incestflix.win Open in urlscan Pro
2606:4700:3038::6815:e9fb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://incestflix.win/watch/mandy-flores-son-bonding-with-mom-2vid
Effective URL:
http://incestflix.win/404
Submission: On October 10 via manual (October 10th 2022, 1:47:02 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 81 HTTP transactions. The main IP is 2606:4700:3038::6815:e9fb, located in United States and belongs to CLOUDFLARENET, US. The main domain is incestflix.win.

This is the only time incestflix.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3038::6815:e9fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	54.39.49.142 54.39.49.142	16276 (OVH) (OVH)
1 5	185.94.236.244 185.94.236.244	42567 (MOJHOST-EU) (MOJHOST-EU)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	185.94.237.101 185.94.237.101	42567 (MOJHOST-EU) (MOJHOST-EU)
1	2606:4700:10:... 2606:4700:10::6816:4bab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	158.69.139.230 158.69.139.230	16276 (OVH) (OVH)
3	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
2 9	2606:4700::68... 2606:4700::6812:10a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
11	2606:4700::68... 2606:4700::6812:11a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.18.39 104.18.18.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:3d34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.95.114.100 208.95.114.100	53334 (TUT-AS) (TUT-AS)
3	192.99.16.114 192.99.16.114	16276 (OVH) (OVH)
8	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	107.178.242.109 107.178.242.109	15169 (GOOGLE) (GOOGLE)
81	26

4 2606:4700:3038::6815:e9fb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

incestflix.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.49.142 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns558126.ip-54-39-49.net

9randpa.incestflix.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.236.244 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.intelligenceadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.237.101 (Netherlands)

ASN42567 (MOJHOST-EU, NL)

adserver.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.230 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, RO)

viztzwr7m4v8.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Kuala Lumpur, Malaysia)

ASN9009 (M247, RO)
PTR: no-mans-land.m247.com

viztzwr7m4v8.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:10a6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

go.xlivrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creative.xlivrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:11a6 (United States)

ASN13335 (CLOUDFLARENET, US)

creative.xlivrdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
video.ktkjmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:3d34 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.strpst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.114.100 (United States)

ASN53334 (TUT-AS, US)

intelligenceadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.99.16.114 (Canada)

ASN16276 (OVH, FR)
PTR: ns5001909.ip-192-99-16.net

sefsdvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

www.imglnke.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.242.109 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 109.242.178.107.bc.googleusercontent.com

t.irtya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xlivrdr.com 2 redirects go.xlivrdr.com — Cisco Umbrella Rank: 11651 creative.xlivrdr.com — Cisco Umbrella Rank: 17702	174 KB
12	adsco.re c.adsco.re — Cisco Umbrella Rank: 12725 6.adsco.re — Cisco Umbrella Rank: 13609 4.adsco.re — Cisco Umbrella Rank: 15211 viztzwr7m4v8.l4.adsco.re Failed viztzwr7m4v8.n4.adsco.re viztzwr7m4v8.s4.adsco.re adsco.re — Cisco Umbrella Rank: 10934	81 KB
9	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 10537 ic.tynt.com — Cisco Umbrella Rank: 4960 de.tynt.com — Cisco Umbrella Rank: 2358	9 KB
7	strpst.com cdn.strpst.com — Cisco Umbrella Rank: 11761	61 KB
6	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 21976 i.jads.co — Cisco Umbrella Rank: 33518	463 KB
5	incestflix.win 1 redirects incestflix.win 9randpa.incestflix.win	57 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 485	131 KB
3	sefsdvc.com sefsdvc.com — Cisco Umbrella Rank: 318029	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
3	amung.us widgets.amung.us — Cisco Umbrella Rank: 10920 whos.amung.us — Cisco Umbrella Rank: 9363	8 KB
2	ktkjmp.com video.ktkjmp.com — Cisco Umbrella Rank: 13945	1 KB
2	dtscout.com t.dtscout.com — Cisco Umbrella Rank: 9225	3 KB
2	intelligenceadx.com www.intelligenceadx.com — Cisco Umbrella Rank: 122607 intelligenceadx.com — Cisco Umbrella Rank: 89703	10 KB
1	irtya.com t.irtya.com — Cisco Umbrella Rank: 342407	420 B
1	imglnke.com www.imglnke.com — Cisco Umbrella Rank: 33266	82 KB
1	juicyads.com adserver.juicyads.com — Cisco Umbrella Rank: 28304	2 KB
81	16

