anfisasiberia.sextgem.com Open in urlscan Pro
54.36.158.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://anfisasiberia.sextgem.com/
Submission: On December 31 via manual (December 31st 2022, 3:30:49 pm UTC) from RU — Scanned from FR

Summary HTTP 142 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 29 domains to perform 142 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is anfisasiberia.sextgem.com.

This is the only time anfisasiberia.sextgem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	54.36.158.42 54.36.158.42	16276 (OVH) (OVH)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	141.94.172.213 141.94.172.213	16276 (OVH) (OVH)
1 2	2a00:1178:1:4... 2a00:1178:1:4b::f	35415 (WEBZILLA) (WEBZILLA)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700:311... 2606:4700:3110::6812:3b96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700::68... 2606:4700::6812:6528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.192.112.221 31.192.112.221	48684 (VIKINGHOST) (VIKINGHOST)
1	172.104.29.90 172.104.29.90	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	45.133.44.17 45.133.44.17	7018 (ATT-INTER...) (ATT-INTERNET4)
1 2	2600:9000:223... 2600:9000:223c:8a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	66.254.122.36 66.254.122.36	29789 (REFLECTED) (REFLECTED)
9	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
16	195.85.23.226 195.85.23.226	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
20	2606:4700:311... 2606:4700:311f::6812:3f7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	93.93.51.225 93.93.51.225	34655 (DOCLER-AS) (DOCLER-AS)
6	93.93.51.190 93.93.51.190	34655 (DOCLER-AS) (DOCLER-AS)
2	2606:4700::68... 2606:4700::6810:5e2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700::68... 2606:4700::6813:f253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
10	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
142	28

2 54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com

anfisasiberia.sextgem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl17614776.highperformancegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

awecre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.potawe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.ctsdwm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.94.172.213 (France)

ASN16276 (OVH, FR)

xtgem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sextgem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
enif.images.xtstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cif.images.xtstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::f (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

fagywalu.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3110::6812:3b96 (United States)

ASN13335 (CLOUDFLARENET, US)

creative.alxbgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.alxbgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:6528 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.192.112.221 (Netherlands)

ASN48684 (VIKINGHOST, NL)

bngpt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1848-90.members.linode.com

service.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.17 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

thumb-p6.xhcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:8a00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.122.36 (United States)

ASN29789 (REFLECTED, US)

i.bngprm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static2.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static5.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static1.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 195.85.23.226 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-226-23-conversasro.com

i.bimbolive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:311f::6812:3f7c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.stripst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.strpst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.225 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

api-protected.protoawegw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 93.93.51.190 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

galleryn0.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5e2a (United States)

ASN13335 (CLOUDFLARENET, US)

static-assets.highwebmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6813:f253 (United States)

ASN13335 (CLOUDFLARENET, US)

roomimg.stream.highwebmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	highwebmedia.com static-assets.highwebmedia.com — Cisco Umbrella Rank: 12127 roomimg.stream.highwebmedia.com — Cisco Umbrella Rank: 13010	284 KB
16	bimbolive.com i.bimbolive.com — Cisco Umbrella Rank: 23147	157 KB
14	strpst.com img.strpst.com — Cisco Umbrella Rank: 6196	522 KB
13	alxbgo.com creative.alxbgo.com — Cisco Umbrella Rank: 614738 go.alxbgo.com — Cisco Umbrella Rank: 472625	101 KB
10	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 818	31 KB
9	ptwmstcnt.com pt-static2.ptwmstcnt.com — Cisco Umbrella Rank: 106451 pt-static3.ptwmstcnt.com — Cisco Umbrella Rank: 266120 pt-static5.ptwmstcnt.com — Cisco Umbrella Rank: 195716 pt-static1.ptwmstcnt.com — Cisco Umbrella Rank: 115917	433 KB
6	awemdia.com galleryn0.awemdia.com — Cisco Umbrella Rank: 22555	3 MB
6	stripst.com cdn.stripst.com — Cisco Umbrella Rank: 56188	2 MB
5	chaturbate.com 1 redirects chaturbate.com — Cisco Umbrella Rank: 8800	56 KB
4	protoawegw.com api-protected.protoawegw.com — Cisco Umbrella Rank: 30432	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	271 KB
4	xtgem.com xtgem.com — Cisco Umbrella Rank: 154696	10 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	59 KB
3	ctsdwm.com pt.ctsdwm.com — Cisco Umbrella Rank: 121981	9 KB
3	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 100049 service.supercounters.com — Cisco Umbrella Rank: 81975	4 KB
3	potawe.com pt.potawe.com	10 KB
3	sextgem.com anfisasiberia.sextgem.com sextgem.com — Cisco Umbrella Rank: 359460	12 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 473	934 B
2	quantcount.com 1 redirects rules.quantcount.com — Cisco Umbrella Rank: 1277	1 KB
2	xtstatic.com enif.images.xtstatic.com cif.images.xtstatic.com — Cisco Umbrella Rank: 921421	656 B
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 23093 pixel.quantserve.com — Cisco Umbrella Rank: 985	10 KB
2	fagywalu.pro 1 redirects fagywalu.pro	810 B
1	bngprm.com i.bngprm.com — Cisco Umbrella Rank: 96479	46 KB
1	xhcdn.com thumb-p6.xhcdn.com — Cisco Umbrella Rank: 178889	5 MB
1	gstatic.com fonts.gstatic.com	15 KB
1	bngpt.com bngpt.com — Cisco Umbrella Rank: 104445	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	891 B
1	awecre.com awecre.com — Cisco Umbrella Rank: 433061	2 KB
1	highperformancegate.com pl17614776.highperformancegate.com
142	29

	Domain	Requested by
20	roomimg.stream.highwebmedia.com	chaturbate.com
16	i.bimbolive.com	bngpt.com
14	img.strpst.com	anfisasiberia.sextgem.com
10	js-agent.newrelic.com	chaturbate.com
7	creative.alxbgo.com	anfisasiberia.sextgem.com creative.alxbgo.com
6	galleryn0.awemdia.com	pt.ctsdwm.com pt.potawe.com anfisasiberia.sextgem.com
6	cdn.stripst.com	creative.alxbgo.com
6	go.alxbgo.com	creative.alxbgo.com anfisasiberia.sextgem.com
5	chaturbate.com	1 redirects anfisasiberia.sextgem.com chaturbate.com
4	api-protected.protoawegw.com	pt-static5.ptwmstcnt.com
4	www.googletagmanager.com	pt.potawe.com pt.ctsdwm.com www.googletagmanager.com
4	pt-static3.ptwmstcnt.com	pt.potawe.com pt.ctsdwm.com pt-static3.ptwmstcnt.com
4	xtgem.com	anfisasiberia.sextgem.com
3	www.google-analytics.com	www.googletagmanager.com chaturbate.com
3	pt.ctsdwm.com	awecre.com pt-static5.ptwmstcnt.com pt.ctsdwm.com
3	pt.potawe.com	anfisasiberia.sextgem.com pt.potawe.com
2	bam.nr-data.net	chaturbate.com
2	static-assets.highwebmedia.com	chaturbate.com
2	pt-static5.ptwmstcnt.com	pt.potawe.com pt.ctsdwm.com
2	pt-static2.ptwmstcnt.com	pt.potawe.com pt.ctsdwm.com
2	rules.quantcount.com	1 redirects anfisasiberia.sextgem.com
2	fagywalu.pro	1 redirects anfisasiberia.sextgem.com
2	widget.supercounters.com	anfisasiberia.sextgem.com
2	anfisasiberia.sextgem.com	anfisasiberia.sextgem.com
1	pt-static1.ptwmstcnt.com	pt.potawe.com
1	pixel.quantserve.com	anfisasiberia.sextgem.com
1	i.bngprm.com	bngpt.com
1	thumb-p6.xhcdn.com	anfisasiberia.sextgem.com
1	fonts.gstatic.com	fonts.googleapis.com
1	service.supercounters.com	widget.supercounters.com
1	bngpt.com	anfisasiberia.sextgem.com
1	cif.images.xtstatic.com	anfisasiberia.sextgem.com
1	enif.images.xtstatic.com	anfisasiberia.sextgem.com
1	edge.quantserve.com	anfisasiberia.sextgem.com
1	sextgem.com	anfisasiberia.sextgem.com
1	fonts.googleapis.com	anfisasiberia.sextgem.com
1	awecre.com	anfisasiberia.sextgem.com
1	pl17614776.highperformancegate.com	anfisasiberia.sextgem.com
142	38

This site contains links to these domains. Also see Links.

Domain
chaturbate.com
camnude.chaturbate.com
sextgem.com
adultchat.mobie.in

Subject Issuer	Validity	Valid
creative.alxbgo.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.highwebmedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-03` - `2023-10-05`	a year	crt.sh
bngpt.com GoGetSSL RSA DV CA	`2022-04-06` - `2023-05-06`	a year	crt.sh
*.xtgem.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.xhcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-10` - `2023-10-10`	a year	crt.sh
i.bngprm.com GoGetSSL RSA DV CA	`2022-11-07` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
i.bimbolive.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
go.alxbgo.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
stripst.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.live.mmcdn.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-07`	a year	crt.sh
img.strpst.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://anfisasiberia.sextgem.com/
Frame ID: 15B03C97EE1BD3F9781631FFE5C8E56D
Requests: 19 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: 237DA0FB4A1A7BEC8D8B26822013AEA5
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: 776B8C7874C79E86CA3A6DDC0D4E1F62
Requests: 1 HTTP requests in this frame

Frame: https://creative.alxbgo.com/widgets/v3.html
Frame ID: 56E859D4939A4D825B6F9C2517C635FC
Requests: 33 HTTP requests in this frame

Frame: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Frame ID: 5DD48B08895B053ACD6634C437F19EB1
Requests: 36 HTTP requests in this frame

Frame: https://bngpt.com/promo.php?c=291749&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=1323&db%5Bheight%5D=371&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=auto&db%5Bmpad%5D=1&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=1&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=lesbian&db%5Bcategories%5D%5B%5D=small-tits
Frame ID: FA46F4C6D50BC73180C34F7AB7163BC6
Requests: 18 HTTP requests in this frame

Frame: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Frame ID: 147228E919626847C5F3A84941B6E96F
Requests: 12 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9hbmZpc2FzaWJlcmlhLnNleHRnZW0uY29tXC9pbmRleCIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6ImFuZmlzYXNpYmVyaWEuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Frame ID: 735342E85E5FA1DE9B0AF9779E17593A
Requests: 1 HTTP requests in this frame

Frame: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Frame ID: 3A6D61F918529113795261442F030518
Requests: 17 HTTP requests in this frame

Frame: https://chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672488000
Frame ID: 30D1AF021449D41DE95B5B3BA15C2219
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the website of Anfisa-Siberia.Adultchat more cams

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

142
Requests

70 %
HTTPS

50 %
IPv6

29
Domains

38
Subdomains

28
IPs

6
Countries

11045 kB
Transfer

15674 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://chaturbate.com/accounts/model_register/?tour=NwNd&disable_sound=0&campaign=ldZ4M
Title: « REGISTRATION MODEL

Search URL Search Domain Scan URL

URL: https://camnude.chaturbate.com/accounts/register/
Title: REGISTRATION USER »

Search URL Search Domain Scan URL

URL: http://sextgem.com/click?p=featured_inf_adult_web_0&u=__urlaHR0cDovL256YXZpZGVvcy5jb20vP3V0bV9zb3VyY2U9eHRnZW0mdXRtX21lZGl1bT1iYW5uZXImdXRtX2NhbXBhaWduPXh0Z2VtX2ZhbGxiYWNr&s=anfisasiberia.sextgem.com&t=KhsdGx8bHwAHBgEZBgUBDQAJDw0NDAdwdHQ=&_is_adult=Yes&_ad_pos=Bottom&_ad_format=Plain&_ad_url=YW5maXNhc2liZXJpYS5zZXh0Z2VtLmNvbQ==&_ad_networks=&_ad_type=Banner

Search URL Search Domain Scan URL

URL: http://adultchat.mobie.in/
Title: More nude cams teen girls

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T HTTP 301
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

Request Chain 13

https://chaturbate.com/in/?track=default&tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new HTTP 302
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Request Chain 23

http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

142 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
anfisasiberia.sextgem.com/ 23 KB
7 KB 154ms
112ms Document
text/html 54.36.158.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS: lb.xtgem.com
Software: /
Resource Hash: 2b6ba9f14d5fe2d664f574b369e0b39025cf817b5533a97e874c0a707fa0e8b1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 6806
Content-Type: text/html;charset=UTF-8
Date: Sat, 31 Dec 2022 15:30:42 GMT
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Host,Accept-Encoding

GET
H/1.1 403
Forbidden ffab4bdc783c60871e4aec17834ee770.js
pl17614776.highperformancegate.com/ff/ab/4b/ 0
0 503ms
101ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl17614776.highperformancegate.com/ff/ab/4b/ffab4bdc783c60871e4aec17834ee770.js
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
awecre.com/embed/tbplyrrnd/ 1 KB
2 KB 66ms
35ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://awecre.com/embed/tbplyrrnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers[]=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&ms_notrack=1&c=player_container
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: af9f10c98131643e31a42f528464f14d8e240a6f6c69f87d58be6efd4e1f0276

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Cache-Control: no-cache
Server: unknown
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK xtgem_template.css
anfisasiberia.sextgem.com/ 17 KB
4 KB 89ms
70ms Stylesheet
text/css 54.36.158.42
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://anfisasiberia.sextgem.com/xtgem_template.css?v=1598509184
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS: lb.xtgem.com
Software: /
Resource Hash: fdef54289f76b5f57ef51e1a6a0211ad16800da8207ead4c42a4c57beecbbc38

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Connection: close
Content-Length: 3365
Vary: Host,Accept-Encoding
Content-Type: text/css;charset=UTF-8

GET
H/1.1 200
OK css
fonts.googleapis.com/ 361 B
891 B 66ms
39ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Cookie

