eve-stg.act.utoronto.ca
23.21.131.82 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
http://eve-stg.act.utoronto.ca/didys14141.php 8yr old
Submission: On September 10 via manual (September 10th 2022, 7:58:19 pm UTC) from CA — Scanned from CA

Summary HTTP 60 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 43 domains to perform 60 HTTP transactions. The main IP is 23.21.131.82, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is eve-stg.act.utoronto.ca. 8yr old

This is the only time eve-stg.act.utoronto.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	23.21.131.82 23.21.131.82	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:eae4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::ac43:bbee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.217.171.236 144.217.171.236	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3035::6815:5bd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:552	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3031::ac43:9080	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.88.254.166 64.88.254.166	30361 (SWIFTWILL2) (SWIFTWILL2)
1	2606:4700:303... 2606:4700:3033::ac43:8174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.167.223.226 104.167.223.226	399045 (DEDIOUTLE...) (DEDIOUTLET-NETWORKS)
1	2606:4700:303... 2606:4700:3033::6815:1d2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	207.36.22.4 207.36.22.4	3064 (AFFINITY-FTL) (AFFINITY-FTL)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	158.69.115.197 158.69.115.197	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:4bef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:101e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20ea:8000:1d:c2dd:3c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	65.8.20.112 65.8.20.112	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	64.111.107.130 64.111.107.130	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	2606:4700:303... 2606:4700:3038::6815:ea94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20ee:9c00:16:f7a3:5c00:21	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	158.69.187.60 158.69.187.60	16276 (OVH) (OVH)
1	186.2.163.70 186.2.163.70	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	5.196.109.56 5.196.109.56	16276 (OVH) (OVH)
1	64.88.254.162 64.88.254.162	30361 (SWIFTWILL2) (SWIFTWILL2)
1	2600:9000:20e... 2600:9000:20ea:3800:1d:4cf9:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:eb16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3035::6815:45a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eb7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:77:... 2a04:4e42:77::159	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3038::6815:eb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:2d2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:820::2016	15169 (GOOGLE) (GOOGLE)
3	5.8.67.38 5.8.67.38	209813 (FASTCONTENT) (FASTCONTENT)
2	146.75.36.193 146.75.36.193	54113 (FASTLY) (FASTLY)
9	20.119.175.244 20.119.175.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
60	42

5 23.21.131.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-131-82.compute-1.amazonaws.com

eve-stg.act.utoronto.ca 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2607:f8b0:4006:822::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3038::6815:eae4 (United States)

ASN13335 (CLOUDFLARENET, US)

lp.cutefans.win 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3033::ac43:bbee (United States)

ASN13335 (CLOUDFLARENET, US)

bc.onedragon.win 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 144.217.171.236 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ip236.ip-144-217-171.net

img.paparaco.me 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3035::6815:5bd7 (United States)

ASN13335 (CLOUDFLARENET, US)

kartavarna.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:20::681a:552 (United States)

ASN13335 (CLOUDFLARENET, US)

thefappeningblog.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:3031::ac43:9080 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qpornx.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 64.88.254.166 (United States)

ASN30361 (SWIFTWILL2, US)

cdn.pornpics.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3033::ac43:8174 (United States)

ASN13335 (CLOUDFLARENET, US)

leakedblack.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.167.223.226 (North Kansas City, United States)

ASN399045 (DEDIOUTLET-NETWORKS, US)
PTR: mature.raftmodkit.com

mysnap.pw 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3033::6815:1d2a (United States)

ASN13335 (CLOUDFLARENET, US)

sakhteman.info 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

user-uploads.aznude.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 207.36.22.4 (United States)

ASN3064 (AFFINITY-FTL, US)

www.blackporno.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 158.69.115.197 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: mail.nakedebonycelebs.com

www.nakedebonycelebs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:20::ac43:4bef (United States)

ASN13335 (CLOUDFLARENET, US)

content.pornobolt.cc 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:20::ac43:4408 (United States)

ASN13335 (CLOUDFLARENET, US)

get.wallhere.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3035::6815:101e (United States)

ASN13335 (CLOUDFLARENET, US)

fappeningbook.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:20ea:8000:1d:c2dd:3c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.yumpu.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 65.8.20.112 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-8-20-112.bos50.r.cloudfront.net

imagesvc.meredithcorp.io 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

www.people.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 64.111.107.130 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: ps456388.dreamhostps.com

www.nerdporn.sexy 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3038::6815:ea94 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sexmutant.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:20ee:9c00:16:f7a3:5c00:21 (United States)

ASN16509 (AMAZON-02, US)

d1anz62hzt62y8.cloudfront.net 4yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse3.mm.bing.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
www.bing.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 158.69.187.60 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip60.ip-158-69-187.net

pictures.hentai-foundry.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 186.2.163.70 (Netherlands)

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

oncam.me 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 5.196.109.56 (Bordeaux, France)

ASN16276 (OVH, FR)
PTR: ip56.ip-5-196-109.eu

www.erotik-telefon1.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 64.88.254.162 (United States)

ASN30361 (SWIFTWILL2, US)

ei.phncdn.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:20ea:3800:1d:4cf9:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.radaronline.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3038::6815:eb16 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.3gpkings.info 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:3035::6815:45a3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thefappeningnew.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
fap.thefappeningnew.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3038::6815:eb7b (United States)

ASN13335 (CLOUDFLARENET, US)

xxxsex.rocks 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:77::159 (United States)

ASN54113 (FASTLY, US)

pbs.twimg.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3038::6815:eb59 (United States)

ASN13335 (CLOUDFLARENET, US)

img7.hotnessrater.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:3032::6815:2d2f (United States)

ASN13335 (CLOUDFLARENET, US)

bobsvagene.club 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f8b0:4006:820::2016 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

i.ytimg.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 5.8.67.38 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

datingtoday.top 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)

i.imgur.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

9 20.119.175.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.microsofttranslator.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f8b0:4006:817::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2607:f8b0:4006:81e::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
9	microsofttranslator.com www.microsofttranslator.com — Cisco Umbrella Rank: 157907 9yr old	45 KB
5	utoronto.ca eve-stg.act.utoronto.ca 8yr old	115 KB
3	datingtoday.top datingtoday.top — Cisco Umbrella Rank: 171973 8yr old	29 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 10yr old fonts.googleapis.com — Cisco Umbrella Rank: 120 9yr old	64 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 4706 13yr old	832 KB
2	thefappeningnew.com 1 redirects thefappeningnew.com 9yr old fap.thefappeningnew.com 6yr old	168 KB
2	qpornx.com 1 redirects qpornx.com — Cisco Umbrella Rank: 655630 10yr old	483 B
2	thefappeningblog.com thefappeningblog.com — Cisco Umbrella Rank: 146022 9yr old	112 KB
1	gstatic.com fonts.gstatic.com 10yr old	16 KB
1	bing.com www.bing.com — Cisco Umbrella Rank: 100 11yr old
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107 10yr old	126 KB
1	bobsvagene.club bobsvagene.club — Cisco Umbrella Rank: 168062 9yr old
1	hotnessrater.com img7.hotnessrater.com 9yr old	548 KB
1	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 675 13yr old	127 KB
1	xxxsex.rocks xxxsex.rocks 7yr old
1	3gpkings.info cdn.3gpkings.info 9yr old	26 KB
1	radaronline.com media.radaronline.com — Cisco Umbrella Rank: 115284 5yr old	140 KB
1	phncdn.com ei.phncdn.com — Cisco Umbrella Rank: 6808 5yr old	21 KB
1	erotik-telefon1.com www.erotik-telefon1.com 8yr old	73 KB
1	oncam.me oncam.me — Cisco Umbrella Rank: 544804 8yr old
1	hentai-foundry.com pictures.hentai-foundry.com — Cisco Umbrella Rank: 246644 9yr old	1 MB
1	bing.net tse3.mm.bing.net — Cisco Umbrella Rank: 13337 9yr old	6 KB
1	cloudfront.net d1anz62hzt62y8.cloudfront.net 4yr old	38 KB
1	sexmutant.com www.sexmutant.com — Cisco Umbrella Rank: 163757 6yr old	25 KB
1	nerdporn.sexy www.nerdporn.sexy 8yr old	80 KB
1	people.com www.people.com — Cisco Umbrella Rank: 83777 11yr old	24 KB
1	meredithcorp.io 1 redirects imagesvc.meredithcorp.io — Cisco Umbrella Rank: 15159 7yr old	360 B
1	yumpu.com img.yumpu.com — Cisco Umbrella Rank: 99244 9yr old	62 KB
1	fappeningbook.com fappeningbook.com — Cisco Umbrella Rank: 272294 7yr old	67 KB
1	wallhere.com get.wallhere.com — Cisco Umbrella Rank: 196976 9yr old
1	pornobolt.cc content.pornobolt.cc — Cisco Umbrella Rank: 660597 4yr old	53 KB
1	nakedebonycelebs.com www.nakedebonycelebs.com 9yr old	90 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3720 10yr old	10 KB
1	blackporno.net www.blackporno.net 8yr old	27 KB
1	aznude.com user-uploads.aznude.com — Cisco Umbrella Rank: 304927 8yr old	56 KB
1	sakhteman.info sakhteman.info 8yr old	70 KB
1	mysnap.pw mysnap.pw — Cisco Umbrella Rank: 564613 6yr old	6 KB
1	leakedblack.com leakedblack.com 9yr old	50 KB
1	pornpics.com cdn.pornpics.com — Cisco Umbrella Rank: 365503 9yr old	214 KB
1	kartavarna.com kartavarna.com — Cisco Umbrella Rank: 868047 7yr old
1	paparaco.me img.paparaco.me 8yr old	39 KB
1	onedragon.win bc.onedragon.win 4yr old	1 KB
1	cutefans.win lp.cutefans.win 4yr old	1000 B
60	43

