ff9d383dff7ec48997fe09358b36b846

Request headers

Host: ww25.covid-19healthdata.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: openresty
Date: Tue, 02 Jun 2020 17:21:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_WmJ8T17d4bfswn7FWfXpOElVBsHfcFLJe9i8RdSo9dxN6IblBM/CqmoYoxc+2s2sjGVawbHrIgQPZw9cyDqyNw==

Redirect headers

Date: Tue, 02 Jun 2020 17:21:42 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: __tad=1591118502.4673078; expires=Fri, 31-May-2030 17:21:42 GMT; Max-Age=315360000
Location: http://ww25.covid-19healthdata.org/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 162 KB
57 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7abe01bf9c45cb62bb105a743e83f39b97ab2f7d02146cb05cc911e0c4fe1e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "6938578847443410217"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Tue, 02 Jun 2020 17:21:42 GMT

GET
H/1.1 200
OK px.gif
ww25.covid-19healthdata.org/ 42 B
275 B 94ms
94ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.covid-19healthdata.org/px.gif?ch=1&rn=5.973004546241951
Requested by: Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:42 GMT
Last-Modified: Tue, 11 Feb 2020 15:25:43 GMT
Server: openresty
ETag: "5e42c777-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
ww25.covid-19healthdata.org/ 42 B
275 B 204ms
186ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.covid-19healthdata.org/px.gif?ch=2&rn=5.973004546241951
Requested by: Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:43 GMT
Last-Modified: Tue, 11 Feb 2020 15:25:43 GMT
Server: openresty
ETag: "5e42c777-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
ww25.covid-19healthdata.org/ 8 KB
8 KB 127ms
126ms Script
text/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.covid-19healthdata.org/glp?r=&u=http%3A%2F%2Fww25.covid-19healthdata.org%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 0f5fccfffc8717e6ff372f32b4b91fa58f8acef06ecd39e8bc21dc053375eedf

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jun 2020 17:21:43 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
776 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/glp?r=&u=http%3A%2F%2Fww25.covid-19healthdata.org%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 17:21:43 GMT
server: ESF
date: Tue, 02 Jun 2020 17:21:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jun 2020 17:21:43 GMT

POST
H/1.1 200
OK gzb
ww25.covid-19healthdata.org/ 274 B
591 B 583ms
582ms XHR
text/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.covid-19healthdata.org/gzb
Requested by: Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/glp?r=&u=http%3A%2F%2Fww25.covid-19healthdata.org%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: http://ww25.covid-19healthdata.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Jun 2020 17:21:43 GMT
Server: openresty
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 274
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.covid-19healthdata.org

Response headers

date: Wed, 20 May 2020 17:54:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 1121230
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Thu, 20 May 2021 17:54:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://ww25.covid-19healthdata.org

Response headers

date: Fri, 15 May 2020 19:37:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1547080
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 15 May 2021 19:37:03 GMT

GET
H/1.1

200
OK

feed Show response
6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/
Redirect Chain

http://ww25.covid-19healthdata.org/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F174577497%2F1591118503%2Fmf_e41c9040-3522-4d33-b424-cf9d6f54c845%2FYXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5v...
http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed

433 B
519 B

515ms
466ms

Document
text/html

198.54.112.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed
Requested by: Host: ww25.covid-19healthdata.org
URL: http://ww25.covid-19healthdata.org/glp?r=&u=http%3A%2F%2Fww25.covid-19healthdata.org%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 198.54.112.216 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b62a656b0c46892f56b028ffef050a0b7d60634980d79f4d6cd0b4f2db1f2525

Request headers

Host: 6491.negleyns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://ww25.covid-19healthdata.org/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://ww25.covid-19healthdata.org/

Response headers

Server: nginx/1.14.2
Date: Tue, 02 Jun 2020 17:21:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

Server: openresty
Date: Tue, 02 Jun 2020 17:21:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed

GET
H2

200

Primary Request / Show response
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/
Redirect Chain

http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id={flow_...
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbj...
https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWb...