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9761a28d2b53a005187afe566184af17c2e5f165ad0f0dae3d5e31ec6d9d3276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 31 Dec 2022 15:30:43 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 31 Dec 2022 15:30:43 GMT

GET
H/1.1 200
OK script Show response
pt.potawe.com/cifra/ 2 KB
2 KB 78ms
44ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.potawe.com/cifra/script?id=awe-customiframe-container&row=2&column=5&border=0&wide=1&padding=6px&model=insidehover&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&legacyRedirect=1
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: c37a058effb26c5550d927fb90708d03a9b5950e9296b5171ec4849a774b42f3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Cache-Control: no-cache
Server: unknown
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK online_i.js Show response
widget.supercounters.com/ssl/ 4 KB
2 KB 67ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/online_i.js
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee80e1799cfa522898910f9b955030eb967d87ff400bf423561b6fa8b05d666a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1865
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Thu, 03 Mar 2022 11:46:10 GMT
Server: cloudflare
ETag: W/"6220aa82-10a3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKqHUAS5qL88lj7cyQNc%2FWGo368Gk3UCIwND%2BcjCxltJVrglzjUxmi0PMiOJB2gLlJXbs0%2FNs6u9I%2BU1dluBM4e9rkizViNg5SMZP8trDAWI4RmV1pNAedzcYXQhjEDs%2B0g4XScVGj5x7uDjACQ8Q1CdM5d0LF0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=300
CF-RAY: 78240edb8950d309-CDG

GET
H/1.1 200
OK influenza-23.jpg
xtgem.com/images/influenza/smart/ 5 KB
5 KB 69ms
45ms Image
image/jpeg 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtgem.com/images/influenza/smart/influenza-23.jpg
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b1da8870358753cd41bfdefede665c9114f4dba42a403d986905359095794ebd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
X-Ngz: 1
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "14bd-59774aa04e000"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 5309
Expires: Mon, 30 Jan 2023 15:30:43 GMT

GET
H/1.1 200
OK page_templates_simple.js Show response
sextgem.com/js/ 982 B
762 B 70ms
44ms Script
application/javascript 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://sextgem.com/js/page_templates_simple.js
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "3d6-59774aa04e000-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 409
Expires: Mon, 30 Jan 2023 15:30:43 GMT

GET
H2

200

1T Show response
fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/
Redirect Chain

http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

0
450 B

144ms
99ms

Script
application/javascript

2a00:1178:1:4b::f
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Server

2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 15:30:43 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 25 KB
10 KB 65ms
26ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Etag: "StHfV9prSwQMxjKWocWEFw=="
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 07 Jan 2023 15:30:43 GMT

GET
H/1.1 200
OK tp.gif Show response
enif.images.xtstatic.com/ Frame 237D 42 B
328 B 87ms
48ms Document
image/gif 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://enif.images.xtstatic.com/tp.gif
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Connection: close
Content-Length: 42
Content-Type: image/gif
Date: Sat, 31 Dec 2022 15:30:43 GMT
ETag: "2a-59774aa04e000"
Expires: Mon, 30 Jan 2023 15:30:43 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT

GET
H/1.1 200
OK tp.gif Show response
cif.images.xtstatic.com/ Frame 776B 42 B
328 B 87ms
48ms Document
image/gif 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cif.images.xtstatic.com/tp.gif
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Connection: close
Content-Length: 42
Content-Type: image/gif
Date: Sat, 31 Dec 2022 15:30:43 GMT
ETag: "2a-59774aa04e000"
Expires: Mon, 30 Jan 2023 15:30:43 GMT
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT

GET
H2 200 v3.html Show response
creative.alxbgo.com/widgets/ Frame 56E8 38 KB
12 KB 124ms
61ms Document
text/html 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.alxbgo.com/widgets/v3.html

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90de109658b27159233e288a3aadc53c992fb39fc2e95ca692ecd88cdc634bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: REVALIDATED
cf-ray: 78240edee9d22a3d-CDG
content-encoding: br
content-type: text/html
date: Sat, 31 Dec 2022 15:30:43 GMT
expires: Sat, 31 Dec 2022 15:30:53 GMT
last-modified: Fri, 23 Dec 2022 13:20:39 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

GET
H3

200

/ Show response
chaturbate.com/tours/3/ Frame 5DD4
Redirect Chain

https://chaturbate.com/in/?track=default&tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

92 KB
29 KB

224ms
200ms

Document
text/html

2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507724c388248978740f7adefb8d72b1bf9a169cff07e4201f69b5e1bdde6384

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://.stream.highwebmedia.com https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://.mmcdn.com https://.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://.mmcdn.com wss://.mmcdn.com wss://.mmcdn.com:8443 https://.highwebmedia.com wss://.highwebmedia.com wss://.highwebmedia.com:8443 https://.nr-data.net https://.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://.hotjar.com: https://.hotjar.com: https://vc.hotjar.io:* https://surveystats.hotjar.io wss://.hotjar.com ; media-src 'self' https://.mmcdn.com https://.highwebmedia.com https://.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://.mmcdn.com https://.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://.mmcdn.com https://.chaturbate.com https://chaturbate.com https://.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://.chaturbate.com https://chaturbate.com https://.stream.highwebmedia.com https://.wnu.com https://wnu.com https://devportal.cb.dev https://.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78240edff94af0a7-CDG
content-encoding: br
content-language: fr
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8
date: Sat, 31 Dec 2022 15:30:44 GMT
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Language, Cookie
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 78240ededaa72a46-CDG
content-language: fr
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js http://static.hotjar.com https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com http://*.hotjar.com:* https://*.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type: text/html; charset=utf-8
date: Sat, 31 Dec 2022 15:30:43 GMT
location: /tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Language, Cookie
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

GET
H2 200 promo.php Show response
bngpt.com/ Frame FA46 198 KB
28 KB 138ms
68ms Document
text/html 31.192.112.221
VIKINGHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://bngpt.com/promo.php?c=291749&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=1323&db%5Bheight%5D=371&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=auto&db%5Bmpad%5D=1&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=1&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=lesbian&db%5Bcategories%5D%5B%5D=small-tits

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),

Reverse DNS

Software

nginx /

Resource Hash

9b7518e5bb4e22b02bfa3e5243c5a5d91236e2192f927af565376d2c360635d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
cache-control: no-cache public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 31 Dec 2022 15:30:43 GMT
expires: Sat, 31 Dec 2022 15:30:42 GMT
server: nginx
strict-transport-security: max-age=0;
x-bc-bl: 102
x-bcs: ded7724

GET
H/1.1 200
OK cifra Show response
pt.potawe.com/ Frame 1472 27 KB
7 KB 170ms
170ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 3d099a6c3f9bbaa71d5dc0c0ecdbc0076a6cb1f56d16e45c8d428795eeb48d8f

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 31 Dec 2022 15:30:43 GMT
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK fc.php Show response
service.supercounters.com/ 29 B
280 B 195ms
95ms Script
application/x-javascript 172.104.29.90
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: http://service.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&ref=&url=http%3A%2F%2Fanfisasiberia.sextgem.com%2F&sw=1600&sh=1200&rand=83
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 0f5c4fb45ef7051317861085a3dba3cbb816092daac1d51badf095f366676242

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H/1.1 200
OK __xt_authbar Show response
xtgem.com/ Frame 7353 14 KB
3 KB 122ms
87ms Document
text/html 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9hbmZpc2FzaWJlcmlhLnNleHRnZW0uY29tXC9pbmRleCIsImxvZ2dlZF9pbiI6ZmFsc2UsImRvbWFpbiI6ImFuZmlzYXNpYmVyaWEuc2V4dGdlbS5jb20iLCJwb3NpdGlvbiI6eyJhYnNvbHV0ZSI6ImZpeGVkIn19
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7557e088dea3fbd46782571019b0fe4664125df4f0b6b5a749e8152c4910bce4

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Length: 2803
Content-Type: text/html; charset=UTF-8
Date: Sat, 31 Dec 2022 15:30:43 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Vary: Accept-Encoding

GET
H/1.1 200
OK header_bg.png
xtgem.com/template_images/ThickCurtains/ 248 B
545 B 61ms
47ms Image
image/png 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtgem.com/template_images/ThickCurtains/header_bg.png
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/xtgem_template.css?v=1598509184
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: d8591ac6ec12a84b0bbe2d1f8e171b024cc1420d4a9e68a3a658c810bac62aa9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
X-Ngz: 1
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "f8-59774aa04e000"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 248
Expires: Mon, 30 Jan 2023 15:30:43 GMT

GET
H/1.1 200
OK syky-y18lb0tSbf9kgqS.woff2
fonts.gstatic.com/s/cookie/v17/ 14 KB
15 KB 76ms
36ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Cookie

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://anfisasiberia.sextgem.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 03:39:34 GMT
X-Content-Type-Options: nosniff
Age: 42669
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 14456
X-XSS-Protection: 0
Last-Modified: Thu, 21 Apr 2022 16:46:40 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 31 Dec 2023 03:39:34 GMT

GET
H/1.1 200
OK close2.png
xtgem.com/images/ 564 B
862 B 61ms
46ms Image
image/png 141.94.172.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xtgem.com/images/close2.png?v=0.01
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 141.94.172.213 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
X-Ngz: 1
Last-Modified: Sat, 16 Nov 2019 11:03:28 GMT
ETag: "234-59774aa04e000"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: close
Accept-Ranges: bytes
Content-Length: 564
Expires: Mon, 30 Jan 2023 15:30:43 GMT

GET
H/1.1 200
OK / Show response
pt.ctsdwm.com/tube-player-rnd/ Frame 3A6D 14 KB
5 KB 153ms
120ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Requested by: Host: awecre.com
URL: http://awecre.com/embed/tbplyrrnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers[]=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&ms_notrack=1&c=player_container
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: f3d9d90acb2ddea5b51794a8bbf2b0fe3ad1323d3f887cb6f598294ee6fb1f4c

Request headers

Referer: http://anfisasiberia.sextgem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 31 Dec 2022 15:30:43 GMT
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 076_1000.gif
thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/ 5 MB
5 MB 82ms
27ms Image
image/gif 45.133.44.17
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb-p6.xhcdn.com/a/a2za4F88AODjT0iYmWQWPA/000/200/063/076_1000.gif
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.17 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Sun, 01 Jan 2023 15:30:43 GMT
date: Sat, 31 Dec 2022 15:30:43 GMT
last-modified: Mon, 04 Jun 2018 20:38:19 GMT
server: nginx/1.18.0
etag: "5b15a33b-4831b2"
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 4731314
x-proxy-cache: HIT

GET
H2

200

rules-p-0cfM8Oh7M9bVQ.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js

160 B
633 B

76ms
24ms

Script
application/javascript

2600:9000:223c:8a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Server: 2600:9000:223c:8a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 14:50:13 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:42:04 GMT
server: AmazonS3
etag: "2440f0fe7f89d580c051f453f7cc5d22"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ImKt1BbDbiCU8vXuNpYl69Vuz1BEsXYmiiFxLZaaGDDJQ3SgfLyJ-A==

Redirect headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
Via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: vGYIPgHWC1VcULdH3S7WDaN17Vo5CYV9b3KXSZ_SgE35XJzds-ozSg==

GET
H2 200 impression.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 71 KB
22 KB 49ms
47ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/impression.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b36996d1fbb0a112d0048cd759e6be9677f052f56f9727ba7f5bcdff143d96

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-11a92"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a512a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:50 GMT

GET
H2 200 player.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 5 KB
2 KB 44ms
42ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/player.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5eace1a80ccd72813bde44c2e62dea44986d167fb70758e801debf4f0dd1f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-1469"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a532a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:44 GMT

GET
H2 200 getConfig.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 42 KB
15 KB 93ms
92ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/getConfig.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cb11c3e87fdaf1d7b15ff5eea0ceae9572309e60faa9c804faaec15b4f816e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-a8ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a552a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:44 GMT

GET
H2 200 BestThumbs.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 48 KB
17 KB 52ms
51ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/BestThumbs.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6709a0db25229e13ece3a3bee5d932a809a15830a0f9a3d6d0bb377a4b300d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-bff9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a572a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:46 GMT

GET
H2 200 prefetch.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 35 KB
12 KB 46ms
45ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7262c08118dc0e525cc2e7642172a7a5ea213f296e1626e8d8aa984a42cf6690

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-8aee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a592a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:44 GMT

GET
H2 200 AdNetworkPixels.99122d4e5deba018bc14.js Show response
creative.alxbgo.com/widgets/ Frame 56E8 27 KB
10 KB 64ms
63ms Script
application/javascript 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.alxbgo.com/widgets/AdNetworkPixels.99122d4e5deba018bc14.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131c9c68c19e522f389787464274e72c4299ba346415b595da5dd80cc350d23b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/widgets/v3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Dec 2022 13:22:58 GMT
server: cloudflare
etag: W/"63a5abb2-6bd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 78240edf5a5a2a3d-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 31 Dec 2022 15:30:46 GMT

GET
H2 200 jquery.tools.min.js Show response
i.bngprm.com/dynamic_banner/ Frame FA46 135 KB
46 KB 1007ms
24ms Script
application/x-javascript 66.254.122.36
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://i.bngprm.com/dynamic_banner/jquery.tools.min.js
Requested by: Host: bngpt.com
URL: https://bngpt.com/promo.php?c=291749&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=1323&db%5Bheight%5D=371&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=auto&db%5Bmpad%5D=1&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=1&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=lesbian&db%5Bcategories%5D%5B%5D=small-tits
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.254.122.36 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software: /
Resource Hash: e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: gzip
last-modified: Fri, 31 May 2019 10:15:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=2592000
x-cdn-diag: fra1-11058-4-23764-h-0-0---;11053-22-15548----0-1-1
expires: Fri, 30 Dec 2022 23:15:50 GMT

GET
H/1.1 200
OK advertisement-v304827.js Show response
pt-static2.ptwmstcnt.com/npe/_common/script/adblock/ Frame 1472 21 B
339 B 48ms
20ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static2.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v304827.js
Requested by: Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Last-Modified: Wed, 21 Dec 2022 09:57:26 GMT
Server: unknown
ETag: "63a2d886-15"
X-Cache-Status: R-HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21