	Domain	Requested by
9	www.microsofttranslator.com	eve-stg.act.utoronto.ca www.microsofttranslator.com ajax.googleapis.com
5	eve-stg.act.utoronto.ca	eve-stg.act.utoronto.ca
3	datingtoday.top	bc.onedragon.win datingtoday.top
2	i.imgur.com	eve-stg.act.utoronto.ca
2	qpornx.com	1 redirects eve-stg.act.utoronto.ca
2	thefappeningblog.com	eve-stg.act.utoronto.ca
2	ajax.googleapis.com	eve-stg.act.utoronto.ca bc.onedragon.win
1	fonts.gstatic.com	fonts.googleapis.com
1	www.bing.com
1	fonts.googleapis.com	datingtoday.top
1	i.ytimg.com	eve-stg.act.utoronto.ca
1	bobsvagene.club	eve-stg.act.utoronto.ca
1	img7.hotnessrater.com	eve-stg.act.utoronto.ca
1	pbs.twimg.com	eve-stg.act.utoronto.ca
1	xxxsex.rocks	eve-stg.act.utoronto.ca
1	fap.thefappeningnew.com	eve-stg.act.utoronto.ca
1	thefappeningnew.com	1 redirects
1	cdn.3gpkings.info	eve-stg.act.utoronto.ca
1	media.radaronline.com	eve-stg.act.utoronto.ca
1	ei.phncdn.com	eve-stg.act.utoronto.ca
1	www.erotik-telefon1.com	eve-stg.act.utoronto.ca
1	oncam.me	eve-stg.act.utoronto.ca
1	pictures.hentai-foundry.com	eve-stg.act.utoronto.ca
1	tse3.mm.bing.net	eve-stg.act.utoronto.ca
1	d1anz62hzt62y8.cloudfront.net	eve-stg.act.utoronto.ca
1	www.sexmutant.com	eve-stg.act.utoronto.ca
1	www.nerdporn.sexy	eve-stg.act.utoronto.ca
1	www.people.com	eve-stg.act.utoronto.ca
1	imagesvc.meredithcorp.io	1 redirects
1	img.yumpu.com	eve-stg.act.utoronto.ca
1	fappeningbook.com	eve-stg.act.utoronto.ca
1	get.wallhere.com	eve-stg.act.utoronto.ca
1	content.pornobolt.cc	eve-stg.act.utoronto.ca
1	www.nakedebonycelebs.com	eve-stg.act.utoronto.ca
1	i0.wp.com	eve-stg.act.utoronto.ca
1	www.blackporno.net	eve-stg.act.utoronto.ca
1	user-uploads.aznude.com	eve-stg.act.utoronto.ca
1	sakhteman.info	eve-stg.act.utoronto.ca
1	mysnap.pw	eve-stg.act.utoronto.ca
1	leakedblack.com	eve-stg.act.utoronto.ca
1	cdn.pornpics.com	eve-stg.act.utoronto.ca
1	kartavarna.com	eve-stg.act.utoronto.ca
1	img.paparaco.me	eve-stg.act.utoronto.ca
1	bc.onedragon.win	eve-stg.act.utoronto.ca
1	lp.cutefans.win	eve-stg.act.utoronto.ca
60	45

This site contains links to these domains. Also see Links.

Domain
www.bing.com
aka.ms
www.facebook.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3mo	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-06` - `2023-02-05`	1yr	crt.sh
img.paparaco.me R3	`2022-08-05` - `2022-11-03`	3mo	crt.sh
*.pornpics.com R3	`2022-08-29` - `2022-11-27`	3mo	crt.sh
*.mysnap.pw R3	`2022-07-18` - `2022-10-16`	3mo	crt.sh
*.aznude.com ZeroSSL RSA Domain Secure Site CA	`2021-11-27` - `2022-11-27`	1yr	crt.sh
www.blackporno.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-26` - `2023-03-08`	1yr	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	1yr	crt.sh
nakedebonycelebs.com R3	`2022-08-29` - `2022-11-27`	3mo	crt.sh
*.pornobolt.cc E1	`2022-08-01` - `2022-10-30`	3mo	crt.sh
wallhere.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	1yr	crt.sh
yumpu.com Amazon	`2021-11-09` - `2022-12-08`	1yr	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	1yr	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6mo	crt.sh
hentai-foundry.com R3	`2022-07-26` - `2022-10-24`	3mo	crt.sh
oncam.me R3	`2022-09-07` - `2022-12-06`	3mo	crt.sh
erotik-telefon1.com R3	`2022-07-25` - `2022-10-23`	3mo	crt.sh
*.phncdn.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-29` - `2023-01-29`	1yr	crt.sh
media.radaronline.com Amazon	`2022-01-24` - `2023-02-22`	1yr	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	1yr	crt.sh
edgestatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3mo	crt.sh
datingtoday.top R3	`2022-08-10` - `2022-11-08`	3mo	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	1yr	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3mo	crt.sh

This page contains 1 frames:

Primary Page: http://eve-stg.act.utoronto.ca/didys14141.php
Frame ID: 4AF149F155A751E5B8EA3D454336C8A7
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nude pictures of ciara | 💖Ciara Nude & Sexy Collection (105 Photos + Videos)

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

67 %
HTTPS

58 %
IPv6

43
Domains

45
Subdomains

42
IPs

4
Countries

4719 kB
Transfer

4873 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bing.com/translator

Search URL Search Domain Scan URL

URL: https://aka.ms/widget-retirement
Title: Unavailable

Search URL Search Domain Scan URL

URL: https://www.facebook.com/microsofttranslator

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://qpornx.com/xxx/ciara-bravo-fake-nude.jpg HTTP 302
https://qpornx.com/

Request Chain 23

https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F20%2F2015%2F07%2Fraven-symone-1-435.jpg&q=85 HTTP 301
https://www.people.com/thmb/yP_P3hnc6ytoYeYxvHGp_C1MpKo=/435x245/smart/filters:no_upscale():focal(217x0:219x2)/raven-symone-1-435-382024e30d4147148a8e84f925d20b01.jpg

Request Chain 34

http://thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg HTTP 301
https://fap.thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg

Request Chain 49

http://www.bing.com/widget/metrics.js HTTP 307
https://www.bing.com/widget/metrics.js

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request didys14141.php Show response
eve-stg.act.utoronto.ca/ 30 KB
31 KB 80ms
25ms Document
text/html 23.21.131.82
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 23.21.131.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-131-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8afacbd56d95478c4da7080bd00dd37db97e846c1f469a776a777318e7d0b644

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Sep 2022 19:58:20 GMT
Keep-Alive: timeout=65, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 68ms
21ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js?ver=1.7.1

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 21:13:06 GMT

GET
H/1.1 200
OK jquery.lazyload.js Show response
eve-stg.act.utoronto.ca/js/ 9 KB
9 KB 47ms
23ms Script
text/javascript 23.21.131.82
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: http://eve-stg.act.utoronto.ca/js/jquery.lazyload.js
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 23.21.131.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-131-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/didys14141.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Sun, 14 Aug 2022 12:31:26 GMT
Server: Apache
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=65, max=100
Content-Length: 9164

GET
H/1.1 200
OK style.css
eve-stg.act.utoronto.ca/ 4 KB
4 KB 42ms
24ms Stylesheet
text/css 23.21.131.82
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: http://eve-stg.act.utoronto.ca/style.css
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 23.21.131.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-131-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: cd8e58bd1179ba979a1d4bcbcb66d9b901b17c7e33d9bab5f5f78a1cc753d9a9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/didys14141.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Sun, 14 Aug 2022 12:31:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=65, max=99
Content-Length: 3887