	Domain	Requested by
10	creative.xlivrdr.com	poweredby.jads.co creative.xlivrdr.com adserver.juicyads.com
8	go.xlivrdr.com	2 redirects creative.xlivrdr.com incestflix.win
7	ic.tynt.com	incestflix.win
7	cdn.strpst.com	incestflix.win
5	poweredby.jads.co	1 redirects incestflix.win poweredby.jads.co
4	ajax.googleapis.com	incestflix.win ajax.googleapis.com
4	incestflix.win	1 redirects incestflix.win
3	sefsdvc.com	poweredby.jads.co sefsdvc.com
3	4.adsco.re	incestflix.win c.adsco.re
3	6.adsco.re	incestflix.win c.adsco.re
3	c.adsco.re	www.intelligenceadx.com c.adsco.re
3	www.google-analytics.com	incestflix.win www.google-analytics.com
2	video.ktkjmp.com	creative.xlivrdr.com
2	whos.amung.us	widgets.amung.us
2	t.dtscout.com	widgets.amung.us t.dtscout.com
1	de.tynt.com	cdn.tynt.com
1	t.irtya.com	sefsdvc.com
1	www.imglnke.com	sefsdvc.com
1	intelligenceadx.com	www.intelligenceadx.com
1	adsco.re	c.adsco.re
1	cdn.tynt.com	widgets.amung.us
1	i.jads.co	poweredby.jads.co
1	viztzwr7m4v8.s4.adsco.re	c.adsco.re
1	viztzwr7m4v8.n4.adsco.re	c.adsco.re
1	widgets.amung.us	incestflix.win
1	adserver.juicyads.com	incestflix.win
1	www.intelligenceadx.com	incestflix.win
1	9randpa.incestflix.win	incestflix.win
0	viztzwr7m4v8.l4.adsco.re Failed	c.adsco.re
81	29

This site contains links to these domains. Also see Links.

Domain
adsco.re
juicyads.in

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
1868349309.rsc.cdn77.org R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2022-09-16` - `2023-09-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.n4.adsco.re R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.s4.adsco.re R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
xlivrdr.com Cloudflare Inc ECC CA-3	`2021-11-30` - `2022-11-29`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
video.ktkjmp.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
cdn.strpst.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
sefsdvc.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
www.imglnke.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
t.connexionsecure.com GTS CA 1D4	`2022-07-10` - `2022-10-08`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://incestflix.win/404
Frame ID: 9BE0981711224361AB90CD54D271233A
Requests: 38 HTTP requests in this frame

Frame: http://adserver.juicyads.com/adshow.php?adzone=890382
Frame ID: 5E0865217DB4484393A3A18141F4382D
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=886816
Frame ID: 9052A88047FAC00690547EEFC2AA5D5F
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=886816
Frame ID: 4288B499C088DDA3924ED466C38D42D3
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=889798
Frame ID: 3C776D13E9F81C929A222AB3B466981A
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=889798
Frame ID: A80CF2C74FEE3C2400FF5C170E761854
Requests: 2 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=890258
Frame ID: C74AC0577E80344CBE205C7136A4EB7E
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=890258
Frame ID: 3AF850C7A51FB97ADF80C561AE07F450
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 285719E37B7D31DA9BA167083B235B8D
Requests: 6 HTTP requests in this frame

Frame: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
Frame ID: A4FC329B2DF46599FE33A8FC14245477
Requests: 10 HTTP requests in this frame

Frame: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
Frame ID: 685B837BCDCE43FDED5856DC6212B55E
Requests: 15 HTTP requests in this frame

Frame: https://sefsdvc.com/en/us/media/dynamic/id?zid=11906&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom6=&custom7=PUB_126309&cturl=https://t.irtyf.com/ihxg01j1ds?file_id=252177&aff_id=126309&offer_id=3785&aff_sub=&url=
Frame ID: 82F8ED3485465F0A4ECAFBF82166EC58
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not Found - INCESTFLIX.WIN

Page URL History Show full URLs

http://incestflix.win/watch/mandy-flores-son-bonding-with-mom-2vid HTTP 302
http://incestflix.win/404 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

81
Requests

63 %
HTTPS

44 %
IPv6

16
Domains

29
Subdomains

26
IPs

6
Countries

1116 kB
Transfer

2041 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v

Search URL Search Domain Scan URL

URL: https://juicyads.in/tab.php?id=1722346
Title: 🔴 Live Sex

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://incestflix.win/watch/mandy-flores-son-bonding-with-mom-2vid HTTP 302
http://incestflix.win/404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://poweredby.jads.co/js/jads.js HTTP 301
http://poweredby.jads.co/js/jads2.js

Request Chain 10

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 32

https://go.xlivrdr.com/smartpop/a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a?userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf HTTP 302
https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226