GET
H/1.1 200
OK cifra-v304827.css
pt-static3.ptwmstcnt.com/npe/cifra/styles/ Frame 1472 13 KB
3 KB 50ms
19ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static3.ptwmstcnt.com/npe/cifra/styles/cifra-v304827.css
Requested by: Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: de6ff0dce31e06ab5c78be82a9b61cb79b11af5e710951be8518cfde4c7fc45b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2022 09:57:27 GMT
Server: unknown
ETag: W/"63a2d887-35cb"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK cifrafk-v304827.js Show response
pt-static5.ptwmstcnt.com/npe/cifra/script/ Frame 1472 321 KB
115 KB 54ms
20ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static5.ptwmstcnt.com/npe/cifra/script/cifrafk-v304827.js
Requested by: Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 4cd856979227c27fd16c42b2594ab3e4c434de33db45403b8884e93c3b4c1e43

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2022 09:57:27 GMT
Server: unknown
ETag: W/"63a2d887-50456"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1472 193 KB
65 KB 104ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c44cc50d9796d8c1f02d9f13625909382829e1eb0565148740d41e405ae167c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66527
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 15:30:43 GMT

GET
H2 200 e99db9ff393bb610d71242646f1db68f_thumb_medium.jpg
i.bimbolive.com/05d/23e/2bb/ Frame FA46 10 KB
10 KB 93ms
27ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/05d/23e/2bb/e99db9ff393bb610d71242646f1db68f_thumb_medium.jpg

Requested by

Host: bngpt.com
URL: https://bngpt.com/promo.php?c=291749&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=1323&db%5Bheight%5D=371&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=0&db%5Bmlink%5D=0&db%5Bmstatus%5D=0&db%5Bmsize%5D=auto&db%5Bmpad%5D=1&db%5Bmwidth%5D=143&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=1&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=0&db%5Bslider%5D=0&db%5Bcategories%5D%5B%5D=lesbian&db%5Bcategories%5D%5B%5D=small-tits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

f9a91aff726a468e468e34828a81f42e849f1ae6e79f7e98458ab9e78fc9f43a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1021983
x-o3-p5: EXPIRED
content-length: 10113
cf-bgj: h2pri
last-modified: Thu, 08 Dec 2022 22:57:25 GMT
server: cloudflare
etag: "63926bd5-2781"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee01f9dd52e-CDG
expires: Wed, 18 Jan 2023 19:35:34 GMT

GET
H2 200 21038e7682b4aaf835a5414e3194b9c0_thumb_medium.jpg
i.bimbolive.com/0a2/15a/1c3/ Frame FA46 8 KB
8 KB 29ms
29ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/0a2/15a/1c3/21038e7682b4aaf835a5414e3194b9c0_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

f9e793743db0a662d7adf8f9a7859ce9e14aa5db51a149778cd4c9fb84d0b085

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 82299
x-cache-0: 1
content-length: 7837
cf-bgj: h2pri
last-modified: Fri, 30 Dec 2022 12:33:28 GMT
server: cloudflare
etag: "63aeda98-1e9d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee0980cd52e-CDG
expires: Sun, 29 Jan 2023 16:34:14 GMT

GET
H2 200 1051ae482a1de9d02e65604ee3641143_thumb_medium.jpg
i.bimbolive.com/09a/34a/22d/ Frame FA46 7 KB
7 KB 28ms
27ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09a/34a/22d/1051ae482a1de9d02e65604ee3641143_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

53ddafd9a0c245e7150b2a864a06954980436ad86829ebf2073cc7b42d9f442b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 183519
x-o3-p6: MISS
content-length: 7382
cf-bgj: h2pri
last-modified: Mon, 22 Aug 2022 23:19:15 GMT
server: cloudflare
etag: "63040ef3-1cd6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee0f859d52e-CDG
expires: Sat, 28 Jan 2023 01:43:56 GMT

GET
H2 200 52d2156d3bf5dbbb27fa0b3aca955c20_thumb_medium.jpg
i.bimbolive.com/063/28b/170/ Frame FA46 12 KB
12 KB 25ms
25ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/063/28b/170/52d2156d3bf5dbbb27fa0b3aca955c20_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

aa9ec0a8f53951b638ab80b99afc30ce37ffd9e2d38ee388ed1f2dd382c38bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 422178
x-o1-p6: EXPIRED
content-length: 12031
cf-bgj: h2pri
last-modified: Sun, 26 Sep 2021 18:22:21 GMT
server: cloudflare
etag: "6150ba5d-2eff"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee148b3d52e-CDG
expires: Wed, 25 Jan 2023 02:19:34 GMT

GET
H2 200 e942428b80ae666ed8a3d24d9fba306b_thumb_medium.jpg
i.bimbolive.com/090/133/059/ Frame FA46 8 KB
8 KB 26ms
26ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/090/133/059/e942428b80ae666ed8a3d24d9fba306b_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

bb05a5f5b19514a21ac49a7cc328b455a73c50a1c5d812673483a87033e6d174

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 815226
x-o3-p6: EXPIRED
content-length: 8192
cf-bgj: h2pri
last-modified: Sun, 30 Jan 2022 15:03:51 GMT
server: cloudflare
etag: "61f6a8d7-2000"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee18957d52e-CDG
expires: Thu, 05 Jan 2023 11:54:11 GMT

GET
H2 200 0dfef0954681096c7fa38f38ee4e9a94_thumb_medium.jpg
i.bimbolive.com/099/365/36d/ Frame FA46 9 KB
9 KB 27ms
27ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/099/365/36d/0dfef0954681096c7fa38f38ee4e9a94_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

892fbc6af7ebdedd60dff43ceb16a4fc948e5b2ab70592ff4d282d20513d1b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 409436
x-o1-p6: EXPIRED
content-length: 9362
cf-bgj: h2pri
last-modified: Tue, 02 Aug 2022 22:48:43 GMT
server: cloudflare
etag: "62e9a9cb-2492"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee1e9dbd52e-CDG
expires: Tue, 24 Jan 2023 14:20:43 GMT

GET
H2 200 181e2436df334d3fa9046336ec5c25f3_thumb_medium.jpg
i.bimbolive.com/09a/335/1be/ Frame FA46 11 KB
11 KB 28ms
26ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09a/335/1be/181e2436df334d3fa9046336ec5c25f3_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

2654d1668bdc1a4625b4024cafd056077facc14922b409246547b355daf9a956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 334920
x-o1-p6: MISS
content-length: 11312
cf-bgj: h2pri
last-modified: Mon, 22 Aug 2022 13:11:57 GMT
server: cloudflare
etag: "6303809d-2c30"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee23a34d52e-CDG
expires: Thu, 26 Jan 2023 18:21:10 GMT

GET
H2 200 0d64061d40f3973762d1ac5ada9e09b8_thumb_medium.jpg
i.bimbolive.com/0a0/27a/1a3/ Frame FA46 9 KB
9 KB 40ms
37ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/0a0/27a/1a3/0d64061d40f3973762d1ac5ada9e09b8_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

28eca97f410216345d3cd7d831b0b3db3c451ac089b7214291750d5c38682aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35573
x-cache-0: 1
content-length: 8919
cf-bgj: h2pri
last-modified: Tue, 29 Nov 2022 14:29:43 GMT
server: cloudflare
etag: "63861757-22d7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee26a72d52e-CDG
expires: Thu, 19 Jan 2023 09:38:15 GMT

GET
H2 200 46e3fba1f772e293fa87dfe15425a86f_thumb_medium.jpg
i.bimbolive.com/09f/1c6/2b1/ Frame FA46 8 KB
9 KB 32ms
31ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09f/1c6/2b1/46e3fba1f772e293fa87dfe15425a86f_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

4291febb4d5c58a5eb8504edf62f6ac524acf6537c01fa09daca75960cb841de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23197
x-o3-p6: MISS
content-length: 8591
cf-bgj: h2pri
last-modified: Mon, 07 Nov 2022 14:40:03 GMT
server: cloudflare
etag: "636918c3-218f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee31b24d52e-CDG
expires: Thu, 26 Jan 2023 08:31:24 GMT

GET
H2 200 23aae8c0c47c28ab46e88b631ea9f0fe_thumb_medium.jpg
i.bimbolive.com/09d/3d8/3a9/ Frame FA46 12 KB
13 KB 25ms
25ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09d/3d8/3a9/23aae8c0c47c28ab46e88b631ea9f0fe_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

51664f86383fdee564794468de2ab44693354255dbdcc8dcec678e33d1f3bcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 702810
x-o1-p6: MISS
content-length: 12710
cf-bgj: h2pri
last-modified: Fri, 09 Dec 2022 21:38:18 GMT
server: cloudflare
etag: "6393aaca-31a6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee39ba2d52e-CDG
expires: Tue, 17 Jan 2023 18:05:14 GMT

GET
H2 200 6c6affa9aef235c4d468ea40463e59ff_thumb_medium.jpg
i.bimbolive.com/090/27c/05b/ Frame FA46 8 KB
9 KB 26ms
26ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/090/27c/05b/6c6affa9aef235c4d468ea40463e59ff_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

f9d2af46c867a11a7bd6d0ee1af9640cbf56d8f6695fef12a5d4e01322ca09db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359379
x-o3-p6: EXPIRED
content-length: 8656
cf-bgj: h2pri
last-modified: Fri, 19 Aug 2022 22:52:38 GMT
server: cloudflare
etag: "63001436-21d0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee3dc37d52e-CDG
expires: Tue, 24 Jan 2023 22:04:22 GMT

GET
H2 200 efd202296b80f381658e9275715a7f2f_thumb_medium.jpg
i.bimbolive.com/0a0/1e6/315/ Frame FA46 7 KB
8 KB 27ms
27ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/0a0/1e6/315/efd202296b80f381658e9275715a7f2f_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

6dd368edf051f037ae454e5759f7f7eaf1a40532b93eb25d9d2474816d776290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95927
x-cache-0: 1
content-length: 7557
cf-bgj: h2pri
last-modified: Sat, 26 Nov 2022 21:10:05 GMT
server: cloudflare
etag: "638280ad-1d85"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee44cb9d52e-CDG
expires: Sun, 29 Jan 2023 12:22:10 GMT

GET
H2 200 07a3134c7e221af13f88231cc27b7bed_thumb_medium.jpg
i.bimbolive.com/09e/0c7/0d3/ Frame FA46 10 KB
10 KB 26ms
26ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09e/0c7/0d3/07a3134c7e221af13f88231cc27b7bed_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

72ff54f43d91a9b40874efbb9e40bd0a1a5fdbe27ed0824709368f99c9a3bb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 442741
x-o3-p6: MISS
content-length: 9804
cf-bgj: h2pri
last-modified: Fri, 23 Dec 2022 18:25:34 GMT
server: cloudflare
etag: "63a5f29e-264c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee47cddd52e-CDG
expires: Tue, 24 Jan 2023 22:02:49 GMT

GET
H2 200 294a4b52c954c63a6657e754cdd52576_thumb_medium.jpg
i.bimbolive.com/0a2/00f/110/ Frame FA46 8 KB
8 KB 26ms
25ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/0a2/00f/110/294a4b52c954c63a6657e754cdd52576_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

dd597fcef550aed1782d1fef43394fa63c58136795c42b25f2294e38cc1387ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 407504
x-cache-3: 1
content-length: 8134
cf-bgj: h2pri
last-modified: Mon, 26 Dec 2022 19:54:07 GMT
server: cloudflare
etag: "63a9fbdf-1fc6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee4ad0bd52e-CDG
expires: Wed, 25 Jan 2023 21:42:28 GMT

GET
H2 200 90ee2b346f24812d54aca399406586a6_thumb_medium.jpg
i.bimbolive.com/09f/36b/279/ Frame FA46 13 KB
13 KB 28ms
27ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/09f/36b/279/90ee2b346f24812d54aca399406586a6_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

3bece4a4dc8f218bf66c8df30045625f14873e3cdd1e252d115409d11136e401

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-bc-o: 2
date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 357837
x-o1-p6: MISS
content-length: 13662
cf-bgj: h2pri
last-modified: Wed, 21 Dec 2022 14:48:14 GMT
server: cloudflare
etag: "63a31cae-355e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee4dd33d52e-CDG
expires: Thu, 26 Jan 2023 12:03:13 GMT

GET
H2 200 8f68a7d62ef420aa39e5505f67a07000_thumb_medium.jpg
i.bimbolive.com/068/29f/229/ Frame FA46 13 KB
14 KB 39ms
38ms Image
image/jpeg 195.85.23.226
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.bimbolive.com/068/29f/229/8f68a7d62ef420aa39e5505f67a07000_thumb_medium.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

net-226-23-conversasro.com

Software

cloudflare /

Resource Hash

33528b2759a3ec907d182d3edcd89981667e9be8c4a0dd63c8ac32d03f742c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://bngpt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101594
x-o3-p6: EXPIRED
content-length: 13803
cf-bgj: h2pri
last-modified: Mon, 15 Feb 2021 23:45:01 GMT
server: cloudflare
etag: "602b077d-35eb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78240ee50d79d52e-CDG
expires: Sat, 21 Jan 2023 05:07:05 GMT

GET
H2 200 config Show response
go.alxbgo.com/ Frame 56E8 7 KB
2 KB 130ms
70ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alxbgo.com/config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dgirls%252Fnew%26cols%3D7%26rows%3D2%26margin%3D2%26refreshRate%3D60%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/impression.99122d4e5deba018bc14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f0e10112d2e09b9ecbda307ac85c56cc51106ac33ae35a65470bb9a7741d779

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 31 Dec 2022 09:16:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 78240ee02d4cf868-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK advertisement-v304827.js Show response
pt-static2.ptwmstcnt.com/npe/_common/script/adblock/ Frame 3A6D 21 B
339 B 44ms
23ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static2.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v304827.js
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Last-Modified: Wed, 21 Dec 2022 09:57:26 GMT
Server: unknown
ETag: "63a2d886-15"
X-Cache-Status: R-HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21