GET
H2 200 popunder.js Show response
lp.cutefans.win/js/ 812 B
1000 B 69ms
25ms Script
application/javascript 2606:4700:3038::6815:eae4
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://lp.cutefans.win/js/popunder.js
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eae4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 12:38:48 GMT
server: cloudflare
age: 382
etag: W/"60a506d8-32c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLsEiEaXJbUTy4UQ2zUClyQEKgNwcVME93GIAVWCljvwX4aK2UNF%2FtW5mYRDmce7O2eiV3e35%2FPr3XVIG%2FF9WhHccOGzyQrJ%2BPH2SX4gEXCLi9RvM0xy%2BqPOcN9SksZAE3B%2BfM%2F7go2tq%2BD4lP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 748abce058e44bd7-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK pops Show response
bc.onedragon.win/ 192 B
1 KB 262ms
237ms Script
application/javascript 2606:4700:3033::ac43:bbee
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: http://bc.onedragon.win/pops
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:bbee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdfb2a0e7375152c4a4f339300f8c4ce4eb8122853b9a4a36a1e2d6675517f4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 19:58:20 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfUNDa9ffSD6UAIzwLln2fS%2BtTowlVuSlFzqH0547RLGaElK%2FQeRDGg2Sy%2BR1xvSfftqF7wAHKsP%2BnOgY5DyMUiaruFee7XeG9gRChy%2FP5Rm8%2FPRy6EeQJdeQ0pMkQGPwORK5sq1l2OvxWtko%2FYU"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 748abce03fdaecf2-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: 0

GET
H/1.1 200
OK de_tik_tok_4.jpg
eve-stg.act.utoronto.ca/wp-content/ 67 KB
68 KB 24ms
24ms Image
image/jpeg 23.21.131.82
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: http://eve-stg.act.utoronto.ca/wp-content/de_tik_tok_4.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 23.21.131.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-131-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 95f77207ea00cb767ab70ff6093080035dca3fb7c2d5a73bd5efd9f53fd362b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/didys14141.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Fri, 13 Aug 2021 20:29:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=65, max=99
Content-Length: 68964

GET
H/1.1 200
OK play.png
eve-stg.act.utoronto.ca/ 3 KB
3 KB 24ms
24ms Image
image/png 23.21.131.82
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: http://eve-stg.act.utoronto.ca/play.png
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 23.21.131.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-131-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5367c792e8ace11cabf1a6f0ae3377aeaa99569a080a7baca55f0190c604453c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/didys14141.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Thu, 28 Jul 2022 20:14:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=65, max=98
Content-Length: 3298

GET
H/1.1 200
OK Ciara-Nude-Posing-In-Very-Sexy-Outfit-825x510.jpg
img.paparaco.me/2016/08/ 38 KB
39 KB 55ms
23ms Image
image/jpeg 144.217.171.236
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://img.paparaco.me/2016/08/Ciara-Nude-Posing-In-Very-Sexy-Outfit-825x510.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 144.217.171.236 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip236.ip-144-217-171.net
Software: nginx /
Resource Hash: bc9719878942b323754429145649dced5f97a6220f0f901c5b80f5bb1901fdf0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: public
Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Mon, 22 Jan 2018 23:26:04 GMT
Server: nginx
ETag: "5a66730c-9958"
Content-Type: image/jpeg
Cache-Control: max-age=28944000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39256
Expires: Fri, 11 Aug 2023 19:58:20 GMT

GET
H2 403 singer-ciara-naked-2.jpg
kartavarna.com/c1/img/ 0
0 70ms
27ms Image
text/html 2606:4700:3035::6815:5bd7
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://kartavarna.com/c1/img/singer-ciara-naked-2.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 ciara-nude-sexy-collection-18-thefappeningblog.com_.jpg
thefappeningblog.com/wp-content/uploads/2021/10/ 100 KB
101 KB 459ms
206ms Image
image/jpeg 2606:4700:20::681a:552
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://thefappeningblog.com/wp-content/uploads/2021/10/ciara-nude-sexy-collection-18-thefappeningblog.com_.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4666595cec32f92b14847594931db28ea91b72f1772eef8f575ce00205d2d73

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Oct 2021 22:11:50 GMT
server: cloudflare
etag: "616df126-1a576"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6aOirFN2bGAojiWm28B2YTAGtCoGQVSwGuiJnNPPoA1RDhneTfdZZyFOVTzwyPYbn2oAovD1p%2B%2FQmXasM2ujQPDH9wAtczIst4YvouLYhvEzglHV0QW3QBQnR9OKlsH%2BmzaazK3TxBIYE8tS5fY8l2G"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 748abce34992714a-YUL
content-length: 102637
cf-polished: origSize=107894
cf-bgj: imgq:100,h2pri

GET
H3

200

/
qpornx.com/
Redirect Chain

https://qpornx.com/xxx/ciara-bravo-fake-nude.jpg
https://qpornx.com/

0
0

360ms
339ms

Image
text/html

2606:4700:3031::ac43:9080
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://qpornx.com/
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H3
Server: 2606:4700:3031::ac43:9080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date: Sat, 10 Sep 2022 19:58:21 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UPJOXhBs%2F24lbJjBjf%2BqquQJGGWlhKk%2B%2FHW9hSSOyaC9cKP7k%2FPLdXAFRNDkeuR369nLU3dHzVZSPQ6QUtf%2BrpI3DL1XnHCu15yAJh0H%2Bo4qVGUYSBeXjanSPgcnLoBwcZCvUJ96y1m"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://qpornx.com
cache-control: no-cache, private
cf-ray: 748abce4fe0e713c-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 287658_06big.jpg
cdn.pornpics.com/pics/2017-12-05/ 213 KB
214 KB 880ms
79ms Image
image/jpeg 64.88.254.166
SWIFTWILL2

General

Check archive.org

Download Go to Show image

Full URL

https://cdn.pornpics.com/pics/2017-12-05/287658_06big.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.88.254.166 , United States, ASN30361 (SWIFTWILL2, US),

Reverse DNS

Software

Resource Hash

52b5e06f464ef37d265e0dc8b93a941b049a5d1eb9722b97929ac963a8b4b46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
last-modified: Wed, 12 May 2021 20:47:51 GMT
etag: "19c9c0d77-352ba-5c2281fc46bc0"
strict-transport-security: max-age=63072000
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
cache-control: max-age=2592000
x-cdn-diag: jfk4-2049-2-37450-m-0-0-200-0.060--;2092-18-52055----0-0-62
accept-ranges: bytes
access-control-allow-headers: *
content-length: 217786
expires: Fri, 11 Nov 2022 19:25:18 GMT

GET
H2 200 Ciara-LeakedBlack-1-768x1051.jpg
leakedblack.com/wp-content/uploads/2018/01/ 50 KB
50 KB 66ms
20ms Image
image/webp 2606:4700:3033::ac43:8174
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://leakedblack.com/wp-content/uploads/2018/01/Ciara-LeakedBlack-1-768x1051.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:8174 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

d8fd279195d2de40b54236776223771dbc22edb848aabbccfefdabc451b9501d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25710
x-powered-by: WordOps
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50860
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Jan 2021 21:01:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "600202b5-c6ac"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xjfoEb3gcq1tCpugWt8DBzpljiPH06djSCm3GQEhw2B870vDHeqffy5SmJD%2BiEggDUu1qdbrt7RxuxEU%2BfCdxISREu2c%2F3Q35YjCgN7oyqSPRb2C%2B7OEVqKhPHgv6qCZ0HLVEjqaDr%2BxXcba9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 748abce69a5b7136-YUL
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 (MyPornSnap.top)_daniella-perkins-nude-leaked-fappening-photos-1-640x1024.jpg
mysnap.pw/picture/preview/nUE0pUZ6Yl9cM_90MzSeMKZhL_9gY3qjYJAioaEyoaDiqKOfo_Sxpl8lZQR5YmN5Y0EuozyyoTkuYIOypzgcoaZgGaIxMF1ZMJSeMJDgEzSjpTIhnJ5aYIObo3Eipl0kYGL0ZUtkZQV0YzcjMlxeXPuArIOipz5GozSjYaEipPy... 6 KB
6 KB 231ms
68ms Image
image/jpeg 104.167.223.226
DEDIOUTLET-NETWORKS

General

Check archive.org

Download Go to Show image

Full URL

https://mysnap.pw/picture/preview/nUE0pUZ6Yl9cM_90MzSeMKZhL_9gY3qjYJAioaEyoaDiqKOfo_Sxpl8lZQR5YmN5Y0EuozyyoTkuYIOypzgcoaZgGaIxMF1ZMJSeMJDgEzSjpTIhnJ5aYIObo3Eipl0kYGL0ZUtkZQV0YzcjMlxeXPuArIOipz5GozSjYaEipPysMTShnJIfoTRgpTIln_yhpl1hqJEyYJkyLJgyMP1zLKOjMJ5cozpgpTuiqT9mYGRgAwDjrQRjZwDhnaOa/(MyPornSnap.top)_daniella-perkins-nude-leaked-fappening-photos-1-640x1024.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.167.223.226 North Kansas City, United States, ASN399045 (DEDIOUTLET-NETWORKS, US),

Reverse DNS

mature.raftmodkit.com

Software

nginx /

Resource Hash

36a21af2c78da915fa35038c0a6789b37523d2fbf913224229484bf4e5f333bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Sep 2022 19:58:21 GMT
server: nginx
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=8640000
strict-transport-security: max-age=63072000; includeSubdomains; preload
accept-ranges: bytes
content-length: 6053
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 19:58:21 GMT