Request Chain 34

http://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1025355126.1665366416&tid=UA-66446579-45&_gid=1688165176.1665366416&z=689693467 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1025355126.1665366416&tid=UA-66446579-45&_gid=1688165176.1665366416&z=689693467

Request Chain 42

https://go.xlivrdr.com/smartpop/bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1?userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf HTTP 302
https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 404 Show response
incestflix.win/
Redirect Chain

http://incestflix.win/watch/mandy-flores-son-bonding-with-mom-2vid
http://incestflix.win/404

25 KB
8 KB

147ms
129ms

Document
text/html

2606:4700:3038::6815:e9fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be6e3a4d1f312724031d6d54a0c97fde90085380b1d9366ec628b948de3dba4b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 757baf630e775c20-FRA
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqKs6brFsttxZkFVtoM9z3QqjlBuKU1WdRgJCo2V4yvR3OunDBxzYdbtRdr9c%2BYmyyodIOy6ibFQK6YhNhw3oZvPUFei6XbsjHJGni3mclbwWAenhunVsDDKcDb%2BwzuBi9GIS9bqPk8YLhZiQg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-IPLB-Instance: 41584
X-IPLB-Request-ID: A29E5AC5:AEDC_8E2C8CAF:0050_63437981_279C55:20C27

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 757baf619b689152-FRA
Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:55 GMT
Location: //incestflix.win/404
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEfzfsNv%2F0wOhc5T3cJDmAwePgNM5UT61DrFCgAwRIEcqosaK5SuCDrl6hpl7umYIf%2Fp%2F%2BoJE8ot8IuoHbXTtjbveg0PSjhNJGs0ZMueL8aDGLzjzPyIscC6aSsPXFMDGI8O7AlK1qR5Jmd19A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-IPLB-Instance: 41583
X-IPLB-Request-ID: AC46FB8A:EC3A_8E2C8CAF:0050_6343798F_27B520:1ED98

GET
H/1.1 200
OK main.css
incestflix.win/ 21 KB
6 KB 24ms
23ms Stylesheet
text/css 2606:4700:3038::6815:e9fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://incestflix.win/main.css?73637637
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2fd4c10e379945bc353fcee619a141a777532ef696baa1706dfb2e398824cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1080
X-IPLB-Instance: 41584
Connection: keep-alive
Content-Length: 4893
Last-Modified: Tue, 02 Aug 2022 13:19:50 GMT
Server: cloudflare
X-IPLB-Request-ID: A29E5B20:8164_8E2C8CAF:0050_63437558_2751E2:20C27
ETag: "54b4-5e541f89f94b0-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih0IToiVyLchZPZrlFlOGr%2FuXrL%2FhlyfqDKYKOL1yCCUJPynlg9aqKBNG%2FK%2FIlV2pNIxBkXKMz%2B3O6na3URMEAXIRbSETppng%2FswdJcYAz3g0%2BwFq68nfvKRR%2B2CYBU9Cq3FEO9g7oxhp4Z9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 757baf648fd75c20-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 161ms
79ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: incestflix.win
URL: http://incestflix.win/404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:28:44 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 34 KB
35 KB 118ms
36ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Requested by

Host: incestflix.win
URL: http://incestflix.win/404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:07:58 GMT
x-content-type-options: nosniff
age: 243538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35212
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 06:07:58 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 186ms
105ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: incestflix.win
URL: http://incestflix.win/404

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64481
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Oct 2023 16:28:44 GMT

GET
H/1.1 200
OK incestflixwin.png
9randpa.incestflix.win/img/ 8 KB
8 KB 191ms
92ms Image
image/png 54.39.49.142
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://9randpa.incestflix.win/img/incestflixwin.png
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 54.39.49.142 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns558126.ip-54-39-49.net
Software: Apache /
Resource Hash: b941ebfea18f1829d444356221ccee856936351ae7e198f9ee70d466d59a71a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Last-Modified: Mon, 09 May 2022 15:45:23 GMT
Server: Apache
ETag: "1f3e-5de9618a81712"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=45, max=2000
Content-Length: 7998

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

http://poweredby.jads.co/js/jads.js
http://poweredby.jads.co/js/jads2.js

4 KB
2 KB

28ms
14ms

Script
application/x-javascript

185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/js/jads2.js
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Server: nginx
ETag: W/"62cb707b-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Mon, 10 Oct 2022 01:46:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK all-tagsarray.php Show response
incestflix.win/ 98 KB
35 KB 113ms
112ms Script
text/javascript 2606:4700:3038::6815:e9fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://incestflix.win/all-tagsarray.php
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:e9fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59209bbd993d65451746fc17fd29509d2e970360d294f8a8cb88181f48b22fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-IPLB-Request-ID: A29E5AC5:AEDC_8E2C8CAF:0050_6343798F_279D62:20C27
X-IPLB-Instance: 41584
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEr9ZT3UFGYq4v2Yv64XKookAKrQ23JMLLaLP3hhFEMY7OQYWwucl3o2cyQBFQDvqActoe6smnc%2FePCb8TPyISLVvKjnYMRN3RMTVyUYJbZ3RBxDckIt2eLBHbcgcDsautdnppQ7UbzmX%2FEUaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=43200
Connection: keep-alive
CF-RAY: 757baf65c8d35c20-FRA