GET
H/1.1 200
OK tp-v304827.css
pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/ Frame 3A6D 2 KB
724 B 43ms
22ms Stylesheet
text/css 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/tp-v304827.css
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7c80d71810d9fdcdd27744172db9f9385975f9798a3e9dcaa8054530f4bd9da9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2022 09:57:27 GMT
Server: unknown
ETag: W/"63a2d887-677"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H/1.1 200
OK tp-v304827.js Show response
pt-static5.ptwmstcnt.com/npe/ba/tube-player/script/ Frame 3A6D 413 KB
129 KB 53ms
32ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static5.ptwmstcnt.com/npe/ba/tube-player/script/tp-v304827.js
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 45d61bbe0ab5bdd744fe954cafe33a428f7f54b233dc25f29eb7f302729844bd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Dec 2022 09:57:27 GMT
Server: unknown
ETag: W/"63a2d887-673ce"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 pixel;r=883929299;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fanfisasiberia.sextgem.com%2F;uht=2;fpan=1;fpa=P0-2079964490-1672500643664;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d...
pixel.quantserve.com/ 35 B
373 B 92ms
31ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=883929299;rf=0;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fanfisasiberia.sextgem.com%2F;uht=2;fpan=1;fpa=P0-2079964490-1672500643664;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=sextgem.com;dst=0;et=1672500643817;tzo=0;ogl=;ses=204d67f2-c833-4466-9ec1-d0f3f23816f4

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Dec 2022 15:30:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 3A6D 193 KB
65 KB 133ms
83ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2735915a736cb93d36d8fb7da982263065afdca3cbe9d95363e3526445a09f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66526
x-xss-protection: 0
last-modified: Sat, 31 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 31 Dec 2022 15:30:43 GMT

GET
H/1.1 200
OK e61c1c.png
widget.supercounters.com/images/online/ 568 B
1 KB 36ms
36ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://anfisasiberia.sextgem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:43 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 5131
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 568
Last-Modified: Thu, 25 Aug 2022 12:22:45 GMT
Server: cloudflare
ETag: "63076995-238"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQNDif49zkf70YKxsZPerJG0iTeKVPnK9B4vy7u8QgnZJ8CsEF%2FgjkalES3ipRHifn%2Fj4jiP645n8cdOFkWt1JFPSHWVDugPNVF1kwqLZ2WZXnX0eoWGT4yQCKCzQMd6UeGIgRpNCJNeu0%2FP5wg1v90vbcA%2FRaM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=300
Accept-Ranges: bytes
CF-RAY: 78240edfed83d309-CDG

GET
H2 200 config Show response
go.alxbgo.com/ Frame 56E8 7 KB
2 KB 74ms
58ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alxbgo.com/config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dgirls%252Fnew%26cols%3D7%26rows%3D2%26margin%3D2%26refreshRate%3D60%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/BestThumbs.99122d4e5deba018bc14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5fbfa5ba8c58e2d7b17b24fe359a82048468b7440f2300a97d2469cd08a43c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 31 Dec 2022 09:16:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 78240ee02d52f868-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 prefetch_stripchat.com.json Show response
cdn.stripst.com/assets/ Frame 56E8 422 B
395 B 80ms
27ms Fetch
application/json 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/prefetch_stripchat.com.json
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab199badc7c9ad414624e963b2e0a375b15c106194eabbcc3cd90a28a6d3d7c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:36:06 GMT
server: cloudflare
age: 103159
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee06da5119e-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:43 GMT

GET
H2 200 config Show response
go.alxbgo.com/ Frame 56E8 7 KB
2 KB 52ms
45ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alxbgo.com/config?url=https%3A%2F%2Fcreative.alxbgo.com%2Fwidgets%2Fv3.html%23namespace%3Dgirls%252Fnew%26cols%3D7%26rows%3D2%26margin%3D2%26refreshRate%3D60%26hasPlayer%3Dtrue%26hasLive%3Dtrue%26hasName%3Dtrue%26userId%3D347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/getConfig.99122d4e5deba018bc14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65230de0ede7dc7a50c6f0371af0afb2b8ee6073187489d5e77276145caf5339

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 31 Dec 2022 15:29:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 78240ee02d4ff868-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 models Show response
go.alxbgo.com/api/ Frame 56E8 41 KB
5 KB 91ms
68ms XHR
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alxbgo.com/api/models?tag=girls/new&limit=25&modelsCountry=&modelsLanguage=&modelsList=
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/v3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4052b3ff8379aa5d35d598fb134c3e193e9ffb99a4d61e362ba8a00030134955

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 31 Dec 2022 15:30:44 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.alxbgo.com
access-control-allow-credentials: true
cf-ray: 78240ee11c6b9992-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vendors.20221228103254.js
cdn.stripst.com/assets/ Frame 56E8 0
265 KB 149ms
127ms Other
application/javascript 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/vendors.20221228103254.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:34:48 GMT
server: cloudflare
age: 270826
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee1290bd6d6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:44 GMT

GET
H3 200 shared.20221228103254.js
cdn.stripst.com/assets/ Frame 56E8 0
603 KB 181ms
159ms Other
application/javascript 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/shared.20221228103254.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:34:48 GMT
server: cloudflare
age: 270826
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee1290cd6d6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:44 GMT

GET
H3 200 bootstrap.20221228103254.js
cdn.stripst.com/assets/ Frame 56E8 0
535 KB 111ms
89ms Other
application/javascript 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/bootstrap.20221228103254.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:34:49 GMT
server: cloudflare
age: 270826
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee12909d6d6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:44 GMT

GET
H3 200 main.20221228103254.js
cdn.stripst.com/assets/ Frame 56E8 0
6 KB 51ms
30ms Other
application/javascript 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/main.20221228103254.js
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:34:48 GMT
server: cloudflare
age: 270826
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee12906d6d6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:44 GMT

GET
H3 200 styles_stripchat.com_dark.20221228103553.css
cdn.stripst.com/assets/ Frame 56E8 0
273 KB 61ms
40ms Other
text/css 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stripst.com/assets/styles_stripchat.com_dark.20221228103553.css
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/prefetch.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Dec 2022 10:39:15 GMT
server: cloudflare
age: 270826
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 78240ee1290dd6d6-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 15:30:44 GMT

GET
H3 200 abc.gif
go.alxbgo.com/ Frame 56E8 103 B
103 B 77ms
55ms Image
image/gif 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.alxbgo.com/abc.gif?userId=347783407bcaffd439044e1c9d47787df044de9def2098e48d1b9250a71c9154&player=canvas&modelsCount=0&segment=canvas-newAPI&landing=widget_v3&referrer=http%3A%2F%2Fanfisasiberia.sextgem.com%2F&i=0
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: *
cf-ray: 78240ee12923d71a-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103

GET
H/1.1 200
OK roboto_bold-webfont-v304827.woff
pt-static3.ptwmstcnt.com/npe/_common/fonts/ Frame 3A6D 87 KB
88 KB 47ms
28ms Font
application/font-woff 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static3.ptwmstcnt.com/npe/_common/fonts/roboto_bold-webfont-v304827.woff
Requested by: Host: pt-static3.ptwmstcnt.com
URL: http://pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/tp-v304827.css
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88

Request headers

Referer: http://pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/tp-v304827.css
Origin: http://pt.ctsdwm.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:44 GMT
Last-Modified: Wed, 21 Dec 2022 09:57:26 GMT
Server: unknown
ETag: "63a2d886-15df0"
X-Cache-Status: R-HIT
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89584

GET
H/1.1 200
OK roboto_regular-webfont-v304827.woff
pt-static3.ptwmstcnt.com/npe/_common/fonts/ Frame 3A6D 87 KB
88 KB 38ms
19ms Font
application/font-woff 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static3.ptwmstcnt.com/npe/_common/fonts/roboto_regular-webfont-v304827.woff
Requested by: Host: pt-static3.ptwmstcnt.com
URL: http://pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/tp-v304827.css
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e

Request headers

Referer: http://pt-static3.ptwmstcnt.com/npe/ba/tube-player/css/tp-v304827.css
Origin: http://pt.ctsdwm.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:44 GMT
Last-Modified: Wed, 21 Dec 2022 09:57:26 GMT
Server: unknown
ETag: "63a2d886-15d5c"
X-Cache-Status: R-HIT
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89436

GET
H/1.1 200
OK get Show response
api-protected.protoawegw.com/v2/player/performer/ Frame 3A6D 829 B
1 KB 120ms
90ms Fetch
application/json 93.93.51.225
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&product=livejasmin&ngs=1&streamType=rtmp&category=girl&performerIds[]=FabianaLima
Requested by: Host: pt-static5.ptwmstcnt.com
URL: http://pt-static5.ptwmstcnt.com/npe/ba/tube-player/script/tp-v304827.js
Protocol: HTTP/1.1
Server: 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: c35e7ad6f99c9bd610708e23efa6b0f52ab1b47cb6997148c5296092488d2148

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Content-Encoding: gzip
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK / Show response
pt.ctsdwm.com/api/video-promotion/v1/get-related-contents/e389fbe3fd91782472d90d80906d13d4/ Frame 3A6D 13 KB
3 KB 662ms
662ms Fetch
application/json 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.ctsdwm.com/api/video-promotion/v1/get-related-contents/e389fbe3fd91782472d90d80906d13d4/?psid=djsilver&pstool=421_3&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&psprogram=VPAPI
Requested by: Host: pt-static5.ptwmstcnt.com
URL: http://pt-static5.ptwmstcnt.com/npe/ba/tube-player/script/tp-v304827.js
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: db0e5ba5a59ffcf67c5358d2c45967bf86bef9ad988fa8c3f4f74b48838a6949

Request headers

Referer: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Content-Encoding: gzip
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache
Connection: keep-alive

GET
H/1.1 206
Partial Content 384c7c487b4b8a429f4f51862bd7910e.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a18/ Frame 3A6D 4 MB
0 54ms
31ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a18/384c7c487b4b8a429f4f51862bd7910e.mp4?pstool=421_3&psid=djsilver

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.ctsdwm.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-EXPIRED
X-Cache-Source: Origin
Content-Range: bytes 0-51238197/51238198
Connection: keep-alive
Content-Length: 51238198
X-Cdn-Node: frpar
Last-Modified: Tue, 28 Jun 2022 09:07:05 GMT
Server: unknown
ETag: "52dd84d0c7721b01b5b87721ec8fdd29-7"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 14 Jan 2023 15:30:44 GMT

GET
H/1.1 200
OK smilies_ex.png
pt-static1.ptwmstcnt.com/npe/image/ Frame 1472 8 KB
9 KB 43ms
19ms Image
image/png 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt-static1.ptwmstcnt.com/npe/image/smilies_ex.png
Requested by: Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 31 Dec 2022 15:30:44 GMT
Last-Modified: Tue, 22 Nov 2022 08:57:06 GMT
Server: unknown
ETag: "637c8ee2-2155"
X-Cache-Status: R-HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8533

GET
H2 200 output.ef7436bc2788.css
static-assets.highwebmedia.com/CACHE/css/ Frame 5DD4 24 KB
7 KB 85ms
33ms Stylesheet
text/css 2606:4700::6810:5e2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.highwebmedia.com/CACHE/css/output.ef7436bc2788.css
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c4c8da035de04518bdded4ed055a0a963716c85b15703046f7f86d9e54085b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GQTWRJCC63MBQGKM
age: 971748
cf-polished: origSize=29618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: L5cStJWt2pIMnw9RLxBN6AfZFKrkXTB9uwu6sTLwbRZUFyNVks74pcFifYUbPJGye/SauOrvjMo=
cf-bgj: minify
last-modified: Thu, 17 Nov 2022 16:34:23 GMT
x-amz-meta-s3cmd-attrs: md5:ade681e2fa92be6f93f43294ddc58941
server: cloudflare
etag: W/"ade681e2fa92be6f93f43294ddc58941"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpldcAXYD337Cm8JZhlaphA0VuUGifJdV%2FCyBugnO7O4L9r1xxl%2FPXT60mVZ2sqRjNM%2BG%2BgLGL8QATejyB6e2ke%2BK4getw8pCEO%2FtthNT5OqI3yJCXWf%2FOF3MX2bJGbAtMfxrvaG92dmk7oF7W4wMBD7HuGeKHkIVpi31g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 78240ee1cdbe2a6f-CDG
expires: Mon, 30 Jan 2023 15:30:44 GMT

GET
H2 200 lissa_wayne.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 11 KB
12 KB 79ms
29ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/lissa_wayne.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4f86c79833555da7d7fdd4cb03845f56d5b2b96e4bcdc839a3a0e11297b10c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11053
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:43 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BMNh0ofhoKnLw3EXDf31dBrn4uUk%2FrfnBk6i1hFXopc5Z%2Bc8e9ea8f9rTGLdFMiDtwBb2przP6QlFLPh28fupqysY9JyN9h82NSR%2Big0zD%2B1NfNPXSw9d4R1rwvVhsGnhS097mIc6wS%2FJAnCpxusOF8QTuFGx%2FlG0j5g7Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1cadf2a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 shiny_bell.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 14 KB
15 KB 59ms
32ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/shiny_bell.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde3c38752d52eb09836526af090e705c92ffcf765eae8e9c7467a55e0304013

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30
cf-polished: origSize=14674
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14639
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:14 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58tG%2BdWzgEZXXG5DdDsb%2BnywOsshqyBL2%2FIrF7CysCTQdVwJZLmWT%2BgytvgtO9eNXNWvvZrHCBBps12qPA5BXJoY%2BkbsCqiwT1XWyrcbSuCREu8R3CqrlqmwLX8o8YtAgPeXPDRcse19eZ3lu96gKQ9x8T7E3TvPrghHEa4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1cae62a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 kiko__ass.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 13 KB
13 KB 75ms
49ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/kiko__ass.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3a9688d6ee3dadb66eee760b0bc68b758a1cec2d09911b66e944b1f76b3477