GET
H2 200 989f8dfe67800a03989b3292ddcd0680.jpg
sakhteman.info/imgs/ 69 KB
70 KB 934ms
881ms Image
image/jpeg 2606:4700:3033::6815:1d2a
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://sakhteman.info/imgs/989f8dfe67800a03989b3292ddcd0680.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1d2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash: 5481357c6e53c15525e9f8939baac3ba306a38b3534928a5cff2f18153130dd2

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
cf-cache-status: MISS
last-modified: Sat, 10 Sep 2022 19:58:21 GMT
server: cloudflare
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcbcsORJKE2KUJvaxZhDIIaPsVpHW6CcDVdv9XIfFP2Rew3rlG%2FBcykorV6Ll6%2B6kCP5eDlu2G403Wz4uIiC5yQQP%2FcydyShwKdwH6uDX8cGO6xz0RV5%2FXQfw%2Fsm3vTiaZFEOVMgP9YDCa7Eww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 748abce6af16ca5f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ciara-price-nude-patreon-photos-17-The-Fappening-Blog-31.jpg
user-uploads.aznude.com/data/azncdn/ciaraprice/MNUWC4TBFVYHE2LDMUWW45LEMUWTGNRNOBUG65DPOM======/ 56 KB
56 KB 406ms
325ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Download Go to Show image

Full URL: https://user-uploads.aznude.com/data/azncdn/ciaraprice/MNUWC4TBFVYHE2LDMUWW45LEMUWTGNRNOBUG65DPOM======/ciara-price-nude-patreon-photos-17-The-Fappening-Blog-31.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head3) /
Resource Hash: 2b15229efc37185ac17fd00930d75cc550c9f0d1a0d7378f458bacdbdc7a9a0f

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
last-modified: Fri, 19 Feb 2021 01:23:11 GMT
server: WasabiS3/7.7.900-2022-08-19-6bff245bcf (head3)
x-amz-request-id: 7B76FE7310F23673
etag: "16499ad06fb930183cf4325b1ab37bee"
x-hw: 1662839901.cds012.dc2.hn,1662839901.cds084.dc2.sc,1662839901.dop110.sj3.r,1662839901.cds202.sj3.c,1662839901.cds084.dc2.p
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 57381
x-amz-id-2: HzaGzl3VPXXoixFgsTqeqUsX1x6eZT4l+vzamhXTEm8rYnfB0IUhXG+K9/LeP1+jyavUMmhlXdpi

GET
H/1.1 200
OK ciara-trez-nude.jpg
www.blackporno.net/wp-content/uploads/2011/01/ 26 KB
27 KB 291ms
58ms Image
image/jpeg 207.36.22.4
AFFINITY-FTL

General

Check archive.org

Download Go to Show image

Full URL

https://www.blackporno.net/wp-content/uploads/2011/01/ciara-trez-nude.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.36.22.4 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /

Resource Hash

c4a37c24a61671b1817e49fe53711353aa8eb9b4725edcc1b7d3263fac6e9e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
Referrer-Policy: strict-origin
Last-Modified: Fri, 14 Jan 2011 21:28:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
ETag: "68bd-499d51ee12d00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26813
X-XSS-Protection: 1; mode=block

GET
H2 200 Courteney-Cox-nude-nip-slip-and-sex-Blue-Desert-1991-12.jpg
i0.wp.com/www.zorg.video/wp-content/uploads/2019/12/ 10 KB
10 KB 480ms
438ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://i0.wp.com/www.zorg.video/wp-content/uploads/2019/12/Courteney-Cox-nude-nip-slip-and-sex-Blue-Desert-1991-12.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6c950917ba5c601b62533b39a2fa49381d50226c902c4d27b70735e16dbc58fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-nc: MISS yyz 1
date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Sep 2022 19:58:21 GMT
server: nginx
etag: "5473e8df9bb53264"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://www.zorg.video/wp-content/uploads/2019/12/Courteney-Cox-nude-nip-slip-and-sex-Blue-Desert-1991-12.jpg>; rel="canonical"
content-length: 9824
expires: Tue, 10 Sep 2024 07:58:21 GMT

GET
H2 200 madison-mckinley-hot-chick-celebrity-tv-show-breasts-movie-hot-bed-tv-shows-4-640.jpg
www.nakedebonycelebs.com/g/1480385221-madison-mckinley-hot-chick-celebrity-tv-show-breasts-movie-hot-bed-tv-shows/ 90 KB
90 KB 132ms
52ms Image
image/jpeg 158.69.115.197
OVH

General

Check archive.org

Download Go to Show image

Full URL

https://www.nakedebonycelebs.com/g/1480385221-madison-mckinley-hot-chick-celebrity-tv-show-breasts-movie-hot-bed-tv-shows/madison-mckinley-hot-chick-celebrity-tv-show-breasts-movie-hot-bed-tv-shows-4-640.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

158.69.115.197 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

mail.nakedebonycelebs.com

Software

nginx / PleskLin

Resource Hash

2cdbe637d949daa632e2f35d8fb17157f91263461f0a5ca3f81b8c7b00b00060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
last-modified: Wed, 30 Nov 2016 00:29:38 GMT
server: nginx
x-powered-by: PleskLin
etag: "583e1d72-1662e"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 91694

GET
H2 200 huge-suchka-po-neskolko-raz-strujno-konchaet-ot-ebli-so-svoim-drugom.jpg
content.pornobolt.cc/pornobolt-kartinki/ 52 KB
53 KB 68ms
20ms Image
image/jpeg 2606:4700:20::ac43:4bef
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://content.pornobolt.cc/pornobolt-kartinki/huge-suchka-po-neskolko-raz-strujno-konchaet-ot-ebli-so-svoim-drugom.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4bef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158cc29fdccae927039bca9d07dddee6163552183e58418cad8f32b215047939

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51199
cf-polished: origSize=56734, status=webp_bigger
vary: Accept-Encoding
content-length: 53407
timing-allow-origin: *
last-modified: Sat, 25 Sep 2021 08:01:51 GMT
server: cloudflare
etag: "614ed76f-dd9e"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omCAuCwimIKnKakQobNGU92wOnAAD%2FitwnUn8s0vbB1sn40JhWKER%2FqWI0tnjKi4%2F2OU3wWF1kZiFVcaqsTxt8j8o0RYsbKdLJ0MtTZlnE%2FbZrIwuo9QDekB8hWrMgleKZuKMFOtNlLuD%2FD8YKqI6EKv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 10 Sep 2023 05:45:02 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 748abce6a8a84bb9-YUL
cf-bgj: imgq:100,h2pri

GET
H2 503 women-model-green-skinny-fashion-Eva-Andressa-Vieira-beauty-photograph-image-photo-shoot-333909.jpg
get.wallhere.com/photo/ 0
0 65ms
26ms Image
text/html 2606:4700:20::ac43:4408
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://get.wallhere.com/photo/women-model-green-skinny-fashion-Eva-Andressa-Vieira-beauty-photograph-image-photo-shoot-333909.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 11.jpg
fappeningbook.com/photos/s/a/salli-richardson-whitfield/1000/ 67 KB
67 KB 530ms
489ms Image
image/jpeg 2606:4700:3035::6815:101e
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://fappeningbook.com/photos/s/a/salli-richardson-whitfield/1000/11.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:101e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1d3a048162c5f189106bd101bc2919d5c191141aa06aa96271f0973f38550e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2019 18:46:33 GMT
server: cloudflare
etag: "5c8aa189-10ae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2fEoKS%2FSbZ6sEU%2FmKJltuL7Txzp6xhq6WgGZcYOYSTar77ZdkmHMX%2BmbgV30aQgRPH6%2BdPJKcNW7aCJFjylT8rn2pzCcmMy8eXJKWM10df%2F5ffxJMp7iPHW0gIXIutxoLU%2BBFITXN%2BMrdvy9UR8%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 748abce70c957150-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68327
expires: Sat, 17 Sep 2022 19:58:21 GMT

GET
H2 200 bilten-br-1-zamisli-srbiju-forum-nvo-kraljevo.jpg
img.yumpu.com/5385810/1/500x640/ 61 KB
62 KB 738ms
623ms Image
image/jpeg 2600:9000:20ea:8000:1d:c2dd:3c80:93a1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://img.yumpu.com/5385810/1/500x640/bilten-br-1-zamisli-srbiju-forum-nvo-kraljevo.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ea:8000:1d:c2dd:3c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.54 () PHP/7.4.30 / PHP/7.4.30
Resource Hash: a8d24f08edc9dffc226afe11d6ced2cdc2987c09537b564bda9c81d9ff67e99b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
via: 1.1 7cbeba72688c67adb3ad90a78c151742.cloudfront.net (CloudFront)
server: Apache/2.4.54 () PHP/7.4.30
x-amz-cf-pop: BOS50-C1
x-powered-by: PHP/7.4.30
x-yumpu-re-server: 172.30.0.52
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Yumpu-RE-Rendering, X-Yumpu-RE-PDFDownload, X-Yumpu-RE-Server, X-Yumpu-RE-Error
cache-control: max-age=31536000, public
x-yumpu-re-rendering: 0.34397983551025
x-cache: Miss from cloudfront
x-yumpu-re-pdfdownload: 0.0868821144104s
content-length: 62403
x-amz-cf-id: yZClvhvIVAe_Pe56dJS7ukP3Z5Hgq-ND0GwHj_ctaOL2khNOw94V4w==