12 KB
2 KB

293ms
292ms

Document
text/html

151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735

Requested by

Host: 6491.negleyns.com
URL: http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

39546a2f72971aaa611acb7cc627845b7a1d53598c74d4575d49d0a155806a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: swiftfling.com
:scheme: https
:path: /adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://6491.negleyns.com/match-6491/47735/174577497/1591118503/mf_e41c9040-3522-4d33-b424-cf9d6f54c845/YXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc=/feed

Response headers

status: 200
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: eef39e3bb740b6ad2521e9d9a1740addeebe9c95e6b39c5f45da020e3dd504d3
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Tue, 02 Jun 2020 17:21:45 GMT
x-served-by: cache-cdg20773-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1591118506.537051,VS0,VE273
vary: x-fh-requested-host, accept-encoding
content-length: 2210

Redirect headers

status: 301
location: /adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Tue, 02 Jun 2020 17:21:45 GMT
x-served-by: cache-cdg20773-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1591118505.253506,VS0,VE245
vary: x-fh-requested-host, accept-encoding
content-length: 927

GET
H2 200 webPushMotivationPopupSmall.css
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/ 5 KB
1 KB 42ms
41ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/webPushMotivationPopupSmall.css

Requested by

Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.842455,VS0,VE0
etag: 481b967dc9221a9592037fa7759cad78eab7649938e4eef2a15fd0eb22dc7273
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 1264
x-cache-hits: 6

GET
H2 200 style.css
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/ 9 KB
2 KB 20ms
20ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/style.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

993888e975a2807a5ba7c50dbc3ad1f4453b9da52621642408f80e807806ec6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.842432,VS0,VE0
etag: 6ce574583e6cb0411a88c31e909a1afd5f88d481e82e861e676760bbbad2437e
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 2143
x-cache-hits: 6

GET
H2 200 script.js Show response
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/js/ 86 KB
30 KB 20ms
19ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/js/script.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8de92b8c40dcc641784e9e30da76a4bcc5ad8bd315afc6ed57878de11fe01489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.842409,VS0,VE0
etag: 3d2cec1057f6252741c8632ff5f04b2477006b3575b73b41debbefe060089e52
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 30772
x-cache-hits: 6

GET
H2 200 css
fonts.googleapis.com/ 739 B
464 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4de590557954db4620cac91198d8f4c304f59b1d0b746db178e0081388d7514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 17:21:45 GMT
server: ESF
date: Tue, 02 Jun 2020 17:21:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jun 2020 17:21:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
29 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4277d4f8ffa76751db2ff331eb5d4b77653db6410ba146de5df5eb394c20e064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Jun 2020 17:21:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29238
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Jun 2020 17:21:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
775 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Jun 2020 17:21:45 GMT
server: ESF
date: Tue, 02 Jun 2020 17:21:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jun 2020 17:21:45 GMT

GET
H2 200 shapes.png
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/ 3 KB
3 KB 20ms
19ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/shapes.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.933733,VS0,VE0
etag: 1acfff82b83077721448556f3aafe7b378afee917cf11d0e33a3b71e6e5e2890
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 3270
x-cache-hits: 6

GET
H2 200 photo1.jpg
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/ 41 KB
40 KB 42ms
42ms Image
image/jpeg 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/photo1.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da6ad5651fb06e746150df46ff7842aed7daedfdfc79ed09445ced0d4e0b9fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.934787,VS0,VE0
etag: aa8ef0dd4c199a01db66569381ae38d6ad58b27a72e5496795759a07b025fd6e
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 41177
x-cache-hits: 6

GET
H2 200 photo2.jpg
swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/ 47 KB
47 KB 19ms
19ms Image
image/jpeg 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/images/photo2.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95c0d0e4fbb0cc3972035daba8bcc7f17623ce7bfda1bd3ba00507baec039c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 15:34:27 GMT
x-timer: S1591118506.934763,VS0,VE0
etag: 9c1d737f11e2c1463b511f681e94a54e3f74139ba1cc3b204660bf46c5d192fb
x-served-by: cache-cdg20773-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Tue, 02 Jun 2020 17:21:45 GMT
accept-ranges: bytes
content-length: 47589
x-cache-hits: 6