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12923
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:19 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a5JEDwlXXEY%2BxbXuUoXTa%2BFj1M%2BqI6oEB5O%2BcpsE4EMLdbVKNdFT7ZzIllwigXM%2BfFdlHNXuGlgouR8cA49pMcLnIjj5NjUZuie1%2BfYB7GmnToOaeIc7zWPj6nIGF4iiFJrQpxVxrCAiYTieTN5zmwjEEqukMwzV%2FptnRY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1cae82a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 elliy_coy.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 13 KB
14 KB 77ms
50ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/elliy_coy.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301c34d0bd3f25073d133d16c7a374598e0f8cdf92e873eeb65f306773270659

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18
cf-polished: origSize=13269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13248
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:26 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj4VC%2FsVqZArQdc1aixAQCC7B27joyON%2BROnRAi6SDN7WlR4m%2Fj4PaJhjLhaKbABKbGvhPFMEwoHLG6QAWNlWRYQ5vW4s%2FPLLGyv8O9o9e8oj%2BFPjcfOfMnu1a5B2Jgf6eA95zS3zp5g3dLRO3dNmjMtT%2B8JT%2BQkuzc%2FBaI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1cae92a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 agata_adams.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 12 KB
13 KB 79ms
53ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/agata_adams.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebf2768e4b37a1ba9c8d607b0b8a57a6c04306396e56ba9473419b5c48082393

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12463
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 31 Dec 2022 15:30:13 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88dy9oHHWjaFgFdNIEy2z0gZHG9uuGTNcIIzY7BQAXQUUuTc2ILm%2F0bfRi139Bs1D9QM0TzDHw7lTK%2B4DuLi1T7DoPbtoxvr8bZaYMf8sWiVlrDYNgGHpPOydEmDTSyObzsfW8A0urfSaJ4pEzvyL%2FoPaOidfiwAZTSgKv0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1cae42a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 _sweetzoe_.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 12 KB
12 KB 56ms
30ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/_sweetzoe_.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a81c98999a08e0c2de037c18b4fecd584949ced1291b558ce5f491d29df58dba

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
cf-polished: origSize=11836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11805
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:34 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Zebmk7IPTISst6GxFGi3D7Ckz6UoI94czTh6YYSSAb1h6GYsG2ZSfeBC9xXnRVsvJbU9U%2BqhOQb5jHkgoa4FI2SLgQ774RBZz7OoZ54DSBnTGD9zxetxbb8nYBQVqhiMcFtsm00VP%2BBy5Dt5G8SWc7Xb3YpSVk88HpZqOc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee1caea2a70-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 krizotxxx.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 22 KB
23 KB 58ms
33ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/krizotxxx.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e1b528cdd9bfa46c2a9ab00ba21b9dc70f27b922c8a5b2a6cca8ff79ef648f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13
cf-polished: origSize=23122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22685
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:31 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAmsXpXHxXDrDGlT%2FN6E1IJ87lkQmcl9TZEDXS6595kti%2FIHCsulG%2FxdzZ%2Fph3yMorni%2B4E4gN98qxo6F6BPusHz%2Fm4qntBHM7uzB7ukKxmAeNek%2BeLwHbVjCYAhby2aKet5alsS2RAyE4TLQRhV6BX0QzkOr1DdV5MrjBI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a18d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 kristycoy.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 15 KB
16 KB 110ms
84ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/kristycoy.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f3e23826c28c8bc25589069bb257d1d5ebde7e1dd0c21ae33bf962489379b90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15232
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:37 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mt13Ml2U4UtJYwKz%2Byw41x7YV3DgNkyrKcNeqTSkjD78igXt14LhqRI1YsUkLwMwyXiolKnryfSn1ApQa4%2BCePzMcfYmiLQFqmnOei%2BxgRB7S6mp%2FbB5C0BR4pVQtliseQaNU7ZfoRnTFRM1i6vcuiQeLnMtyLJGC0zAqQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a19d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 bb_lourels.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 16 KB
17 KB 131ms
105ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/bb_lourels.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97192b137546e588e61d3bf5a5c4bf8b6381e16c045d709232dbe637122b852

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
cf-polished: origSize=16508
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16441
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:42 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kLUtJrSS9mP%2BjRuY4%2BvUS4bib5wjqJJNFdPrYjDc5fA7MDaezl%2FOOYidAjStcEFOepowjy%2BYw4X4ufzWkjV14NJ8KWc7XljNVLIrCoRH1rzGTtRZ%2F060o8S%2BygZHVOQokxViyhfEmElseWUunMdGbgSRKwYb1Dx%2Fb8yZgs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a1ad273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 in_tune.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 11 KB
11 KB 176ms
150ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/in_tune.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da1a8fda4ceae5e95c5ea5d02a69e045b0bd11edd936b7a2df2dcc841336b1d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10803
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:23 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aqlh4nMTNICKG6i7e%2Fp%2BPdE1%2BMyLO3Qs3JnNOT1Z5Db%2BkdsPF1ugROq33YgWQCxPTmR6STbQ1f4FADAIdJnTjxtQuYV3NO7mDwLHWBFrpMbnuANGU%2Bx6fyYlajQNTHULXDI%2F8JiJnJWqwn6EIQpsn%2BFguUMa%2BifCERMZAmk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a1bd273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 cutie_pearl.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 12 KB
13 KB 206ms
180ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/cutie_pearl.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f9600dc22464b480decaa9c48f59466100131ac67b0cc32a5d4c598bc3f1ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
cf-polished: origSize=13065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12747
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:40 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4RRf%2BRbOXgomBYLCTG2yZob65nXExbZfRj6pZV2T5s0l6pMDnVImLzjx64jM8XJU0Atd6te2ixBUtIVm97yUEJPeJl60hsF6ICyiaAjbSTg%2FKJihExnXf6uvEgBeYIiQak4T38626NkIQVsH5hd3YkQT7o6RR06pzXNFyg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a1cd273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 rubyluka.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 11 KB
12 KB 244ms
218ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/rubyluka.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e997625eda151dd1f5d5eccdb8bb74b28fc2e2ff7ccce85be8ae42093ce227ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11561
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:24 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTFgNYT%2BijsIphhHnwvFtr7i8yonIxPiW1kiJmsBsoPmQzJv0IFQx1ePyNA8XggJNbYW6x3BetegMViPsPD4QucrMBaqfCycHhuLGYaOIn2oz8pmb3ZQpjCjfmgqQLA53lPju5c0LUzR1mdrOEM8XxehfSla6qupMDC8p1U%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a1ed273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 jinnloveu.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 9 KB
10 KB 245ms
219ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/jinnloveu.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f9dd2e0b61bc79d5cc5c102cb2609644bbd3489092536eaa5cad2a91fd255c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29
cf-polished: origSize=10043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9715
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:15 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6crjVVEydJXpRAK%2Fsj1HCATI2aLKqp7SnCQ%2BcPa7VAceL%2Fsle7YwdVKlPwQqZQmVmGuE4GvXkuJjeCTEwL9%2B7gQEhBuvZBQ2UJ6rVM8fhPvGgvu5EwRNDup9N6xpuOiJqDkD4bbPol9C4h8MunSX%2B%2FD9TLVRtl39sGH%2FIE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a20d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 karry_coy.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 9 KB
10 KB 264ms
238ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/karry_coy.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d75841e3b7136a322f61a2ce04442fa3c7f32e5e88189590bddd6038efa526a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
cf-polished: origSize=9163
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9120
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:40 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXDlnqbuMPK3i5lz6ngL7EXwGLf%2Fgw1MREi5DJw4ijOKhhUJiZPzj38eNx3DYkYkF88POAGtEbzctmm0iQXdoa8QZpgIV5u8cImXHkfhuxHV5uJPX8NEnQnq0R0nTXpcOZV%2Fnf7aH42s26oY7YbwCCJ8SPfz23p1I7qfo80%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a22d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 sandy_candycrush.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 15 KB
15 KB 284ms
257ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/sandy_candycrush.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d52f1e985dd22a9198d8c35798d6afafe3e5ccb646aff3b5e64916febcdccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3
cf-polished: origSize=14916
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14914
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:41 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMGjkqlEeWyKv849McPhV4G1LJB2jucMjhZ4yp8sHwcuRrrodMkC60ZM3kLVCPQ%2BEewLwtQshavjN5D0Es4G%2FHTmIUOiY83EC71pmTbS4OzweQvOfEbMT72v%2FFo40h%2BKnGQfNxt8toVwMsHnr5nqR8nD4Ck3wiD%2BtwTqBDY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a23d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 jennis_charming.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 17 KB
18 KB 303ms
276ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/jennis_charming.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

170acdcd0ebed486b19da3578bfcce290d292afbd339e52c43dd46c5feb08af5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
cf-polished: origSize=17714
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17640
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:37 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RFSbrWXsMmGDN7kO60GRGGUQqpgz7MFbP0ZoseDYzVLfPTO466TPFXc0jRKF4jeP4PeK09PXk1kRrgTTvr%2FU2DtQdIavA7u6y1aBTEQqVMLDjcXdtRDiQoBlIao0wTrV71sclEANSGCtcWHqF3sBDjgvpi3uumW8AueZR8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a24d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 lylas_malika.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 13 KB
14 KB 322ms
295ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/lylas_malika.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61433152b613fe27de32e4fa504c4bf36df844ec707d93736ac687f3c844978

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
cf-polished: origSize=13627
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13476
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:34 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOWYLJc9T1e0ZbNPSEUzZGOXbLQYbxQkLDPXcIWLM1hvdNpsMVgvyIYvZJ3WHR0hXPP6n2bq9DO8mvJ8yj%2BcCu%2BdWIb7AaqCy201zCb3hgVB39aId0GXFQfcJ7knnLhHHKhszs9vBohFVr1dv6XShm8PoxiOotkg1zw5LQo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a25d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 rosetatt.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 14 KB
15 KB 341ms
314ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/rosetatt.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be25ee68b97473c684d305c18f1d4c8c5c1e850706faf26d62e3ff7e96a204f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7
cf-polished: origSize=14426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14396
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:37 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfkruOWjkM6AgVXENzWqPpwhksMuhaVa%2FWvAxthlR2zYMgpb%2FUUyiL%2BALpIYK8LTGosVS61yv2%2F%2BVKheZxtl3CtIGwx4HnZt09OQSJt%2Fc%2FtYfjuRZ7B94jysVGnKfGb%2FJDtac8aeley8pdAeaW%2F5CQ4rSkl5udnqqUdZ%2FHg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a26d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 noah_grant.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 12 KB
13 KB 360ms
333ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/noah_grant.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d623fe79aa152e2f5ce54a351922bced10117728e81557ae70345d790b8f107

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10
cf-polished: origSize=12294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12211
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:34 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjwmX7N7g3iNl2zn5xeM5oP0HzL5IzTaWZdQHe4UimSE4E1fSyZlAgPyMrr1XehlL9dmLPbPOTFseC%2FaIz65aKTma1X2UNd4d81jkV1soWbm1mhBilidpXcC88aXZk9Pc%2B%2B%2FKrOcrIcTx8V7Q6MA97Mob%2Fon58wmj0F%2FepY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a27d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H3 200 stephany_ricci.jpg
roomimg.stream.highwebmedia.com/riw/ Frame 5DD4 11 KB
12 KB 385ms
358ms Image
image/jpeg 2606:4700::6813:f253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://roomimg.stream.highwebmedia.com/riw/stephany_ricci.jpg?1672500630

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29186367849811bae639cca7d57642c97fd984cd330960bfeff8a69773355996

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-security-policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
cf-polished: origSize=11203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11065
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:30:35 GMT
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8F8ya2RaMi06jNu06aCaNGXxMNxOgzV%2FuV0JhP5ENYcgyvs%2Bg7Mkqrz5KXpC5BkoDRDJujD%2FT0F2%2F8MMYrWBKXhf7Nh6dLUPkf4%2F8riju9H%2BognQFWflz4egsJ9%2F6pIRZTrabEbH9HMo%2Bmkqwaqwz2YTCW7s7VcaOwuI%2Bc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=30
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 78240ee21a28d273-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 31 Dec 2022 15:31:14 GMT

GET
H2 200 output.6f6724a00cb8.js Show response
static-assets.highwebmedia.com/CACHE/js/ Frame 5DD4 316 B
798 B 63ms
34ms Script
application/javascript 2606:4700::6810:5e2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.highwebmedia.com/CACHE/js/output.6f6724a00cb8.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6724a00cb858aa73759829289a3593ec992eb2ce720825bd2239e53dca4d3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: B6KWNTN28GZYFFKE
age: 1493996
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: moztEDjh/bbe7rTVqa/niQ/THiU+dRQl+XjMACT47HhZWzn0uFnVLb7DuaPzJqhHCGE65z5Fycs=
cf-bgj: minify
last-modified: Thu, 24 Jun 2021 21:24:05 GMT
x-amz-meta-s3cmd-attrs: md5:a708027bfbbde438a72a93082d4bc4b5
server: cloudflare
etag: W/"a708027bfbbde438a72a93082d4bc4b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BGjTEyuaC8m7swDpOs514X30XJm2R8lMoVBTwAzv8Yp9wSWN3WO41%2BnP9JM9LJVNjuPyqsd24%2Br8kYaOFT0PjJjGG9zKEaoBpfvuvm%2FiYkSiFadX1KS%2F2yoKNCLgWrddxod33Uz2oE99PsYDfeDXZoVQQg7kXC%2B49wbZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 78240ee1cdbf2a6f-CDG
expires: Mon, 30 Jan 2023 15:30:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1472 49 KB
20 KB 64ms
19ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:44:17 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2787
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 31 Dec 2022 16:44:17 GMT