GET
H2 200 Bacon.min.js Show response
www.intelligenceadx.com/ 31 KB
10 KB 31ms
6ms Script
application/x-javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.intelligenceadx.com/Bacon.min.js
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7ebc5e8fbe901bf7efac5c9d32521cebb759153fec8d66efbd47ec017ccb1a3f

Request headers

Referer: http://incestflix.win/
Origin: http://incestflix.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 10 Oct 2022 01:46:56 GMT
content-encoding: br
x-cache: HIT
x-77-cache: HIT
x-age: 190037
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
x-77-nzt: Abk73BDNI17/VeYCAA
x-accel-expires: @1665781179
server: CDN77-Turbo
x-77-nzt-ray: xYxQg3KwHco
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://intelligenceadx.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Fri, 14 Oct 2022 20:59:39 GMT

GET
H/1.1 200
OK adshow.php Show response
adserver.juicyads.com/ Frame 5E08 3 KB
2 KB 667ms
632ms Document
text/html 185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://adserver.juicyads.com/adshow.php?adzone=890382
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 60ccd128c75fbbdc2aea7fc68154eb7cfa4354b5ea79125bec98b9e9257e3273

Request headers

Referer: http://incestflix.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK classic.js Show response
widgets.amung.us/ 13 KB
7 KB 58ms
32ms Script
application/x-javascript 2606:4700:10::6816:4bab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.amung.us/classic.js
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Mon, 29 Aug 2022 18:12:38 GMT
Server: cloudflare
Age: 887
etag: W/"630d0196-329b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
Connection: keep-alive
CF-RAY: 757baf662f586951-FRA
expires: Tue, 11 Oct 2022 01:32:09 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

104ms
31ms

Script
text/javascript

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: incestflix.win
URL: http://incestflix.win/404

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Oct 2022 01:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1859
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 10 Oct 2022 03:15:57 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 285ms
93ms Script
application/javascript 158.69.139.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fincestflix.win%2F404&j=
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip230.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
X-T: 0.772
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Mon, 10 Oct 2022 01:46:55 GMT

GET adshow.php
poweredby.jads.co/ Frame 9052 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 4288 3 KB
2 KB 406ms
393ms Document
text/html 185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=886816
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: c6069fe834f248639ea2f579722bbb86594477d50cd909f3f595cb1ebdafb1b3

Request headers

Referer: http://incestflix.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET adshow.php
poweredby.jads.co/ Frame 3C77 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame A80C 3 KB
2 KB 493ms
481ms Document
text/html 185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=889798
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 3d9a81d2382f129a28df4a4d78d8415f5e04007c71955bb3669a1e236f6a3d64

Request headers

Referer: http://incestflix.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET adshow.php
poweredby.jads.co/ Frame C74A 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 3AF8 3 KB
2 KB 949ms
938ms Document
text/html 185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=890258
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: d0ed3b93c5461e48d81d7a4ffa3e3e96b8d5255fbcaa38dfc64594c92b6fc8e3

Request headers

Referer: http://incestflix.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2 200 / Show response
c.adsco.re/ 65 KB
24 KB 47ms
19ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.intelligenceadx.com
URL: https://www.intelligenceadx.com/Bacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:56 GMT
content-encoding: br
cf-cache-status: HIT
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
server: cloudflare
age: 2086928
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 757baf66bc5d6907-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 10 Nov 2022 01:46:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 39ms
39ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2311603&t=pageview&_s=1&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2038117938&gjid=550312115&cid=1025355126.1665366416&tid=UA-66446579-45&_gid=1688165176.1665366416&_r=1&_slc=1&z=302397002

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://incestflix.win/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Oct 2022 01:46:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://incestflix.win
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
6.adsco.re/ 0
340 B 43ms
15ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://incestflix.win/
Origin: http://incestflix.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:56 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-max-age: 2592000
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://incestflix.win
content-type: text/plain;charset=UTF-8
cache-control: private, max-age=10
cf-ray: 757baf670e9f5bf9-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
460 B 78ms
18ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://incestflix.win/
Origin: http://incestflix.win
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: http://incestflix.win
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
460 B 34ms
18ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: d7363b7b1c8681054f6f068da2f15440a7841bc9a8af70c3e22abc41231ed642