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: https://swiftfling.com

Response headers

date: Tue, 26 May 2020 05:53:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 646081
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 26 May 2021 05:53:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: https://swiftfling.com

Response headers

date: Tue, 19 May 2020 23:49:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1186336
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 19 May 2021 23:49:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Origin: https://swiftfling.com

Response headers

date: Sun, 17 May 2020 05:16:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1425939
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Mon, 17 May 2021 05:16:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 1526
date: Tue, 02 Jun 2020 16:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 02 Jun 2020 18:56:19 GMT

GET
H/1.1 200
OK p.js Show response
my.rtmark.net/ 697 B
1 KB 141ms
34ms Script
text/javascript 188.42.160.69
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=ab30ce381235c0afb5799402c86b96587f5b8c989c6dceae2a4e09fc7e38406a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.69 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

d830c8b445cbd3d467f34a54db8c88bea57769dd50744756c27ad2449d877831

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 697

GET
H/1.1 200
OK retargeting.php
trafforsrv.com/ 35 B
389 B 127ms
34ms Image
image/gif 67.22.42.112
VIKINGHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trafforsrv.com/retargeting.php?id=981&gtmcb=822592786
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.22.42.112 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Jun 2020 17:21:46 GMT
Server: nginx
P3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 35
Expires: 0

GET
H2 200 rtpixel.php
tracker.ero-advertising.com/tracking/ 43 B
131 B 52ms
15ms Image
image/gif 2001:1aa8:185::212:100
NL-CAVEO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.ero-advertising.com/tracking/rtpixel.php?id=366&uid=93106&gtmcb=1688936914
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:1aa8:185::212:100 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 17:21:46 GMT
server: nginx
x-backend-server: nl1-web213-51
content-length: 43
content-type: image/gif

GET
H2 200 06eb0705-463f-4b96-836b-64bf3cfa8631
tsyndicate.com/api/v1/retargeting/set/ 35 B
622 B 42ms
19ms Image
image/gif 2606:4700::6811:306b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1607653140
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:306b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 17:21:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: image/gif; charset=utf-8
status: 200
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-request-id: 59d2da4688c51f15-FRA
cf-ray: 59d2da4688c51f15-FRA
content-length: 35
cf-request-id: 0317a6c01900001f15158c3200000001
x-robots-tag: none, noindex, nofollow
expires: 0

GET
H/1.1 200 segment
stats-d1272-serving.com/tracking/ 49 B
637 B 582ms
136ms Image
image/gif 74.117.182.35
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-d1272-serving.com/tracking/segment?key=a8c4bae6-9860-4bad-99bf-efecafc9fb81&gtmcb=1279571694
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.117.182.35 Fort Lauderdale, United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Tue, 02 Jun 2020 17:21:46 GMT
x-responded-by: cors-support-provider
ETag: W/"9347d3f6c327eaa206118d788d60f4b3987bd9f952636ddb628dfe7fafac4a6d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: set-cookie
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 49
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 102ms
37ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=1946440399
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 139ms
36ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=702886435
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

dbs
datadbs.com/
Redirect Chain

https://r.remarketingpixel.com/px.gif?akey=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1271807276
https://datadbs.com/dbs?uuid=575c7f50-4a83-442f-92fb-47376b6d534e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoyLCJhY2kiOnsgIjE4MzAiOjE1OTExMTg1MDZ9LCJhY2NsIjp7ICIyMCwwIjoxNTkxMTE4NTA2fX0.x7cDlcci...

7 B
513 B

3142ms
68ms

Image
image/gif

213.196.5.4
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datadbs.com/dbs?uuid=575c7f50-4a83-442f-92fb-47376b6d534e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoyLCJhY2kiOnsgIjE4MzAiOjE1OTExMTg1MDZ9LCJhY2NsIjp7ICIyMCwwIjoxNTkxMTE4NTA2fX0.x7cDlcciD0v4jsZxvD8FXj5O9fwAWWSKzKJYWCxMD68
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.5.4 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:49 GMT
Cache-Control: no-cache, : no-cache
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: image/gif, image/gif
Content-Length: 7
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
Server: nginx/1.17.6
Content-Type: image/gif
Location: https://datadbs.com/dbs?uuid=575c7f50-4a83-442f-92fb-47376b6d534e&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoyLCJhY2kiOnsgIjE4MzAiOjE1OTExMTg1MDZ9LCJhY2NsIjp7ICIyMCwwIjoxNTkxMTE4NTA2fX0.x7cDlcciD0v4jsZxvD8FXj5O9fwAWWSKzKJYWCxMD68
Cache-Control: max-age=0, : no-cache
Connection: keep-alive
Content-Length: 0
Expires: Tue, 02 Jun 2020 17:21:46 GMT