GET
H2 200 98877458
img.strpst.com/thumbs/1672500362/ Frame 56E8 22 KB
22 KB 124ms
47ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98877458
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b509e8d0706c61e045184ea89d3c2fed9ec17098c34d7ad35322460f484bf3a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 237
cf-polished: origSize=23681, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22789
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:00 GMT
server: cloudflare
etag: "383cdc6a6d5e6e80c622acb7c2d76a64"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c1f229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98998042
img.strpst.com/thumbs/1672500362/ Frame 56E8 17 KB
17 KB 120ms
43ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98998042
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d19584e37ba4f85ad2cc38c07bfd5f24a343919d710aeb836582b3b5ef6e721

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 80
cf-polished: origSize=18381, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17535
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:29 GMT
server: cloudflare
etag: "38746f508ad2e8e5835926a6a25deb70"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c14229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98276811
img.strpst.com/thumbs/1672500362/ Frame 56E8 58 KB
58 KB 124ms
47ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98276811
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d38952de2cddd731041a28f75743d23ca4aeb268cee345c39239cf37218242

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 65
cf-polished: origSize=61199, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59077
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:25:57 GMT
server: cloudflare
etag: "f35ffc13916d90be8a0f607a3d7c7df5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c22229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99410319
img.strpst.com/thumbs/1672500362/ Frame 56E8 29 KB
29 KB 124ms
47ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99410319
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf10ae9e0370cd379fa530214f03001922c2fdcb82137e5f5d02c7849b37ada5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 67
cf-polished: origSize=30667, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29702
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:27:02 GMT
server: cloudflare
etag: "cd4e4105025de98a3eba83fe2c7f6b73"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 78240ee22c23229e-CDG
access-control-allow-headers: *
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98282182
img.strpst.com/thumbs/1672500362/ Frame 56E8 43 KB
43 KB 122ms
46ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98282182
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611970a3b3a7062a07666ef941f2ef62a81a0ab3738dda5d6b387fd1588f6abd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 201
cf-polished: origSize=45226, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43664
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:17 GMT
server: cloudflare
etag: "b8287335f29eb64e8ddaa3d761efc6bd"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c15229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98996895
img.strpst.com/thumbs/1672500362/ Frame 56E8 22 KB
22 KB 124ms
47ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98996895
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1059b8fbee5e07c971a4df12fbe5bbd7c9405b290a85f4efa0425d85ad3906e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 217
cf-polished: origSize=23666, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22641
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:25:48 GMT
server: cloudflare
etag: "c668c935cae829a063dbb4a4f394c48b"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 78240ee22c24229e-CDG
access-control-allow-headers: *
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99703192
img.strpst.com/thumbs/1672500362/ Frame 56E8 33 KB
34 KB 103ms
46ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99703192
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01d52c5acbe5ed0a0573693d9b619f20b649a4a9ab0f5722b75b79dc48ea951

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 181
cf-polished: origSize=35146, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33961
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:03 GMT
server: cloudflare
etag: "335d3a7fcc9172681e4b809abea59cf8"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c20229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99241889
img.strpst.com/thumbs/1672500362/ Frame 56E8 44 KB
44 KB 102ms
45ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99241889
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246d38fdae8ca4987fef0b3195efd7f0223830953754f15a70a861237ea3cdbf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 81
cf-polished: origSize=46431, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44893
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:39 GMT
server: cloudflare
etag: "ce16d873132ed6d21c18f92d8e35f158"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 78240ee22c10229e-CDG
access-control-allow-headers: *
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98644954
img.strpst.com/thumbs/1672500362/ Frame 56E8 44 KB
45 KB 103ms
46ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98644954
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc3daaf8060e82b91467a810755550f7177f4ee0a5dc2b6aaf7191d38c5ab7b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 62
cf-polished: origSize=47052, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45387
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:27:03 GMT
server: cloudflare
etag: "1cce09dda4449a4fecb0d16b0b797b78"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c1e229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99161018
img.strpst.com/thumbs/1672500362/ Frame 56E8 48 KB
48 KB 102ms
46ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99161018
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3394bc5190da9d890dd82a2045e8e9dca93e66f1502efb0eb6de6fe81ca9183

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 29
cf-polished: origSize=50732, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48908
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:32 GMT
server: cloudflare
etag: "24302c718bd8d1d72c2d7666f653efba"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c0d229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99630961
img.strpst.com/thumbs/1672500362/ Frame 56E8 41 KB
41 KB 79ms
23ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99630961
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584de1d305dce433503cc3b2d2fb7074103bd724ce5808e03bf9622eec3ab939

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 197
cf-polished: origSize=43573, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41745
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:52 GMT
server: cloudflare
etag: "f98c801376ff9653fc86a81daa21d63c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c12229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 98451628
img.strpst.com/thumbs/1672500362/ Frame 56E8 27 KB
28 KB 99ms
42ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/98451628
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd225d7c6066f9b5824fb3564d96ca9771f8f483d0ba37090245aa90983e8bc0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 21
cf-polished: origSize=28817, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27999
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:37 GMT
server: cloudflare
etag: "0fbb1f5ec8c9552df541719f732810c0"
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 78240ee22c0a229e-CDG
access-control-allow-headers: *
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 99613281
img.strpst.com/thumbs/1672500362/ Frame 56E8 53 KB
53 KB 98ms
42ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/99613281
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926adb5a59d8cda0d1229e161003307264b7258a17a098d2fa9e7479d1e26cb6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 237
cf-polished: origSize=55804, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53971
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:02 GMT
server: cloudflare
etag: "a528734b18b566bc744df54cb3c83094"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c13229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

GET
H2 200 96645326
img.strpst.com/thumbs/1672500362/ Frame 56E8 38 KB
38 KB 99ms
43ms Image
image/jpeg 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1672500362/96645326
Requested by: Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b35aac5c1a2a4426ba1bcd3297882352ddbffd11d44ba8b1f42901d0d24810

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://creative.alxbgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
cf-cache-status: HIT
age: 45
cf-polished: origSize=39642, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38639
cf-bgj: imgq:100,h2pri
last-modified: Sat, 31 Dec 2022 15:26:36 GMT
server: cloudflare
etag: "f3b5a15a52cbe8dd9207500945458179"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 78240ee22c0e229e-CDG
expires: Sat, 31 Dec 2022 16:00:44 GMT

POST
H3 200 view Show response
go.alxbgo.com/thumbs/ Frame 56E8 956 B
399 B 57ms
56ms Fetch
application/json 2606:4700:3110::6812:3b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.alxbgo.com/thumbs/view
Requested by: Host: creative.alxbgo.com
URL: https://creative.alxbgo.com/widgets/BestThumbs.99122d4e5deba018bc14.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3110::6812:3b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4119b263fcd84b5eee0f70b4e3a0614f569163b5485e3f0feb99317dbda8b074

Request headers

Referer: https://creative.alxbgo.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: *
cf-ray: 78240ee1dd279992-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 206
Partial Content dec5717ebe8a3fe4bc936df74c27d47a.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/ Frame 1472 414 KB
0 40ms
21ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/dec5717ebe8a3fe4bc936df74c27d47a.mp4?pstool=212_1&psid=djsilver

Requested by

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.potawe.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Content-Range: bytes 0-2985001/2985002
Connection: keep-alive
Content-Length: 2985002
X-Cdn-Node: frpar
Last-Modified: Tue, 15 Nov 2022 16:56:11 GMT
Server: unknown
ETag: "f12e66f6ddb07458bc4dbb3d4fbce0a7"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 14 Jan 2023 15:30:44 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5DD4 49 KB
20 KB 69ms
20ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 13:35:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 31 Dec 2022 15:35:20 GMT

GET
H3 200 invisible.js Show response
chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 30D1 36 KB
15 KB 30ms
29ms Script
application/javascript 2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672488000

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900306903ddf966997f6bd25f05f71d7708aca7d9475e65c95bb48959a253ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hwpJp40fo6%2F5uiaaoJVztoKiNOVBJ2ofHWIez6m1lAnGpppjqr4TNVA2I3etxdVWL2MI6L8V0dTYZ8qz%2BWzq%2F7PlnZpl6d4OVB%2FgdWppJ2r1wOBqc4oqDN7Cyq8GyRDmzAOH%2Bkb1EqyK28v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78240ee23ca2f0a7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 1472 198 KB
70 KB 96ms
38ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59d43d51fa6d03212c23e0c29674f8140be5c1339fbd72d67ae53e625964ec4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 15:30:44 GMT

GET
H/1.1 200
OK H6a.gif
pt.potawe.com/RhEIY/ Frame 1472 43 B
447 B 24ms
24ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt.potawe.com/RhEIY/H6a.gif?psid=djsilver&psprogram=revs&pstool=212_1&site=jsm&campaign_id=&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&categoryName=girl&subAffId=%7BSUBAFFID%7D&vp%5BautoPlay%5D=1&vp%5BshowChat%5D=0&vp%5BchatAutoHide%5D=0
Requested by: Host: pt.potawe.com
URL: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/cifra?psid=djsilver&psprogram=revs&pstool=212_1&site=jasmin&cobrandid=&campaign_id=&category=girl&row=2&column=5&background=A60000&fill=0&border=0&model=insidehover&modelColor=0&modelFill=0&wide=1&padding=6px&width=1323&height=0&imageWidth=450&imageHeight=0&stream=1&start=1&performerList=teen&subaffid={SUBAFFID}&legacyRedirect=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: unknown
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 31 Dec 2022 15:30:43 GMT

GET
H/1.1 200
OK get Show response
api-protected.protoawegw.com/v2/player/performer/ Frame 1472 814 B
1017 B 122ms
122ms Fetch
application/json 93.93.51.225
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&hotDeal=0&preVipShow=0&ngs=1&pstool=212_2&psid=djsilver&streamType=rtmp&category=girl&performerIds[]=MariaKyklina
Requested by: Host: pt-static5.ptwmstcnt.com
URL: http://pt-static5.ptwmstcnt.com/npe/cifra/script/cifrafk-v304827.js
Protocol: HTTP/1.1
Server: 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: a733025060989062462f892d1f1d57106a462229597b77391836fc5321b1bad3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.potawe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Content-Encoding: gzip
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3A6D 49 KB
20 KB 23ms
22ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 13:35:20 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 31 Dec 2022 15:35:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A6D 198 KB
70 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f924a203a12678c95553d73e7e94864b06de3498c5f932cfb29a78cd915ccfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 15:30:44 GMT

GET
H/1.1 200
OK SCT.gif
pt.ctsdwm.com/l2lYm/ Frame 3A6D 43 B
447 B 53ms
24ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt.ctsdwm.com/l2lYm/SCT.gif?psid=djsilver&pstool=421_3&sexualOrientation=straight&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/tube-player-rnd/?psid=djsilver&pstool=421_3&sexualOrientation=straight&forcedPerformers%5B0%5D=&tags=teen&primaryColor=FF0000&labelColor=212121&campaign_id=95097&accessKey=3e453b2c56193eadceea9ac8dc3a1830&c=player_container&embedTool=1&origin=anfisasiberia.sextgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: unknown
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 31 Dec 2022 15:30:43 GMT

GET
H/1.1 200
OK fc991bf62a70df254925e5316d9778ef.jpg
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7218/ Frame 3A6D 71 KB
72 KB 53ms
31ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7218/fc991bf62a70df254925e5316d9778ef.jpg?pstool=421_3&psid=djsilver

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

c697e2759a79c1e204d777499ec66969ce639bc2902159880d9a7c9cf7cf243d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-EXPIRED
X-Cache-Source: Origin
Connection: keep-alive
Content-Length: 73171
X-Cdn-Node: frpar
Last-Modified: Tue, 28 Jun 2022 09:07:03 GMT
Server: unknown
ETag: "cbaf19146c882966c0177d2feeac2a5f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Accept-Ranges: bytes
Expires: Sat, 14 Jan 2023 15:30:44 GMT

GET
H/1.1 200
OK 6ab35227d9ebebdbe7483a3a77624f35_glamour_576x324.jpg
galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f16/ Frame 3A6D 55 KB
56 KB 49ms
29ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/ff268cab8d9fbae1ed7506f97496274f16/6ab35227d9ebebdbe7483a3a77624f35_glamour_576x324.jpg?cno=221252

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

3fbfd65f16924f04c455824cb99b8dbf5a968e7acc6cda8b78fbbd7f75899883

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-EXPIRED
X-Cache-Source: Origin
Connection: keep-alive
Content-Length: 56616
X-Cdn-Node: frpar
Last-Modified: Mon, 12 Dec 2022 18:20:22 GMT
Server: unknown
ETag: "455618c3ff07db1b72b3dafa65efbcb7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Accept-Ranges: bytes
Expires: Sat, 14 Jan 2023 15:30:44 GMT

POST
H/1.1 200
OK /
api-protected.protoawegw.com/v2/player/collect/ Frame 3A6D 0
0 63ms
62ms Fetch
text/html 93.93.51.225
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/collect/
Requested by: Host: pt-static5.ptwmstcnt.com
URL: http://pt-static5.ptwmstcnt.com/npe/ba/tube-player/script/tp-v304827.js
Protocol: HTTP/1.1
Server: 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash

Request headers

Referer: http://pt.ctsdwm.com/
X-Requested-With: XMLHttpRequest
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Content-Encoding: gzip
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type

OPTIONS
H/1.1 200
OK /
api-protected.protoawegw.com/v2/player/collect/ Frame 0
0 29ms
28ms Preflight
text/html 93.93.51.225
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/collect/
Protocol: HTTP/1.1
Server: 93.93.51.225 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: http://pt.ctsdwm.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 31 Dec 2022 15:30:44 GMT
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 pica.js
chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 30D1 17 KB
8 KB 30ms
29ms Other
application/javascript 2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6b3aefde9ec33b2901e6d3952390a8a719f8a16de98a35f68e065b122d41b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c45zaJsn%2BSZ2ogGSJY%2Fde%2BZqN71R4MIpGsWrWtNj%2FpPefUsI8Ic5PAMU3NHIN%2BewptEoqO5OSI6%2BhwbDKk0zt52b1qQ%2Bk8qUjHbv1b5tDCdlug%2B4%2FqxPOKc5S%2BuFEfMDIVvDXi5DfqmrsfL9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 78240ee3dfe9f0a7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 206
Partial Content dec5717ebe8a3fe4bc936df74c27d47a.mp4
galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/ Frame 1472 2 MB
2 MB 20ms
19ms Media
video/mp4 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn0.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/dec5717ebe8a3fe4bc936df74c27d47a.mp4?pstool=212_1&psid=djsilver