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: http://incestflix.win
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
592 B 21ms
14ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5cdad9263edfdae32ad4dbe82bff533f444b63fc642d92b7bde533ed7c3db4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://incestflix.win
Cache-Control: private, max-age=10
Access-Control-Max-Age: 2592000
Connection: keep-alive
CF-RAY: 757baf670dba6909-FRA
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST /
viztzwr7m4v8.l4.adsco.re/ 0
0

POST
H/1.1 200
OK /
viztzwr7m4v8.n4.adsco.re/ 0
464 B 365ms
92ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://viztzwr7m4v8.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://incestflix.win/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
viztzwr7m4v8.s4.adsco.re/ 0
464 B 985ms
169ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://viztzwr7m4v8.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Kuala Lumpur, Malaysia, ASN9009 (M247, RO),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://incestflix.win/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame 2857 65 KB
27 KB 19ms
13ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

Referer: http://incestflix.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Age: 2086920
CF-Cache-Status: HIT
CF-RAY: 757baf670a3491d8-FRA
Cache-Control: public, max-age=2678400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 10 Oct 2022 01:46:56 GMT
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Expires: Thu, 10 Nov 2022 01:46:56 GMT
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
6.adsco.re/ Frame 2857 0
588 B 18ms
18ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://c.adsco.re
Cache-Control: private, max-age=10
Access-Control-Max-Age: 2592000
Connection: keep-alive
CF-RAY: 757baf691f3e6909-FRA
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ Frame 2857 0
456 B 18ms
18ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://c.adsco.re/
Origin: http://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: http://c.adsco.re
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=5
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 ui-bg_flat_75_ffffff_40x100.png
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ 247 B
274 B 108ms
36ms Image
image/png 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 20:33:05 GMT
x-content-type-options: nosniff
age: 364431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 20:33:05 GMT

GET
H/1.1 200
OK / Show response
c.adsco.re/ Frame 2857 65 KB
27 KB 12ms
12ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: http://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2086920
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Server: cloudflare
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=2678400
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
CF-RAY: 757baf693c7091d8-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Thu, 10 Nov 2022 01:46:56 GMT

GET
H2

200

Universal Show response
creative.xlivrdr.com/widgets/v4/ Frame A4FC
Redirect Chain

https://go.xlivrdr.com/smartpop/a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a?userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf
https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb13288...

852 B
574 B

37ms
26ms

Document
text/html

2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226

Requested by

Host: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=886816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b3a318c89af32edea7be40f942338c048f826fe70bcf65929ca405ff6dcaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: HIT
cf-ray: 757baf69dd0e91e4-FRA
content-encoding: br
content-type: text/html
date: Mon, 10 Oct 2022 01:46:56 GMT
expires: Mon, 10 Oct 2022 01:46:54 GMT
last-modified: Wed, 05 Oct 2022 11:19:07 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 757baf699cc991e4-FRA
content-length: 0
date: Mon, 10 Oct 2022 01:46:56 GMT
location: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
server: cloudflare

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 269ms
90ms Script
application/javascript 158.69.139.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=incestflix.win&_ss=2q9dme61u4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=3sag&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Fincestflix.win%2F404&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip230.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c4f9583a1ac878c1eaa454dbfc5091c7db393413e8607aa49f69b4a67f55153

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
X-T: 0.219
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Mon, 10 Oct 2022 01:46:56 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=160...
https://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=16...

35 B
55 B

29ms
29ms

Image
image/gif

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1025355126.1665366416&tid=UA-66446579-45&_gid=1688165176.1665366416&z=689693467

Requested by

Host: incestflix.win
URL: http://incestflix.win/404

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 04:07:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77965
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j98&a=2311603&t=pageview&_s=2&dl=http%3A%2F%2Fincestflix.win%2F404&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20INCESTFLIX.WIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACAAI~&jid=&gjid=&cid=1025355126.1665366416&tid=UA-66446579-45&_gid=1688165176.1665366416&z=689693467
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET /
6.adsco.re/ Frame 2857 0
0

GET /
4.adsco.re/ Frame 2857 0
0

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 33 B
317 B 138ms
124ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=egp9r8qw62s8&t=Not%20Found%20-%20INCESTFLIX.WIN&c=c&x=http%3A%2F%2Fincestflix.win%2F404&y=&a=0&d=1.258&v=27&r=4655
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d965dbe9e478f1fcd74ae8970d75b3ce3b2204b19ebcc4ba314334ba2750ae34