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
419 B 166ms
62ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=959349430
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
d.adtelligent.com/segments/ 43 B
419 B 110ms
30ms Image
image/gif 185.239.174.10
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtelligent.com/segments/?id=290&gtmcb=1649000481
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.174.10 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
Server: VertaMedia 1.0
Content-Type: image/gif
Access-Control-Allow-Origin: https://swiftfling.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=7200
Content-Length: 43

GET
H2 200 /
ads.traffichunt.com/adv_ret/ 0
594 B 291ms
94ms Image
text/plain 2600:1f18:454c:f510:df7f:62b0:28bf:4bbe
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1970381404
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:454c:f510:df7f:62b0:28bf:4bbe Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 02 Jun 2020 17:21:46 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H/1.1 200 segment
stats-d1272-serving.com/tracking/ 49 B
637 B 572ms
147ms Image
image/gif 74.117.182.35
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-d1272-serving.com/tracking/segment?key=da813846-7710-4846-ae14-3396e3c110d9
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.117.182.35 Fort Lauderdale, United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified: Tue, 02 Jun 2020 17:21:46 GMT
x-responded-by: cors-support-provider
ETag: W/"d82bbe2127601a12bfcfa30ad80985d2ecb610db7f6a29ce5a5c680f67ec72fd"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: set-cookie
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 49
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
109 B 14ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=942141029&t=pageview&_s=1&dl=https%3A%2F%2Fswiftfling.com%2Fadu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9%2F%3Fcep%3DOzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw%26lptoken%3D157691f512aa03b705dd%26revenue%3D%257Bpayout%257D%26target%3Dapix03-covid-19healthdata.org%26category%3D%26S1%3D3791%26keyword%3D%26sid%3D174577497%26cid%3D47735%26aff_id%3D1772%26flow_id%3D%257Bflow_id%257D%26cpv%3D0.001%26clickid%3D1591118504.93-174577497-47735&dr=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F174577497%2F1591118503%2Fmf_e41c9040-3522-4d33-b424-cf9d6f54c845%2FYXBpeDAzLWNvdmlkLTE5aGVhbHRoZGF0YS5vcmc%3D%2Ffeed&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=742278660&gjid=915942981&cid=482360089.1591118506&tid=UA-133587726-1&_gid=371623409.1591118506&_r=1&gtm=2wg5k1TMR4NP&z=1569870306

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Jun 2020 17:21:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
my.rtmark.net/ 43 B
707 B 56ms
54ms Image
image/gif 188.42.160.69
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=ab30ce381235c0afb5799402c86b96587f5b8c989c6dceae2a4e09fc7e38406a&ttl=&rurl=https%3A%2F%2Fswiftfling.com%2Fadu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9%2F%3Fcep%3DOzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw%26lptoken%3D157691f512aa03b705dd%26revenue%3D%257Bpayout%257D%26target%3Dapix03-covid-19healthdata.org%26category%3D%26S1%3D3791%26keyword%3D%26sid%3D174577497%26cid%3D47735%26aff_id%3D1772%26flow_id%3D%257Bflow_id%257D%26cpv%3D0.001%26clickid%3D1591118504.93-174577497-47735