GET
H2

200

raven-symone-1-435-382024e30d4147148a8e84f925d20b01.jpg
www.people.com/thmb/yP_P3hnc6ytoYeYxvHGp_C1MpKo=/435x245/smart/filters:no_upscale():focal(217x0:219x2)/
Redirect Chain

https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2Fsites%2F20%2F2015%2F07%2Fraven-symone-1-435.jpg&q=85
https://www.people.com/thmb/yP_P3hnc6ytoYeYxvHGp_C1MpKo=/435x245/smart/filters:no_upscale():focal(217x0:219x2)/raven-symone-1-435-382024e30d4147148a8e84f925d20b01.jpg

24 KB
24 KB

289ms
29ms

Image
image/jpeg

151.101.2.137
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://www.people.com/thmb/yP_P3hnc6ytoYeYxvHGp_C1MpKo=/435x245/smart/filters:no_upscale():focal(217x0:219x2)/raven-symone-1-435-382024e30d4147148a8e84f925d20b01.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 034cab5b4abc8a97ddfe70a181df1440b5d2fd9981ae6e7ebd170c6152113444

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age: 1458520
x-cache: HIT, MISS
content-length: 24175
x-served-by: cache-iad-kiad7000099-IAD, cache-yul12823-YUL
last-modified: Fri, 05 Aug 2022 17:16:43 GMT
server: AmazonS3
x-timer: S1662839902.767444,VS0,VE17
etag: "abc6aa13d709ea3da24c7e1f67d8a6f0"
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7815/re.p"}]}
content-type: image/jpeg
cache-control: max-age=31536000,public,no-transform
accept-ranges: bytes
x-cache-hits: 1, 0

Redirect headers

date: Sat, 10 Sep 2022 19:58:21 GMT
via: 1.1 5d80a787e1ebac16d38abe8be03294f8.cloudfront.net (CloudFront)
server: nginx/1.18.0
x-amz-cf-pop: BOS50-C3
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://www.people.com/thmb/yP_P3hnc6ytoYeYxvHGp_C1MpKo=/435x245/smart/filters:no_upscale():focal(217x0:219x2)/raven-symone-1-435-382024e30d4147148a8e84f925d20b01.jpg
content-length: 200
x-amz-cf-id: wH9jRpgNtQ_evW86kz34NBpHd_3W744cN4504kkCzoDOQdc1F1n1QQ==

GET
H/1.1 200
OK 1558847-Abby_Sciuto-NCIS.jpg
www.nerdporn.sexy/wp-content/uploads/2015/07/ 80 KB
80 KB 88ms
26ms Image
image/jpeg 64.111.107.130
DREAMHOST-AS

General

Check archive.org

Download Go to Show image

Full URL: http://www.nerdporn.sexy/wp-content/uploads/2015/07/1558847-Abby_Sciuto-NCIS.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 64.111.107.130 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps456388.dreamhostps.com
Software: Apache /
Resource Hash: a509314d2fb2cf5549c65f00cedd024bde23e9492eca016b18433d2a7fc4df07

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
Last-Modified: Wed, 29 Jul 2015 09:37:26 GMT
Server: Apache
ETag: "1405f-51c0055a4e180"
Vary: User-Agent
Upgrade: h2
Cache-Control: max-age=2592000
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=100
Content-Length: 82015
Expires: Mon, 10 Oct 2022 19:58:21 GMT

GET
H2 200 katherine-langford-sex.jpg
www.sexmutant.com/preview/ 25 KB
25 KB 544ms
499ms Image
image/jpeg 2606:4700:3038::6815:ea94
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://www.sexmutant.com/preview/katherine-langford-sex.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d186d57e0da83d3bc9c4cb0ceb2be8e700f4c9b7a6125214bfe56fca2ca6099b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-status: 0.000 HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25312
x-response-time: 0.069709
last-modified: Wed, 12 Feb 2020 10:30:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JWXzv6dwRAKExHJs8xvyi4NSzxsDpiXsdrN1AHyNOFBScQqWRXH5eEZ0mmPoTbwruTTZ4Q9k%2FLPQOqUypolJqsJExL%2BUQOIpl0P1Kwv4BTs6qGzn88PNC%2Bx%2BFIPUIZ7EsTOmZc796xDrqj2Ji5tOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2567595
accept-ranges: bytes
cf-ray: 748abce8ca927151-YUL
expires: Mon, 10 Oct 2022 13:11:37 GMT

GET
H2 200 DD171-B5E6-7777-4A0E-5E6AFBCD003F.
d1anz62hzt62y8.cloudfront.net/Images/A/A/7/ 38 KB
38 KB 519ms
454ms Image
application/octet-stream 2600:9000:20ee:9c00:16:f7a3:5c00:21
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d1anz62hzt62y8.cloudfront.net/Images/A/A/7/DD171-B5E6-7777-4A0E-5E6AFBCD003F.
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ee:9c00:16:f7a3:5c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edd3b91bc3107e293b95a0cbed990c7504fe122d1fab3780364633200b2f2cf9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
via: 1.1 ccdc2cb8c734c74253319f82902e2290.cloudfront.net (CloudFront)
last-modified: Sun, 21 Oct 2018 19:04:08 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C2
etag: "190112806799342d11c74671b37482d0"
x-cache: Miss from cloudfront
x-amz-version-id: IraTAEJsEQL.kvXVMmfl.fj1.HFt3xnj
accept-ranges: bytes
content-type: application/octet-stream
content-length: 38447
x-amz-cf-id: _wEQlH9V09_RPbjae8wIahaoT9Tlfg_ge5Atlmdx92ZLH1l7HsF8Fw==

GET
H2 200 th
tse3.mm.bing.net/ 5 KB
6 KB 364ms
71ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://tse3.mm.bing.net/th?id=OIP.96JiT0Xw1QljlYAswx07BgEgDY&pid=15.1
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c10907fab278aa8ad42bdbc1014518df89cce1684f151a3285e6fae19e9328d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1703C3FC99CA46F8ADF9C1E4D59115B2 Ref B: YTO01EDGE0511 Ref C: 2022-09-10T19:58:21Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=1209600
x-cache: TCP_MISS
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5433

GET
H2 200 Sparrow-608708-If_bedrooms_rockin_please_do_come_a-knockin.jpg
pictures.hentai-foundry.com/s/Sparrow/608708/ 1 MB
1 MB 281ms
10ms Image
image/jpeg 158.69.187.60
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://pictures.hentai-foundry.com/s/Sparrow/608708/Sparrow-608708-If_bedrooms_rockin_please_do_come_a-knockin.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.187.60 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip60.ip-158-69-187.net
Software: nginx/1.20.2 /
Resource Hash: 8e612f7438e157e8499357690c5244ac71ba191164a6bd911a465126694f6d1c

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
last-modified: Mon, 25 Jun 2018 17:29:44 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5b312688-1537c2"
content-length: 1390530
content-type: image/jpeg

GET
H2 404 player.jpg
oncam.me/media/videos/tmb/000/009/322/ 0
0 164ms
106ms Image
text/html 186.2.163.70
DDOS-GUARD CORP.

General

Check archive.org

Download Go to Show image

Full URL: https://oncam.me/media/videos/tmb/000/009/322/player.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 186.2.163.70 , Netherlands, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 dicke-weiber-telefonerotik.jpg
www.erotik-telefon1.com/wp-content/uploads/ 73 KB
73 KB 795ms
194ms Image
image/jpeg 5.196.109.56
OVH

General

Check archive.org

Download Go to Show image

Full URL: https://www.erotik-telefon1.com/wp-content/uploads/dicke-weiber-telefonerotik.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.109.56 Bordeaux, France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-5-196-109.eu
Software: nginx /
Resource Hash: 16bd5d51e5d6c11261df01a0d4f6b00a31c023e5edf1bd6417e8410819cff956

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
last-modified: Mon, 31 May 2021 19:25:04 GMT
server: nginx
etag: "60b53810-123e4"
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 74724

GET
H2 200 (m=eGNdHgaaaa)(mh=0GxxLpnnalLCBBcM)6.jpg
ei.phncdn.com/videos/202110/25/396924631/original/ 21 KB
21 KB 664ms
18ms Image
image/jpeg 64.88.254.162
SWIFTWILL2

General

Check archive.org

Download Go to Show image

Full URL: https://ei.phncdn.com/videos/202110/25/396924631/original/(m=eGNdHgaaaa)(mh=0GxxLpnnalLCBBcM)6.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 64.88.254.162 , United States, ASN30361 (SWIFTWILL2, US),
Reverse DNS
Software: /
Resource Hash: c400c357dbd7097b89c378c276e9ff4a10bc416f55b81c051f960e06792fcbd9