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 757baf697ae69a30-FRA

GET
H/1.1 200
OK / Show response
whos.amung.us/pingjs/ 33 B
317 B 151ms
129ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://whos.amung.us/pingjs/?k=egp9r8qw62s8&t=Not%20Found%20-%20INCESTFLIX.WIN&c=c&x=http%3A%2F%2Fincestflix.win%2F404&y=&a=1&d=1.258&v=27&r=9450
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbc4cad72b91792c8f6463d3455b96bec8af7795f61e3ddf5f4f532e2724d488

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
CF-RAY: 757baf698d9790fe-FRA

GET
H/1.1 200
OK ad1786554-1665125626.gif
i.jads.co/ads/user158974/ Frame A80C 454 KB
454 KB 67ms
15ms Image
image/gif 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.jads.co/ads/user158974/ad1786554-1665125626.gif
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=889798
Protocol: HTTP/1.1
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 80b3a6145d648726a959ec95b97014972e241090fdd407f9fbc20733bc16fe68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:56 GMT
Last-Modified: Fri, 07 Oct 2022 06:53:46 GMT
ETag: "1665125626"
X-HW: 1665366416.dop240.am5.t,1665366416.cds002.am5.c
Content-Type: image/gif
Cache-Control: max-age=31295290
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 464977

GET
H3 200 main.2115d8b86381425b3026.css
creative.xlivrdr.com/widgets/v4/Universal/ Frame A4FC 13 KB
4 KB 45ms
21ms Stylesheet
text/css 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.css
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 0
etag: W/"633d6908-3407"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10
cf-ray: 757baf6a3d13916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:06 GMT

GET
H3 200 main.2115d8b86381425b3026.js Show response
creative.xlivrdr.com/widgets/v4/Universal/ Frame A4FC 264 KB
76 KB 53ms
29ms Script
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd20c7114779ed387e95ee18fceffb1c3cf445c808e396a3c13e0946b2fc2c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 6
etag: W/"633d6908-41f83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 757baf6a3d15916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:01 GMT

GET
H3

200

Universal Show response
creative.xlivrdr.com/widgets/v4/ Frame 685B
Redirect Chain

https://go.xlivrdr.com/smartpop/bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1?userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf
https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305...

852 B
647 B

23ms
23ms

Document
text/html

2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700

Requested by

Host: adserver.juicyads.com
URL: http://adserver.juicyads.com/adshow.php?adzone=890382

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b3a318c89af32edea7be40f942338c048f826fe70bcf65929ca405ff6dcaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=10
cf-cache-status: HIT
cf-ray: 757baf6a8d68916b-FRA
content-encoding: br
content-type: text/html
date: Mon, 10 Oct 2022 01:46:57 GMT
expires: Mon, 10 Oct 2022 01:46:54 GMT
last-modified: Wed, 05 Oct 2022 11:19:07 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
server: cloudflare
strict-transport-security: max-age=15768000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 757baf6a59465bf9-FRA
content-length: 0
date: Mon, 10 Oct 2022 01:46:57 GMT
location: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
server: cloudflare

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 759ms
13ms Script
application/javascript 104.18.18.39
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
server: cloudflare
age: 211736
etag: W/"62d96946-4599"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 757baf6eecb9bbf5-FRA
expires: Thu, 13 Oct 2022 01:46:57 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 en.json Show response
creative.xlivrdr.com/widgets/v4/Universal/lang/ Frame A4FC 172 B
323 B 19ms
19ms Fetch
application/json 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/lang/en.json
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:19:07 GMT
server: cloudflare
age: 1
etag: W/"633d682b-ac"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10
cf-ray: 757baf6acd9d916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:02 GMT

GET
H3 200 config Show response
go.xlivrdr.com/ Frame A4FC 7 KB
2 KB 36ms
21ms Fetch
application/json 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlivrdr.com/config?url=https%3A%2F%2Fcreative.xlivrdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Da8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a%26campaignType%3Dsmartpop%26creativeId%3Dc4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0%26iterationId%3D126657%26liveBadgeColor%3Dea0c32%26masterSmartpopId%3D0%26ruleId%3D0%26smartpopId%3D4844%26thumbType%3Davatar%26titleText%3DIncest%2520girls%26userId%3D9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf%26variationId%3D26226
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b3153bed9926cfe53ebccfec20e7c0099b94c9d808a32c31391eb180c85e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 01:41:09 GMT
server: cloudflare
age: 100
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 757baf6aeaab994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
video.ktkjmp.com/ Frame A4FC 16 B
686 B 46ms
15ms Fetch
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.ktkjmp.com/adsbygoogle.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status: HIT
x-amz-request-id: 3YW9SERF7DC7262X
age: 3342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-amz-id-2: umnGOMVCjminO+qe5UBV06OrSizh/U59KvaEibge5v1gMRbq/UnThpljPBepeh+5w7wEpQIcu/4=
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag: "3d7f7a60216d40dea48e495fef6903c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://creative.xlivrdr.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 757baf6afa655bdd-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires: Mon, 10 Oct 2022 05:46:57 GMT