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.69 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_19_04_02_temp_1_sub_1_all_straight_amateur_teen_animation_yes_brunette_bb_jv_mb9/?cep=OzEIntedGgfj_Mvq2lCsY_chK428xD9AJ-uhyr-BZ01tYmZAiT-hnpcdTk--1g6tB9l4uS6wB-K1d2sWbjr6jKCygZR9qaH10SbrPoih79Bwp_WXSc6Iw0S7i1TZFgLb7peWEeWjER_M9H75h7ANSd16vFq7vIPIpiTa5SNN4qPH-xxrRU56Tp7dz4ENKpf-KQhJHnWQaXlZbPkoFEH8nzWOM3HDbmVOYSACiNPl4QluV6TS8U4yyAhxMCWFMzo9zstycMttlI2-kGLiaTOFGiY0wF7A1H4m-Vp4yn-jhLXjxubQIpz2dtKtXnSuE0_U0WLiW7AVAI2Lf0blietT2JATMEZ-wchkphluCx3zfyaMRDejsi0vmAPqjiGBZcVZML8-2rkF4YIKjOpGHNjLlhCMvziRjl5coqE2QDM472z8U6GUEh1RqgigbJyPHolKVkOmaUG7Y8R72tBn27UE8h6yX1yLMNA52Gd7BDJrUAhifAhD8MkLh74_e1H5Bt3VpALiokJGOFXB32n-skgjKzGskz8RCjTl3NJKbEVftNWpPLgmkxdV8718N5u7FqmccLBz-_ZGvmLIOBx3PR_8yw&lptoken=157691f512aa03b705dd&revenue=%7Bpayout%7D&target=apix03-covid-19healthdata.org&category=&S1=3791&keyword=&sid=174577497&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1591118504.93-174577497-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Jun 2020 17:21:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6491.negleyns.com
ads.traffichunt.com
covid-19healthdata.org
d.adtelligent.com
datadbs.com
fonts.googleapis.com
fonts.gstatic.com
main.exoclick.com
my.rtmark.net
r.remarketingpixel.com
stats-d1272-serving.com
swiftfling.com
tracker.ero-advertising.com
trafforsrv.com
tsyndicate.com
wrison-subustall.com
ww25.covid-19healthdata.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
103.224.182.242
151.101.1.195
185.239.174.10
188.42.160.69
198.54.112.216
199.59.242.153
2001:1aa8:185::212:100
213.196.2.1
213.196.5.4
2600:1f18:454c:f510:df7f:62b0:28bf:4bbe
2606:4700::6811:306b
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:815::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::200e
35.156.152.207
67.22.42.112
74.117.182.35
95.211.229.246
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f5fccfffc8717e6ff372f32b4b91fa58f8acef06ecd39e8bc21dc053375eedf
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
39546a2f72971aaa611acb7cc627845b7a1d53598c74d4575d49d0a155806a26
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
4277d4f8ffa76751db2ff331eb5d4b77653db6410ba146de5df5eb394c20e064
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7abe01bf9c45cb62bb105a743e83f39b97ab2f7d02146cb05cc911e0c4fe1e13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8de92b8c40dcc641784e9e30da76a4bcc5ad8bd315afc6ed57878de11fe01489
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
950dd1b9e607054b21c49e128d281bd4ff9d383dff7ec48997fe09358b36b846
95c0d0e4fbb0cc3972035daba8bcc7f17623ce7bfda1bd3ba00507baec039c6c
993888e975a2807a5ba7c50dbc3ad1f4453b9da52621642408f80e807806ec6d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b62a656b0c46892f56b028ffef050a0b7d60634980d79f4d6cd0b4f2db1f2525
bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d830c8b445cbd3d467f34a54db8c88bea57769dd50744756c27ad2449d877831
da6ad5651fb06e746150df46ff7842aed7daedfdfc79ed09445ced0d4e0b9fdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4de590557954db4620cac91198d8f4c304f59b1d0b746db178e0081388d7514

swiftfling.com Open in urlscan Pro 151.101.1.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

82 %HTTPS

40 %IPv6

19 Domains

20 Subdomains

17 IPs

5 Countries

304 kBTransfer

573 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

swiftfling.com Open in urlscan Pro
151.101.1.195 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

82 %
HTTPS

40 %
IPv6

19
Domains

20
Subdomains

17
IPs

5
Countries

304 kB
Transfer

573 kB
Size

0
Cookies

38 HTTP transactions
0 data transactions