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
last-modified: Mon, 25 Oct 2021 03:12:21 GMT
etag: "13a345431-4bf78-5cf24baa98f40"
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=10274909
x-cdn-diag: jfk4-2050-2-41431-h-0-0---;2092-18-52055----0-0-0
timing-allow-origin: *
content-length: 21530
expires: Mon, 21 Feb 2022 06:11:08 GMT

GET
H2 200 feature-2.jpg
media.radaronline.com/brand-img/CG9fVyC22/0x0/2019/01/ 139 KB
140 KB 136ms
41ms Image
image/webp 2600:9000:20ea:3800:1d:4cf9:b180:93a1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://media.radaronline.com/brand-img/CG9fVyC22/0x0/2019/01/feature-2.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ea:3800:1d:4cf9:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 533fe431d7e42030a5ddbb89bc6457b1ed0237cecc86d91e9cf10a163f3b387b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 10:23:56 GMT
via: 1.1 4b0dd366e44414a4e7e6ed6970080d58.cloudfront.net (CloudFront), 1.1 450997492b27c3075eae0b294c536b04.cloudfront.net (CloudFront)
age: 552866
x-amzn-requestid: ff697c05-f840-4e41-9ee3-6047be2ef09c
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amzn-trace-id: Root=1-63147cbc-310e91040041a74e45ae8852;Sampled=0
x-amz-cf-pop: IAD89-P2, BOS50-C1
x-amz-apigw-id: X7htdGkwIAMF4mg=
content-length: 142358
x-amz-cf-id: T7AZOcPPMuyf8JQ2zia4KXDBWSjEw3SYZ1qZHcxA8SjIec2B1zwF1g==

GET
H2 200 6090f5757c75896caf2091eb54fb7875.jpg
cdn.3gpkings.info/content/60/90/f5/ 25 KB
26 KB 107ms
62ms Image
image/jpeg 2606:4700:3038::6815:eb16
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://cdn.3gpkings.info/content/60/90/f5/6090f5757c75896caf2091eb54fb7875.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df90dc08eee34a5f302a7178a1b123bffcdd5160b89388724559b70af210fcca

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
x-openstack-request-id: txb2ca14b6fdd64c23bcf74-005e648919
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txb2ca14b6fdd64c23bcf74-005e648919
x-timestamp: 1581184084.32031
accept-ranges: bytes
expires: Mon, 12 Sep 2022 19:58:21 GMT
last-modified: Sat, 08 Feb 2020 17:48:05 GMT
server: cloudflare
etag: 537a6d4b53c6156cde38dc36c353a4f0
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXU8tevic8DQ20j9fWTfd9CF6p8ccI7tYHIXC9Tr5ptfJ5JlF8iwlrqSH%2BK5gXmxFL9u9oVm9DFrGGrXGWfDOEC0rE952KWyi1u2TylKdwo5%2BxIocybvTMdxS8H09Bj4gAAuZnBSE4sLv47gTo3sbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-object-meta-mtime: 1581184081.967605
access-control-allow-origin: *
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=31536000
content-length: 25166
cf-ray: 748abceb2ac27133-YUL
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key
x-proxy-cache: HIT

GET
H2

200

Dua-Lipa-_thefappeningnew_com-1.jpg
fap.thefappeningnew.com/wp-content/uploads/2020/04/
Redirect Chain

http://thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg
https://fap.thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg

166 KB
167 KB

480ms
432ms

Image
image/jpeg

2606:4700:3035::6815:45a3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://fap.thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Server

2606:4700:3035::6815:45a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68dfb570b5ebe76bbc648ee9ae2e900c86fdc771fb899930afca8acca5cad3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 170307
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Apr 2020 14:25:31 GMT
server: cloudflare
etag: "5ea6eb5b-29943"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SDdqxSZyXoTNUaFEiEHtVkubKB51wSr3%2FNoB%2BfWYJYnLdC8mUMV1sck1MAY3AOjcp35UphPaKvhd9Shl0kCN8T6GUySHmQjH5XspiT0QSJ9IGQzwneEzBLN1U2pD7Ug27wZTIBJrVk1S%2Bv0i9cMRFWqhRyU7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 748abced39c47142-YUL
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeKRUPCKybdHmbRAiiDL0pW8FTZubULS5V0s6M9mVFxR82hH4tXmptR1qZImRm4maVhBhzPBWXFR5jVgPIVeLfWJt9wFAQt1mDnelz1mNEePU9iO8LNUufngeC05og36%2FmlO3KAx0r8OkMS4h6VjkzkK"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Location: https://fap.thefappeningnew.com/wp-content/uploads/2020/04/Dua-Lipa-_thefappeningnew_com-1.jpg
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 748abcebb8ac7154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 520 68113159_ava-addams-jade-nile-and-darcie-dolce-at-mommys-girl-5.jpg
xxxsex.rocks/images/2ba/0c5/ 0
0 449ms
407ms Image
text/html 2606:4700:3038::6815:eb7b
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://xxxsex.rocks/images/2ba/0c5/68113159_ava-addams-jade-nile-and-darcie-dolce-at-mommys-girl-5.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 El-4Z3aVgAIEP1k.jpg
pbs.twimg.com/media/ 126 KB
127 KB 99ms
38ms Image
image/jpeg 2a04:4e42:77::159
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://pbs.twimg.com/media/El-4Z3aVgAIEP1k.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f597c3f3d09bf5b0caf214fd27893ae1937ab773a4ee4ca992b48a2952172186

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
last-modified: Wed, 04 Nov 2020 13:23:02 GMT
date: Sat, 10 Sep 2022 19:58:22 GMT
x-tw-cdn: FT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-cache: HIT, MISS
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
content-length: 129223
x-served-by: cache-fty21346-FTY, cache-iad-kiad7000140-IAD, cache-tw-ZZZ1

GET
H2 200 537221-c2bcd7bd619a7824b8717dcd5d6e0d2a.jpg
thefappeningblog.com/forum/data/attachments/537/ 11 KB
11 KB 113ms
111ms Image
image/jpeg 2606:4700:20::681a:552
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://thefappeningblog.com/forum/data/attachments/537/537221-c2bcd7bd619a7824b8717dcd5d6e0d2a.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683918a0c51024d14c582f81593c97c026bc2431a78dedb3eb2548de44f31be1

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
cf-cache-status: MISS
last-modified: Sun, 14 Apr 2019 23:42:09 GMT
server: cloudflare
etag: "5cb3c551-2c58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIJx%2BdIhL%2B1xQ1XacZ43BSUpD8RB1BqCJ9fXCgxYylT4UPDsl8nigNlCiyjR2nrSlx51hVgu1tPy7Y2VPxUzy4inX6EIdSCtXtexDtdfEezHKFv8gBPfPTtimDr%2F%2BE8oq42LKfAnq7Pao1DH%2B0RIXo%2FZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 748abce65e63714a-YUL
content-length: 11352

GET
H2 200 olesya-rulin-nude.jpg
img7.hotnessrater.com/530166/ 547 KB
548 KB 273ms
231ms Image
image/jpeg 2606:4700:3038::6815:eb59
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://img7.hotnessrater.com/530166/olesya-rulin-nude.jpg?w=4000&h=6000
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68fee7cbe623cb81fa37da56b4b026bc69f6960f44f661bb7470ee03840c00cc

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
x-aspnetmvc-version: 5.2
last-modified: Sat, 10 Sep 2022 19:58:22 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: *, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rrr1u%2FSNk%2BLjFxRkod4XAzQqCrjcWtutNUq46NjTYUbRjR4eY%2FngyqtXwIQjkoX5cxeWs3t0tQB6Ef7cKcH6R0mDmXqrtYOwztgXNt9Qpv3u5UP7rNU%2BoikNS7cRY1d3hTC6wVZtU7jSn4quxC5qMHv7RI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-cache-status: MISS
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 748abcec3b94ece6-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 10 Sep 2022 20:03:22 GMT

GET
H2 403 lady_tsunade_naked-1342.jpg
bobsvagene.club/wp-content/uploads/2021/09/ 0
0 423ms
155ms Image
text/html 2606:4700:3032::6815:2d2f
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://bobsvagene.club/wp-content/uploads/2021/09/lady_tsunade_naked-1342.jpg
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2d2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/vA62jMmneoE/ 125 KB
126 KB 223ms
167ms Image
image/jpeg 2607:f8b0:4006:820::2016
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://i.ytimg.com/vi/vA62jMmneoE/maxresdefault.jpg

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2016 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266239800dacccc01524057f2d432dfc8714f1dddb487e800f0d9f1d314db403

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128466
x-xss-protection: 0
server: sffe
etag: "1522475781"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 10 Sep 2022 21:58:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 41ms
40ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: bc.onedragon.win
URL: http://bc.onedragon.win/pops

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://eve-stg.act.utoronto.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 08 Sep 2022 18:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Sep 2023 18:04:24 GMT