GET
H3 200 main.2115d8b86381425b3026.css
creative.xlivrdr.com/widgets/v4/Universal/ Frame 685B 13 KB
4 KB 21ms
20ms Stylesheet
text/css 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.css
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 1
etag: W/"633d6908-3407"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10
cf-ray: 757baf6adda5916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:06 GMT

GET
H3 200 main.2115d8b86381425b3026.js Show response
creative.xlivrdr.com/widgets/v4/Universal/ Frame 685B 264 KB
76 KB 29ms
28ms Script
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd20c7114779ed387e95ee18fceffb1c3cf445c808e396a3c13e0946b2fc2c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 6
etag: W/"633d6908-41f83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 757baf6adda7916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:01 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
693 B 172ms
148ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 48b3995055db20905739143461c269621ac863079b4eddea1daafccbce3eedca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Transfer-Encoding: chunked
AS-P-1: OK lon123
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://incestflix.win
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-P-2: OK
AS-P-3: OK

GET
H3 200 core.34b30cde2ed8622605f0.js Show response
creative.xlivrdr.com/widgets/v4/Universal/ Frame A4FC 3 KB
1 KB 20ms
20ms Script
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/core.34b30cde2ed8622605f0.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&campaignType=smartpop&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 1
etag: W/"633d6908-aa6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 757baf6b2de1916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:46:56 GMT

GET
H3 200 models Show response
go.xlivrdr.com/api/ Frame A4FC 2 KB
945 B 32ms
31ms Fetch
application/json 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlivrdr.com/api/models?forceClient=1&stripcashR=0&limit=1
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3801ea3e0dc8caa04e9c8db5f45e096f064e6e4c691b2db6c2cd5a76900fe63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 01:46:48 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.xlivrdr.com
access-control-allow-credentials: true
cf-ray: 757baf6b39c95bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 en.json Show response
creative.xlivrdr.com/widgets/v4/Universal/lang/ Frame 685B 172 B
323 B 19ms
19ms Fetch
application/json 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/lang/en.json
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:19:07 GMT
server: cloudflare
age: 1
etag: W/"633d682b-ac"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10
cf-ray: 757baf6b3dee916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:47:02 GMT

GET
H3 200 config Show response
go.xlivrdr.com/ Frame 685B 7 KB
2 KB 21ms
20ms Fetch
application/json 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlivrdr.com/config?url=https%3A%2F%2Fcreative.xlivrdr.com%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Dbc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1%26campaignType%3Dsmartpop%26creativeId%3D57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978%26iterationId%3D172276%26liveBadgeColor%3Dd8143c%26masterSmartpopId%3D0%26ruleId%3D0%26smartpopId%3D6035%26tag%3Dgirls%252Fnew-teens%26thumbType%3Davatar%26userId%3D9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf%26variationId%3D27700
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18560aaa09707da5d5d7eea6418690a57b91868d0508c895b1a99f15de937408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 01:39:59 GMT
server: cloudflare
age: 221
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 757baf6b3ae6994e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
video.ktkjmp.com/ Frame 685B 16 B
640 B 26ms
16ms Fetch
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.ktkjmp.com/adsbygoogle.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status: HIT
x-amz-request-id: 3YW9SERF7DC7262X
age: 3342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16
x-amz-id-2: umnGOMVCjminO+qe5UBV06OrSizh/U59KvaEibge5v1gMRbq/UnThpljPBepeh+5w7wEpQIcu/4=
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag: "3d7f7a60216d40dea48e495fef6903c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://creative.xlivrdr.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 757baf6b4f46917a-FRA
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires: Mon, 10 Oct 2022 05:46:57 GMT

GET
H3 200 core.34b30cde2ed8622605f0.js Show response
creative.xlivrdr.com/widgets/v4/Universal/ Frame 685B 3 KB
1 KB 27ms
27ms Script
application/javascript 2606:4700::6812:11a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://creative.xlivrdr.com/widgets/v4/Universal/core.34b30cde2ed8622605f0.js
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:11a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/widgets/v4/Universal?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&campaignType=smartpop&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&tag=girls%2Fnew-teens&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: public
date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 11:22:48 GMT
server: cloudflare
age: 1
etag: W/"633d6908-aa6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
cf-ray: 757baf6b6e2a916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 10 Oct 2022 01:46:56 GMT