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

942bd4fe5dbce3b49fcbb3cfabf979a8bbccb4861700ad47af4a7763bf2230c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.potawe.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=393216-

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Content-Range: bytes 393216-2985001/2985002
Connection: keep-alive
Content-Length: 2591786
X-Cdn-Node: frpar
Last-Modified: Tue, 15 Nov 2022 16:56:11 GMT
Server: unknown
ETag: "f12e66f6ddb07458bc4dbb3d4fbce0a7"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 14 Jan 2023 15:30:44 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 21 KB
6 KB 66ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: 6WVQ30AD7RAWMXK4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: iviIhAYaIp0Br7/MnsKgrR7O89bAdVjKH/bcvnSdXvbV8PeA8ivdR/sS6h2qrr7M59SJRqFJbh0=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1672500645.610061,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 368

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 8 KB
4 KB 19ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0VMGZV3F5CSDW5
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: wToIVkUbGQsQ+bCm3PdIYIXDHgcDQ5DeJtKSe4oBQS2/lUA5wHfxNr3PB1T+ovb0heTEt3xi0nM=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.636366,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 365

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 3 KB
2 KB 20ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0YN6MH5G3FMZP9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: KgN7odBztRKQdk1tLIEsI43zgYzixZZ85VUJVal1G2V1N8AIlh3qmu/KJ+6kyZcnUs9v3rBWxsE=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.637075,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 370

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 5 KB
2 KB 20ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0N5HYMP27YRZE3
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: oEYlNvVfOD1I8ky4ElWHmtyXZjAi9aGpxWBBm+mPIq1zVcNBVnssCNSk6mk+IpqR74E0S5eYyJM=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.637197,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 366

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 1 KB
1016 B 20ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0ZSJT9X68B4E3R
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: whBYL7Mtx/Z6vVZGn+hRXOCmGGPWMdPImKJtdFAlyXnbCl2U6ILEk5C+xUHPzy1zoen3eXEijSI=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.637726,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 364

GET
H2 200 39.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 7 KB
3 KB 20ms
19ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/39.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0TDJ2JMNWKZGY6
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2755
x-amz-id-2: M7Pr+XB+BXiAATObW1zBq1X/YZcmg6Ji7Yr8iC8QXOOXu/9oVRKTYhJlyi9h4/s38o5R5XG5hZE=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.638637,VS0,VE0
etag: "0448380a8f2cd0426bbdf04dd45b5408"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 276

GET
H2 200 0.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 5 KB
2 KB 21ms
20ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/0.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0GHF3PP0590SHG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2349
x-amz-id-2: 9tJLr/urXhY6V+ORyeIk6c+/XgEHvGt2yopP5QRzvz1h2iZYKlWKGRVqO9sFbjaE/5xA1/RpeHE=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.639240,VS0,VE0
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 274

GET
H2 200 571.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 2 KB
1 KB 21ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/571.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0JSDKH03YCJGN1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1108
x-amz-id-2: bMUqExgOCiZxCErw0wQc1fYYJQ4TAN2+xtV66f1VBBh2Sxff3PooZPe1NWHt9dLcs2rNzHj7eAo=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.639325,VS0,VE0
etag: "04b00905b32fd8d29459545bc125cff6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 273

GET
H2 200 820.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 7 KB
3 KB 23ms
23ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/820.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0G0J51NKCAZTV8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2979
x-amz-id-2: b+2cdB/svpdqAnWAjCCfW2A/pbVV92Uo27KRTqdg3M8qWA5FIp6N46PTPsYqXrU1nA7RbyIIZWo=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672500645.643303,VS0,VE0
etag: "897a1a72a47e4f4a24c05aec49af638f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 273

GET
H2 200 790.2d6a2503-1220.js Show response
js-agent.newrelic.com/ Frame 5DD4 17 KB
6 KB 24ms
24ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/790.2d6a2503-1220.js
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-encoding: gzip
via: 1.1 varnish
date: Sat, 31 Dec 2022 15:30:44 GMT
x-amz-request-id: VK0JDTT16D4HH8W4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6064
x-amz-id-2: x92/xVFU1fC3RO2UvWh6ID1XNOi+TwaLFSasIaffhPTJAelhRMvJkB48mAWAndYzNZROyHxdG/Y=
x-served-by: cache-cdg20792-CDG
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1672500645.643355,VS0,VE0
etag: "af8c077a247e90dff929d7af81c94f57"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 204

GET
H/1.1 200
OK 6f524845d1 Show response
bam.nr-data.net/1/ Frame 5DD4 49 B
532 B 196ms
139ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1071&ck=0&s=43f054e2155f43be&ref=https://chaturbate.com/tours/3/&ap=19&be=489&fe=467&dc=99&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1672500643599,%22n%22:0,%22r%22:1,%22re%22:211,%22f%22:211,%22dn%22:212,%22dne%22:212,%22c%22:213,%22s%22:213,%22ce%22:235,%22rq%22:235,%22rp%22:435,%22rpe%22:455,%22dl%22:465,%22di%22:588,%22ds%22:588,%22de%22:589,%22dc%22:956,%22l%22:956,%22le%22:958%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&at=H0ETGw9CExRCXBM9CgBBXAkZG0QSVEsPAw4BQVwbamZQD15XPj1BSEEVUFJXRBFuXQAWBkZZVhUXenc%2BY1gYQFlGVF4LAQlUBVdfWFYCAlMHDhh6dSYTFUMhJTshCU0XAwlVHRsiJDwmDBJ8TU1DABMDQwQCCBADFVNYXRJUG01AEQECCmZcSRNbEwtRUlJeV1ddBQNVWwIPVQZZXlREFRdYXw5fZgcOAgMQRAMXeH8ufxUpLTAwQUobV1xCFW5eFAcQFzwPSRcDE1MBCVBYV1UHVgNRAwJXBV1bWFRGT0RbUEpFPlZMBBEQOwQDVhcDEydjG01AChQ8BVZAV0UTSBtbQCU2QUobXEluAl5MDxYRHTwFVltfWAVUVwIHQV5BVxsZG1gRblcEFhQLEQ0bDxsTTRNQET0MFgQHV1xDUBVYVg9AWUYsMHEVanAyExVDCxM7ChVJFwMTLmdxQTEiN0FKG1xJbgBCV0NYUlJRUQ8ZG1gRblgSDDwLEQEbDxt%2BN3kZMiMwRk9EUEVmUg5fVwQBFw0MCGZBQEEEEwNDIQwWEwlLVE1UQx0bCBI8ERADS2pNSBFUG1tACwsQElBbXhNNE0sEExYBEBJmRVhFCRMDQ00XCxYUShoKHkMdGxYOPAwMFU0XAxMCWVgVFxEGAhJcG1peDBMVQxEKEAY5UFEbC1AdGxILFwE8AlZYWFgPEwNDAQsFFxNLV1hFBB9aDg9BSEEUXERMVBJFZgkNEBBBXBtWUVAVREsDAxcBTQVWWBsdQ1NLDhUQARE5UFEbC0MADQdWB1AGVxQBDABSHA1TBABJWgMNUxRVVlMMA1ZUAVUHW1MbHUNDXAcHEQERRAMXUUUVQQNOTQIKBQ9KVEpYA1RLCANNFwYeTVJcXE9SVgxNQUhBFFxETFQSRWYMBxcMDAIbDxt2JGUbTUATHRcOVltmRwRDSggNDUZZRAobDhNNE0wAPQcBFQ9aUGZXAFxQDRtBXkEpTV1cQ0MdGxQDPAAGEFBWXG4VSEkEQFlGBwNKXk1eERMVQxcCOwwVZlNYXAhdQENYQTMKCF1aTkJDHRsUAzwLEDlPUEtCCF5XQ1hBVVNEFRdMUD5TSw4VEAEROV9UVFgNSBtbQCAMEQlUUBsdQ0RYPgARCxQVXEdmRwRDSggNDUZZRAgFAR9RHwxSV1pGT0RMVGZCFUNQDwVBXkErVk9QXQ1QFlRMU0RLMVBbXV4WQhkvNkNVU0gJDhlmCF8PVVlDHFVSEBV4QRFdXDYHAS8KEhYACgZPAg9BSigsNyt1GRldCFpcQSUGBwgJEBV6WRNeVARNUlRbSAkbDAJUCBdQUFdEMAdfVEtYTgQKVkxQUkFKG1JQRT5SVgwPChBBXBsFCgdZBFwHUlpQAQAbGRtBAENYDBFBXkEdZRdNXhRDZUNYQzhBHghnXW1DHRk9QAAFDhZYXF5fPRMDQT5BCAc8DXhlE00RZUMBP0ZZRmUXCwE9ExVBPkEUP0QDFWUTUG0bTUI/RgQDV1FcQz0TA0E%2BQQI/RBUVZRMVUF49QFlEP0RXUE5tQx0ZPUAHDRAHW1lcbhJeTA8GP0ZZRmUXCW1DTBscHw%3D%3D&jsonp=NREUM.setToken
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://chaturbate.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 78240ee59bb62a4d-CDG

POST
H3 200 78240edff94af0a7 Show response
chaturbate.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 30D1 2 B
746 B 44ms
44ms XHR
text/plain 2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/cdn-cgi/challenge-platform/h/g/cv/result/78240edff94af0a7

Requested by

Host: chaturbate.com
URL: https://chaturbate.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1672488000

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 31 Dec 2022 15:30:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPOxkuC9n3tChnEaKob9wUd4v0nKB69ObGaDN%2B6vm2%2BumZlwciL%2BjXn3RGFhSBeLEVhufNGaOqNLIB%2FEg9fXLDxhsj2x4EMgC3kSuWfR%2BMl%2FwN4c%2BVXBV4jbW9qd4QKJt9v64GCoSYfeVSLn"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 78240ee66bb0f0a7-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 0142ad11a57d11619d270678f4ccd9da.jpg
galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7218/ Frame 3A6D 17 KB
17 KB 19ms
18ms Image
image/jpeg 93.93.51.190
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn0.awemdia.com/74cfb35aec71f4e2a7bc4cbbdcc5df7218/0142ad11a57d11619d270678f4ccd9da.jpg?pstool=421_3&psid=djsilver

Requested by

Host: anfisasiberia.sextgem.com
URL: http://anfisasiberia.sextgem.com/

Protocol

HTTP/1.1

Server

93.93.51.190 , Luxembourg, ASN34655 (DOCLER-AS, LU),

Reverse DNS

Software

unknown /

Resource Hash

34fd6548fe1cd2ae4e3f820c78e0339742e9317e289fe6bbfa3f26db1b664a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 31 Dec 2022 15:30:44 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Connection: keep-alive
Content-Length: 17065
X-Cdn-Node: frpar
Last-Modified: Wed, 07 Dec 2022 15:21:58 GMT
Server: unknown
ETag: "c1f877caceca0bfde4cb7e55f61b4f0e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Accept-Ranges: bytes
Expires: Sat, 14 Jan 2023 15:30:44 GMT