GET
H/1.1 200
OK p.js Show response
datingtoday.top/js/push/ 19 KB
19 KB 734ms
389ms Script
application/javascript 5.8.67.38
FASTCONTENT

General

Check archive.org

Download Go to

Full URL: https://datingtoday.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Requested by: Host: bc.onedragon.win
URL: http://bc.onedragon.win/pops
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.67.38 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379

Request headers

Referer: http://eve-stg.act.utoronto.ca/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 10 Sep 2022 19:58:20 GMT
Last-Modified: Sun, 12 Jul 2020 15:13:32 GMT
Server: nginx
ETag: "5f0b289c-4a20"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18976

GET
H/1.1 200
OK style.css
datingtoday.top/js/push/ 7 KB
7 KB 130ms
130ms Stylesheet
text/css 5.8.67.38
FASTCONTENT

General

Check archive.org

Download Go to

Full URL: https://datingtoday.top/js/push/style.css
Requested by: Host: datingtoday.top
URL: https://datingtoday.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.67.38 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
Last-Modified: Sun, 20 Dec 2020 20:01:56 GMT
Server: nginx
ETag: "5fdfadb4-1b84"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7044

GET
H2 200 vPU6ACq.gif
i.imgur.com/ 248 KB
249 KB 107ms
48ms Image
image/gif 146.75.36.193
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://i.imgur.com/vPU6ACq.gif

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6b00446e1cbaf7844121d91bbe4920194ee0e83c1751e652b0ae1430cd235aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
age: 1499907
x-cache: HIT
x-amz-storage-class: STANDARD_IA
content-length: 254442
x-served-by: cache-iad-kcgs7200087-IAD
last-modified: Wed, 07 Apr 2021 00:00:56 GMT
server: cat factory 1.0
x-timer: S1662839901.274283,VS0,VE2
etag: "68c98819dd35f09e9f792e1478fea6cc"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK WidgetV3.ashx Show response
www.microsofttranslator.com/ajax/v3/ 82 KB
35 KB 144ms
35ms Script
application/x-javascript 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: http://www.microsofttranslator.com/ajax/v3/WidgetV3.ashx?siteData=ueOIGRSKkd965FeEGM5JtQ**&ctf=False&ui=true&settings=Manual&from=
Requested by: Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e3bd2d48024685582f5a8e2b194dadb87a3151e823dd5a0576f88528ab62349

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 19:58:21 GMT
Content-Encoding: gzip
X-MS-Trans-Info: s=11C1C
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: no-cache
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 35659
Expires: -1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 84ms
37ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Requested by

Host: datingtoday.top
URL: https://datingtoday.top/js/push/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://datingtoday.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Sep 2022 19:58:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 10 Sep 2022 19:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Sep 2022 19:58:21 GMT

GET
H2 200 LJBMhkQ.gif
i.imgur.com/ 583 KB
583 KB 28ms
28ms Image
image/gif 146.75.36.193
FASTLY

General

Check archive.org

Download Go to Show image

Full URL

https://i.imgur.com/LJBMhkQ.gif

Requested by

Host: eve-stg.act.utoronto.ca
URL: http://eve-stg.act.utoronto.ca/didys14141.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

1f25a962ee0dbd1c45ff80efeb1238c59d1f2aea71d2b25cff67ade2a98c58d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:21 GMT
x-content-type-options: nosniff
age: 1063462
x-cache: HIT
x-amz-storage-class: STANDARD_IA
content-length: 596631
x-served-by: cache-iad-kcgs7200087-IAD
last-modified: Wed, 07 Apr 2021 00:01:27 GMT
server: cat factory 1.0
x-timer: S1662839902.525873,VS0,VE2
etag: "cc03c3bff35fa84d11506b0850efb43a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK WidgetV3.css
www.microsofttranslator.com/static/27420612/css/ 13 KB
3 KB 33ms
33ms Stylesheet
text/css 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: http://www.microsofttranslator.com/static/27420612/css/WidgetV3.css?v=27420612
Requested by: Host: www.microsofttranslator.com
URL: http://www.microsofttranslator.com/ajax/v3/WidgetV3.ashx?siteData=ueOIGRSKkd965FeEGM5JtQ**&ctf=False&ui=true&settings=Manual&from=
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2592ba8d75e8421d9d6c884b8b8d6e1dff738bcecf560801581de0c80223e4b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
Content-Encoding: gzip
ETag: "802d93ee528d81:0"
X-MS-Trans-Info: s=11C1C
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 2608

GET
H2

404

metrics.js
www.bing.com/widget/
Redirect Chain

http://www.bing.com/widget/metrics.js
https://www.bing.com/widget/metrics.js

0
0

58ms
41ms

Script
text/html

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://www.bing.com/widget/metrics.js
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 19:58:22 GMT
content-encoding: br
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-/lw2uzWqgeBga/vQYPUxRJ4iZnM5GQZRhIFbwdKUk0M='; base-uri 'self';report-to csp-endpoint
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FD803077A0241389DEE7644408161D3 Ref B: YTO01EDGE0511 Ref C: 2022-09-10T19:58:22Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/html
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
cache-control: private
content-length: 1

Redirect headers

Location: https://www.bing.com/widget/metrics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK WidgetLauncher.css
www.microsofttranslator.com/static/27420612/css/ 2 KB
1 KB 65ms
32ms Stylesheet
text/css 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: http://www.microsofttranslator.com/static/27420612/css/WidgetLauncher.css?v=27420612
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3eb98d625988f78a066b9a5ab80202251970bd314d81a323ca762f33311a09fd

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
Content-Encoding: gzip
ETag: "81baecee528d81:0"
X-MS-Trans-Info: s=11C1A
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1073

GET
H/1.1 200
OK close_x.png
www.microsofttranslator.com/static/27420612/img/ 333 B
699 B 61ms
31ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/close_x.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad022fd53c580787f819907c29f8e463c0b38e3f0a207cc8114640f592e57d5b

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
ETag: "faf36ef528d81:0"
X-MS-Trans-Info: s=11C1C
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 333

GET
H/1.1 200
OK bingmark.png
www.microsofttranslator.com/static/27420612/img/ 368 B
735 B 62ms
31ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/bingmark.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 859c14a7f4d5f0bf22a7d506ec526fc4521e5b8b187018798e8cf3e4db919298

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
ETag: "a09023ef528d81:0"
X-MS-Trans-Info: s=11C1B
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 368

GET
H/1.1 200
OK fbookmark.png
www.microsofttranslator.com/static/27420612/img/ 310 B
677 B 63ms
31ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/fbookmark.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 78575038e018a1ed8d6aae156b8891bb779a3b66c340a2e183efcad2793d0f69

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:21 GMT
ETag: "432e21ef528d81:0"
X-MS-Trans-Info: s=11C1C
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 310

GET
H/1.1 200
OK email_icon.png
www.microsofttranslator.com/static/27420612/img/ 288 B
655 B 63ms
31ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/email_icon.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e60efeee64ce3ba0d992566a6fc335438439ca70d02595d20ab400e562a142ff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
ETag: "eac351ee528d81:0"
X-MS-Trans-Info: s=11C1B
Last-Modified: Tue, 22 Feb 2022 16:04:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 288

GET
H/1.1 200
OK embed_question.png
www.microsofttranslator.com/static/27420612/img/ 260 B
626 B 35ms
30ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/embed_question.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 755c7ff4b447f5d119403dccaf2b5ed4963053d96cffef0c19f07c6b68129932

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
ETag: "612f2ef528d81:0"
X-MS-Trans-Info: s=11C1A
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 260

GET
H/1.1 200
OK binglogo_dark.png
www.microsofttranslator.com/static/27420612/img/ 1 KB
2 KB 34ms
31ms Image
image/png 20.119.175.244
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: http://www.microsofttranslator.com/static/27420612/img/binglogo_dark.png
Protocol: HTTP/1.1
Server: 20.119.175.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 393cec9afecdf72ddd4311d190d1fc309c8a702bf9507b79e5cebad4f1d20798

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:22 GMT
ETag: "4fe2f3ee528d81:0"
X-MS-Trans-Info: s=11C1B
Last-Modified: Tue, 22 Feb 2022 16:04:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: policyref="/w3c/p3p.xml", CP="CAO CONi OTR OUR DEM ONL"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1457

GET
H/1.1 200
OK susan37_ico2.jpg
datingtoday.top/js/push/images/ 3 KB
3 KB 131ms
131ms Image
image/jpeg 5.8.67.38
FASTCONTENT

General

Check archive.org

Download Go to Show image

Full URL: https://datingtoday.top/js/push/images/susan37_ico2.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.8.67.38 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx /
Resource Hash: 73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://eve-stg.act.utoronto.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sat, 10 Sep 2022 19:58:24 GMT
Last-Modified: Sun, 20 Dec 2020 18:28:50 GMT
Server: nginx
ETag: "5fdf97e2-b88"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2952