POST
H/1.1 200
OK 6f524845d1 Show response
bam.nr-data.net/events/1/ Frame 5DD4 24 B
402 B 147ms
146ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1220.PROD&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1335&ck=0&s=43f054e2155f43be&ref=https://chaturbate.com/tours/3/
Requested by: Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=ldZ4M&c=20&p=1&gender=f&tag=new&disable_sound=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://chaturbate.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 31 Dec 2022 15:30:45 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://chaturbate.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 78240ee6dd8f2a4d-CDG
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sextgem.com/	1970-01-20 18:11:00	Name: _xta_uid Value: 004005e6c33247bb965e446b66e0695d
.sextgem.com/	1970-01-20 08:35:02	Name: _xta_vid Value: 1d3e823e00dc82a976a73626b846d6e0-1672500643
anfisasiberia.sextgem.com/	1969-12-31 23:59:59	Name: Value: test
creative.alxbgo.com/	1970-01-20 08:36:23	Name: __cflb Value: 02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb8vfX6PySQAUfe
chaturbate.com/	1970-01-20 08:42:12	Name: u_x1Rd Value: 1
chaturbate.com/	1969-12-31 23:59:59	Name: us_x1Rd Value: 1
.chaturbate.com/	1970-01-20 09:18:12	Name: affkey Value: "eJwdzMEOQDAQBNBfkT2Lhjj1H1wc3ZZuKS3SLmki/l3W8U1m5gEGXUCuewNlAVM4hd4MbSfmuIkNWbw8SxLFC/OplcLduoTJjRQdVokyzxSq6QhKmmjtv12T8zfFRrL/vanh/QAy0iMs"
.chaturbate.com/	1969-12-31 23:59:59	Name: fromaffiliate Value: 1
chaturbate.com/	1970-01-20 08:35:22	Name: noads Value: 1
.chaturbate.com/	1970-01-20 18:11:00	Name: sbr Value: sec:sbr14f4d4e1-4513-42fc-9e4f-d7b5b47e6abf:1pBdop:ze0LcJY0-vYEEfEPla8TFQhzoUI
.quantserve.com/	1970-01-20 18:05:15	Name: mc Value: 63b055a3-daa8a-67a72-5d5e7
.sextgem.com/	1970-01-20 17:59:29	Name: __qca Value: P0-2079964490-1672500643664
go.alxbgo.com/	1970-01-20 08:36:23	Name: __cflb Value: 0H28uukSkGJRy5UBr2St4i2aEH3UZ9YXYoyu75LEqPJ
.highwebmedia.com/	1969-12-31 23:59:59	Name: _cfuvid Value: yRgerdp3Tr_Z0EcU3TKKEIyvdcfYHbDvCrGzl7KgeQY-1672500644151-0-604800000
.chaturbate.com/	1970-01-20 08:35:02	Name: __cf_bm Value: reYHPXgbsJBoopQ4gvV0bCficTJU.u3aFPOo45tlJlQ-1672500644-0-ARC3bTHy2vlfK9ymXUGMu6gzEk9H0YDQFrXXjY9kqWI+8fohIRtgUlgX4Q7wvNFS97wZmVAgiEQL65CB8vg+e5zOv80dJCMCuw79HUOCyA2zzsZN5HzUmBHdgJdVKavSvqKL/5mC01FQGQOuxuG+nNbPYJgVslasPFBsbnnSgtJ2hIJQdivSmYi0S3HbVK525Q==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl17614776.highperformancegate.com/ff/ab/4b/ffab4bdc783c60871e4aec17834ee770.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anfisasiberia.sextgem.com
api-protected.protoawegw.com
awecre.com
bam.nr-data.net
bngpt.com
cdn.stripst.com
chaturbate.com
cif.images.xtstatic.com
creative.alxbgo.com
edge.quantserve.com
enif.images.xtstatic.com
fagywalu.pro
fonts.googleapis.com
fonts.gstatic.com
galleryn0.awemdia.com
go.alxbgo.com
i.bimbolive.com
i.bngprm.com
img.strpst.com
js-agent.newrelic.com
pixel.quantserve.com
pl17614776.highperformancegate.com
pt-static1.ptwmstcnt.com
pt-static2.ptwmstcnt.com
pt-static3.ptwmstcnt.com
pt-static5.ptwmstcnt.com
pt.ctsdwm.com
pt.potawe.com
roomimg.stream.highwebmedia.com
rules.quantcount.com
service.supercounters.com
sextgem.com
static-assets.highwebmedia.com
thumb-p6.xhcdn.com
widget.supercounters.com
www.google-analytics.com
www.googletagmanager.com
xtgem.com
141.94.172.213
151.101.2.137
162.247.241.14
172.104.29.90
192.243.61.227
195.85.23.226
2001:4860:4802:34::178
2600:9000:223c:8a00:6:44e3:f8c0:93a1
2606:4700:3110::6812:3b96
2606:4700:311f::6812:3f7c
2606:4700::6810:5e2a
2606:4700::6812:6528
2606:4700::6813:f253
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1178:1:4b::f
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:82a::2008
2a06:98c1:3121::3
31.192.112.221
45.133.44.17
54.36.158.42
66.254.122.36
93.93.51.190
93.93.51.191
93.93.51.200
93.93.51.225
01e8c64b761cce7a14c9a7f82d4fa2162138e5e6e556350df4730498ea6417bf
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d623fe79aa152e2f5ce54a351922bced10117728e81557ae70345d790b8f107
0f5c4fb45ef7051317861085a3dba3cbb816092daac1d51badf095f366676242
131c9c68c19e522f389787464274e72c4299ba346415b595da5dd80cc350d23b
13c4c8da035de04518bdded4ed055a0a963716c85b15703046f7f86d9e54085b
170acdcd0ebed486b19da3578bfcce290d292afbd339e52c43dd46c5feb08af5
18b36996d1fbb0a112d0048cd759e6be9677f052f56f9727ba7f5bcdff143d96
18d38952de2cddd731041a28f75743d23ca4aeb268cee345c39239cf37218242
1dc3daaf8060e82b91467a810755550f7177f4ee0a5dc2b6aaf7191d38c5ab7b
20f9600dc22464b480decaa9c48f59466100131ac67b0cc32a5d4c598bc3f1ef
246d38fdae8ca4987fef0b3195efd7f0223830953754f15a70a861237ea3cdbf
2654d1668bdc1a4625b4024cafd056077facc14922b409246547b355daf9a956
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28eca97f410216345d3cd7d831b0b3db3c451ac089b7214291750d5c38682aa1
29186367849811bae639cca7d57642c97fd984cd330960bfeff8a69773355996
2a3a9688d6ee3dadb66eee760b0bc68b758a1cec2d09911b66e944b1f76b3477
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2b6ba9f14d5fe2d664f574b369e0b39025cf817b5533a97e874c0a707fa0e8b1
2cb11c3e87fdaf1d7b15ff5eea0ceae9572309e60faa9c804faaec15b4f816e4
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2f3e23826c28c8bc25589069bb257d1d5ebde7e1dd0c21ae33bf962489379b90
301c34d0bd3f25073d133d16c7a374598e0f8cdf92e873eeb65f306773270659
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
33528b2759a3ec907d182d3edcd89981667e9be8c4a0dd63c8ac32d03f742c6d
34d52f1e985dd22a9198d8c35798d6afafe3e5ccb646aff3b5e64916febcdccd
34fd6548fe1cd2ae4e3f820c78e0339742e9317e289fe6bbfa3f26db1b664a8d
39f9dd2e0b61bc79d5cc5c102cb2609644bbd3489092536eaa5cad2a91fd255c
3bece4a4dc8f218bf66c8df30045625f14873e3cdd1e252d115409d11136e401
3c44cc50d9796d8c1f02d9f13625909382829e1eb0565148740d41e405ae167c
3c6709a0db25229e13ece3a3bee5d932a809a15830a0f9a3d6d0bb377a4b300d
3d099a6c3f9bbaa71d5dc0c0ecdbc0076a6cb1f56d16e45c8d428795eeb48d8f
3f0e10112d2e09b9ecbda307ac85c56cc51106ac33ae35a65470bb9a7741d779
3fbfd65f16924f04c455824cb99b8dbf5a968e7acc6cda8b78fbbd7f75899883
4052b3ff8379aa5d35d598fb134c3e193e9ffb99a4d61e362ba8a00030134955
4119b263fcd84b5eee0f70b4e3a0614f569163b5485e3f0feb99317dbda8b074
4291febb4d5c58a5eb8504edf62f6ac524acf6537c01fa09daca75960cb841de
45d61bbe0ab5bdd744fe954cafe33a428f7f54b233dc25f29eb7f302729844bd
4ab199badc7c9ad414624e963b2e0a375b15c106194eabbcc3cd90a28a6d3d7c
4cd856979227c27fd16c42b2594ab3e4c434de33db45403b8884e93c3b4c1e43
4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9
507724c388248978740f7adefb8d72b1bf9a169cff07e4201f69b5e1bdde6384
51664f86383fdee564794468de2ab44693354255dbdcc8dcec678e33d1f3bcad
52b35aac5c1a2a4426ba1bcd3297882352ddbffd11d44ba8b1f42901d0d24810
53ddafd9a0c245e7150b2a864a06954980436ad86829ebf2073cc7b42d9f442b
556ab4c31631686b7f6f5d716452b07212dea63ed810010d1873b91f4478c683
584de1d305dce433503cc3b2d2fb7074103bd724ce5808e03bf9622eec3ab939
59d43d51fa6d03212c23e0c29674f8140be5c1339fbd72d67ae53e625964ec4e
59e1b528cdd9bfa46c2a9ab00ba21b9dc70f27b922c8a5b2a6cca8ff79ef648f
5b3002cada011b91348a429587aa8197d10f3557b68a485195a2dcc1ffcacc6f
611970a3b3a7062a07666ef941f2ef62a81a0ab3738dda5d6b387fd1588f6abd
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
65230de0ede7dc7a50c6f0371af0afb2b8ee6073187489d5e77276145caf5339
6dd368edf051f037ae454e5759f7f7eaf1a40532b93eb25d9d2474816d776290
6f6724a00cb858aa73759829289a3593ec992eb2ce720825bd2239e53dca4d3f
6f924a203a12678c95553d73e7e94864b06de3498c5f932cfb29a78cd915ccfc
7262c08118dc0e525cc2e7642172a7a5ea213f296e1626e8d8aa984a42cf6690
72ff54f43d91a9b40874efbb9e40bd0a1a5fdbe27ed0824709368f99c9a3bb61
7557e088dea3fbd46782571019b0fe4664125df4f0b6b5a749e8152c4910bce4
7c80d71810d9fdcdd27744172db9f9385975f9798a3e9dcaa8054530f4bd9da9
7f4f86c79833555da7d7fdd4cb03845f56d5b2b96e4bcdc839a3a0e11297b10c
866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e
892fbc6af7ebdedd60dff43ceb16a4fc948e5b2ab70592ff4d282d20513d1b92
8ce298e325c14e8fbfe8c7bf94be0b3c295e81d127634377bdc0b90002bec29b
8eecee666ee54c49c3fa83323e1f0fc76cf8cb28e94bca8f1a74c90b46309416
900306903ddf966997f6bd25f05f71d7708aca7d9475e65c95bb48959a253ba6
90de109658b27159233e288a3aadc53c992fb39fc2e95ca692ecd88cdc634bc8
926adb5a59d8cda0d1229e161003307264b7258a17a098d2fa9e7479d1e26cb6
93288730acac8fa61beb0476e191457117516e0bdd5b5fa16af2bb9da15845a0
942bd4fe5dbce3b49fcbb3cfabf979a8bbccb4861700ad47af4a7763bf2230c0
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
9761a28d2b53a005187afe566184af17c2e5f165ad0f0dae3d5e31ec6d9d3276
9b7518e5bb4e22b02bfa3e5243c5a5d91236e2192f927af565376d2c360635d9
9d19584e37ba4f85ad2cc38c07bfd5f24a343919d710aeb836582b3b5ef6e721
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a61433152b613fe27de32e4fa504c4bf36df844ec707d93736ac687f3c844978
a733025060989062462f892d1f1d57106a462229597b77391836fc5321b1bad3
a81c98999a08e0c2de037c18b4fecd584949ced1291b558ce5f491d29df58dba
a913b760ef4daa94e27bdb4e4d09659e53f3aaab195ff06ff0e36ed925d17e17
aa9ec0a8f53951b638ab80b99afc30ce37ffd9e2d38ee388ed1f2dd382c38bb5
af9f10c98131643e31a42f528464f14d8e240a6f6c69f87d58be6efd4e1f0276
b01d52c5acbe5ed0a0573693d9b619f20b649a4a9ab0f5722b75b79dc48ea951
b1da8870358753cd41bfdefede665c9114f4dba42a403d986905359095794ebd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b509e8d0706c61e045184ea89d3c2fed9ec17098c34d7ad35322460f484bf3a5
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
ba5eace1a80ccd72813bde44c2e62dea44986d167fb70758e801debf4f0dd1f9
bb05a5f5b19514a21ac49a7cc328b455a73c50a1c5d812673483a87033e6d174
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
be25ee68b97473c684d305c18f1d4c8c5c1e850706faf26d62e3ff7e96a204f0
bf5fbfa5ba8c58e2d7b17b24fe359a82048468b7440f2300a97d2469cd08a43c
c1059b8fbee5e07c971a4df12fbe5bbd7c9405b290a85f4efa0425d85ad3906e
c35e7ad6f99c9bd610708e23efa6b0f52ab1b47cb6997148c5296092488d2148
c37a058effb26c5550d927fb90708d03a9b5950e9296b5171ec4849a774b42f3
c697e2759a79c1e204d777499ec66969ce639bc2902159880d9a7c9cf7cf243d
cb6b3aefde9ec33b2901e6d3952390a8a719f8a16de98a35f68e065b122d41b3
cf10ae9e0370cd379fa530214f03001922c2fdcb82137e5f5d02c7849b37ada5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3394bc5190da9d890dd82a2045e8e9dca93e66f1502efb0eb6de6fe81ca9183
d75841e3b7136a322f61a2ce04442fa3c7f32e5e88189590bddd6038efa526a7
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d8591ac6ec12a84b0bbe2d1f8e171b024cc1420d4a9e68a3a658c810bac62aa9
da1a8fda4ceae5e95c5ea5d02a69e045b0bd11edd936b7a2df2dcc841336b1d2
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db0e5ba5a59ffcf67c5358d2c45967bf86bef9ad988fa8c3f4f74b48838a6949
dd597fcef550aed1782d1fef43394fa63c58136795c42b25f2294e38cc1387ee
dde3c38752d52eb09836526af090e705c92ffcf765eae8e9c7467a55e0304013
de6ff0dce31e06ab5c78be82a9b61cb79b11af5e710951be8518cfde4c7fc45b
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e2735915a736cb93d36d8fb7da982263065afdca3cbe9d95363e3526445a09f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
e997625eda151dd1f5d5eccdb8bb74b28fc2e2ff7ccce85be8ae42093ce227ea
ebf2768e4b37a1ba9c8d607b0b8a57a6c04306396e56ba9473419b5c48082393
ee80e1799cfa522898910f9b955030eb967d87ff400bf423561b6fa8b05d666a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f76e602d084a84b969d3d0ec2ab7b05fa05202bdf9a32ee21f5a3597698c48
f3d9d90acb2ddea5b51794a8bbf2b0fe3ad1323d3f887cb6f598294ee6fb1f4c
f97192b137546e588e61d3bf5a5c4bf8b6381e16c045d709232dbe637122b852
f9a91aff726a468e468e34828a81f42e849f1ae6e79f7e98458ab9e78fc9f43a
f9d2af46c867a11a7bd6d0ee1af9640cbf56d8f6695fef12a5d4e01322ca09db
f9e793743db0a662d7adf8f9a7859ce9e14aa5db51a149778cd4c9fb84d0b085
fd225d7c6066f9b5824fb3564d96ca9771f8f483d0ba37090245aa90983e8bc0
fdef54289f76b5f57ef51e1a6a0211ad16800da8207ead4c42a4c57beecbbc38

anfisasiberia.sextgem.com Open in urlscan Pro 54.36.158.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

142 Requests

70 %HTTPS

50 %IPv6

29 Domains

38 Subdomains

28 IPs

6 Countries

11045 kBTransfer

15674 kBSize

15 Cookies

4 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

anfisasiberia.sextgem.com Open in urlscan Pro
54.36.158.42 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

70 %
HTTPS

50 %
IPv6

29
Domains

38
Subdomains

28
IPs

6
Countries

11045 kB
Transfer

15674 kB
Size

15
Cookies

142 HTTP transactions
0 data transactions