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 70ms
19ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Roboto:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://eve-stg.act.utoronto.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 120826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 10:24:38 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eve-stg.act.utoronto.ca/dating.html	1969-12-31 23:59:59	Name: kxxxf Value: Nude%20pictures%20of%20ciara
.bing.com/	1970-01-20 05:54:43	Name: SUID Value: M
.bing.com/	1970-01-20 15:15:35	Name: MUID Value: 3973BD854CF26D0F0DA7AF9E4D586C86

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://bc.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://bc.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://bc.onedragon.win/pops Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://datingtoday.top/js/push/p.js?u=dmzpte4&o=v49g540&v=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://kartavarna.com/c1/img/singer-ciara-naked-2.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://get.wallhere.com/photo/women-model-green-skinny-fashion-Eva-Andressa-Vieira-beauty-photograph-image-photo-shoot-333909.jpg Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://oncam.me/media/videos/tmb/000/009/322/player.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xxxsex.rocks/images/2ba/0c5/68113159_ava-addams-jade-nile-and-darcie-dolce-at-mommys-girl-5.jpg Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://bobsvagene.club/wp-content/uploads/2021/09/lady_tsunade_naked-1342.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.bing.com/widget/metrics.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bc.onedragon.win
bobsvagene.club
cdn.3gpkings.info
cdn.pornpics.com
content.pornobolt.cc
d1anz62hzt62y8.cloudfront.net
datingtoday.top
ei.phncdn.com
eve-stg.act.utoronto.ca
fap.thefappeningnew.com
fappeningbook.com
fonts.googleapis.com
fonts.gstatic.com
get.wallhere.com
i.imgur.com
i.ytimg.com
i0.wp.com
imagesvc.meredithcorp.io
img.paparaco.me
img.yumpu.com
img7.hotnessrater.com
kartavarna.com
leakedblack.com
lp.cutefans.win
media.radaronline.com
mysnap.pw
oncam.me
pbs.twimg.com
pictures.hentai-foundry.com
qpornx.com
sakhteman.info
thefappeningblog.com
thefappeningnew.com
tse3.mm.bing.net
user-uploads.aznude.com
www.bing.com
www.blackporno.net
www.erotik-telefon1.com
www.microsofttranslator.com
www.nakedebonycelebs.com
www.nerdporn.sexy
www.people.com
www.sexmutant.com
xxxsex.rocks
104.167.223.226
144.217.171.236
146.75.36.193
151.101.2.137
151.139.128.11
158.69.115.197
158.69.187.60
186.2.163.70
192.0.77.2
20.119.175.244
207.36.22.4
23.21.131.82
2600:9000:20ea:3800:1d:4cf9:b180:93a1
2600:9000:20ea:8000:1d:c2dd:3c80:93a1
2600:9000:20ee:9c00:16:f7a3:5c00:21
2606:4700:20::681a:552
2606:4700:20::ac43:4408
2606:4700:20::ac43:4bef
2606:4700:3031::ac43:9080
2606:4700:3032::6815:2d2f
2606:4700:3033::6815:1d2a
2606:4700:3033::ac43:8174
2606:4700:3033::ac43:bbee
2606:4700:3035::6815:101e
2606:4700:3035::6815:45a3
2606:4700:3035::6815:5bd7
2606:4700:3038::6815:ea94
2606:4700:3038::6815:eae4
2606:4700:3038::6815:eb16
2606:4700:3038::6815:eb59
2606:4700:3038::6815:eb7b
2607:f8b0:4006:817::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2016
2607:f8b0:4006:822::200a
2620:1ec:c11::200
2a04:4e42:77::159
5.196.109.56
5.8.67.38
64.111.107.130
64.88.254.162
64.88.254.166
65.8.20.112
034cab5b4abc8a97ddfe70a181df1440b5d2fd9981ae6e7ebd170c6152113444
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
158cc29fdccae927039bca9d07dddee6163552183e58418cad8f32b215047939
16bd5d51e5d6c11261df01a0d4f6b00a31c023e5edf1bd6417e8410819cff956
1f25a962ee0dbd1c45ff80efeb1238c59d1f2aea71d2b25cff67ade2a98c58d4
2592ba8d75e8421d9d6c884b8b8d6e1dff738bcecf560801581de0c80223e4b8
266239800dacccc01524057f2d432dfc8714f1dddb487e800f0d9f1d314db403
2b15229efc37185ac17fd00930d75cc550c9f0d1a0d7378f458bacdbdc7a9a0f
2cdbe637d949daa632e2f35d8fb17157f91263461f0a5ca3f81b8c7b00b00060
2e3bd2d48024685582f5a8e2b194dadb87a3151e823dd5a0576f88528ab62349
36a21af2c78da915fa35038c0a6789b37523d2fbf913224229484bf4e5f333bb
393cec9afecdf72ddd4311d190d1fc309c8a702bf9507b79e5cebad4f1d20798
3eb98d625988f78a066b9a5ab80202251970bd314d81a323ca762f33311a09fd
52b5e06f464ef37d265e0dc8b93a941b049a5d1eb9722b97929ac963a8b4b46a
533fe431d7e42030a5ddbb89bc6457b1ed0237cecc86d91e9cf10a163f3b387b
5367c792e8ace11cabf1a6f0ae3377aeaa99569a080a7baca55f0190c604453c
5481357c6e53c15525e9f8939baac3ba306a38b3534928a5cff2f18153130dd2
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
683918a0c51024d14c582f81593c97c026bc2431a78dedb3eb2548de44f31be1
68dfb570b5ebe76bbc648ee9ae2e900c86fdc771fb899930afca8acca5cad3b5
68fee7cbe623cb81fa37da56b4b026bc69f6960f44f661bb7470ee03840c00cc
6b00446e1cbaf7844121d91bbe4920194ee0e83c1751e652b0ae1430cd235aa3
6c950917ba5c601b62533b39a2fa49381d50226c902c4d27b70735e16dbc58fb
73787cd7d8d0f1954e12f7dff2d5e396b7cc930ed72a27ff15ebca30b72bd786
755c7ff4b447f5d119403dccaf2b5ed4963053d96cffef0c19f07c6b68129932
78575038e018a1ed8d6aae156b8891bb779a3b66c340a2e183efcad2793d0f69
859c14a7f4d5f0bf22a7d506ec526fc4521e5b8b187018798e8cf3e4db919298
8afacbd56d95478c4da7080bd00dd37db97e846c1f469a776a777318e7d0b644
8e612f7438e157e8499357690c5244ac71ba191164a6bd911a465126694f6d1c
95f77207ea00cb767ab70ff6093080035dca3fb7c2d5a73bd5efd9f53fd362b1
975da8d895d45c00422e72e16e66ecb493035db188913c3efd40ea7c9e156b79
a02d23216c6457f31398e32ee141cc2ac5dc02597897f3ea4b2c213bcba7deb7
a4666595cec32f92b14847594931db28ea91b72f1772eef8f575ce00205d2d73
a509314d2fb2cf5549c65f00cedd024bde23e9492eca016b18433d2a7fc4df07
a8d24f08edc9dffc226afe11d6ced2cdc2987c09537b564bda9c81d9ff67e99b
ad022fd53c580787f819907c29f8e463c0b38e3f0a207cc8114640f592e57d5b
bc9719878942b323754429145649dced5f97a6220f0f901c5b80f5bb1901fdf0
c10907fab278aa8ad42bdbc1014518df89cce1684f151a3285e6fae19e9328d6
c400c357dbd7097b89c378c276e9ff4a10bc416f55b81c051f960e06792fcbd9
c4a37c24a61671b1817e49fe53711353aa8eb9b4725edcc1b7d3263fac6e9e08
ccf51aecf26c713a061b5ac74a83d36cf71dfab5e9f767e768fbab450bdef1ec
cd8e58bd1179ba979a1d4bcbcb66d9b901b17c7e33d9bab5f5f78a1cc753d9a9
d112be22f5670582cbff8333b8999be4197939dc64eeaa1b3ebb89a4ebdce379
d186d57e0da83d3bc9c4cb0ceb2be8e700f4c9b7a6125214bfe56fca2ca6099b
d1d3a048162c5f189106bd101bc2919d5c191141aa06aa96271f0973f38550e1
d8fd279195d2de40b54236776223771dbc22edb848aabbccfefdabc451b9501d
df90dc08eee34a5f302a7178a1b123bffcdd5160b89388724559b70af210fcca
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60efeee64ce3ba0d992566a6fc335438439ca70d02595d20ab400e562a142ff
edd3b91bc3107e293b95a0cbed990c7504fe122d1fab3780364633200b2f2cf9
f597c3f3d09bf5b0caf214fd27893ae1937ab773a4ee4ca992b48a2952172186
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdfb2a0e7375152c4a4f339300f8c4ce4eb8122853b9a4a36a1e2d6675517f4e

eve-stg.act.utoronto.ca 23.21.131.82 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

eve-stg.act.utoronto.ca
23.21.131.82 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

60
Requests

67 %
HTTPS

58 %
IPv6

43
Domains

45
Subdomains

42
IPs

4
Countries

4719 kB
Transfer

4873 kB
Size

3
Cookies

60 HTTP transactions
0 data transactions