GET
H3 200 models Show response
go.xlivrdr.com/api/ Frame 685B 10 KB
2 KB 37ms
37ms Fetch
application/json 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.xlivrdr.com/api/models?tag=girls%2Fnew-teens&forceClient=1&stripcashR=0&limit=6
Requested by: Host: creative.xlivrdr.com
URL: https://creative.xlivrdr.com/widgets/v4/Universal/main.2115d8b86381425b3026.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74dd5aa437f11660b2f68e7ddadb35822bc89a0ac43e64e6c5e96f07d2d53f10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Oct 2022 01:46:49 GMT
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.xlivrdr.com
access-control-allow-credentials: true
cf-ray: 757baf6b69dc5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5ae03d1a327eb5942800dd8564d5822b-full
cdn.strpst.com/cdn/avatars/5/a/e/ Frame A4FC 11 KB
11 KB 56ms
19ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/5/a/e/5ae03d1a327eb5942800dd8564d5822b-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f56565d7dc6fbc75bf1ba529162c2780def8b89aafc8e07d2f09335139a56d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 190411
cf-polished: origSize=10929, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10868
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Jul 2022 20:07:33 GMT
server: cloudflare
etag: "62bf5405-2ab1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdec5b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H3 200 abc.gif
go.xlivrdr.com/ Frame A4FC 103 B
103 B 29ms
28ms Image
image/gif 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.xlivrdr.com/abc.gif?campaignId=a8954eb001b85caf12a38ced4310be8bb9b189b7b434e3e2cdb45f94bd4a1a0a&creativeId=c4d5032303678e666a11daec386a3cbdb132886337270279afc3ef2aed9236b0&iterationId=126657&liveBadgeColor=%23ea0c32&masterSmartpopId=0&ruleId=0&smartpopId=4844&thumbType=avatar&titleText=Incest%20girls&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=26226&modelsLimit=1&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&language=en&autoplay=onHover&player=hls&thumbFit=cover&autoplayForce=0&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=WidgetV4Universal&referrer=http%3A%2F%2Fpoweredby.jads.co%2F&i=0&ib=0&filtersMatch=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: *
cf-ray: 757baf6b79f15bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103

GET
H2 200 a038c7d9b12cb7d070d8969ad13bf426-full
cdn.strpst.com/cdn/avatars/a/0/3/ Frame 685B 8 KB
8 KB 21ms
17ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/a/0/3/a038c7d9b12cb7d070d8969ad13bf426-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf7754779fd7b2d0099e25edfa85e3614f668de8784f18f1e3ebc03d4b20fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 20215
cf-polished: origSize=8010, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7843
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Sep 2022 17:48:38 GMT
server: cloudflare
etag: "63372bf6-1f4a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdf15b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H2 200 ec9677231e6a7d5c362d7d5fc59a75a7-full
cdn.strpst.com/cdn/avatars/e/c/9/ Frame 685B 8 KB
8 KB 21ms
17ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/e/c/9/ec9677231e6a7d5c362d7d5fc59a75a7-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43790fed1ff1c3068e6ce4c111b5fbb9c3d83f8fe47ff9ef7bb305c70f978aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 440457
cf-polished: origSize=8250, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8083
cf-bgj: imgq:100,h2pri
last-modified: Sun, 25 Sep 2022 18:21:28 GMT
server: cloudflare
etag: "63309c28-203a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdf25b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H2 200 56f61532cd00109fcbba6f60a572f9e0-full
cdn.strpst.com/cdn/avatars/5/6/f/ Frame 685B 8 KB
8 KB 23ms
20ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/5/6/f/56f61532cd00109fcbba6f60a572f9e0-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d5305f44d3e81ae43271a9dcff2e1e81397484224cd9f080e25442e1fe46f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 456136
cf-polished: origSize=8517, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8367
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Oct 2022 18:41:49 GMT
server: cloudflare
etag: "633c7e6d-2145"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdf05b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H2 200 64324cf70f8225dd5a3c2fc312091008-full
cdn.strpst.com/cdn/avatars/6/4/3/ Frame 685B 10 KB
10 KB 19ms
16ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/6/4/3/64324cf70f8225dd5a3c2fc312091008-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cdee01df547c67f7d9c61da902912d84d1705695abf47cddb9b128ed61cb6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 100885
cf-polished: origSize=10004, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9881
cf-bgj: imgq:100,h2pri
last-modified: Sun, 25 Sep 2022 13:25:04 GMT
server: cloudflare
etag: "633056b0-2714"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdf35b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H2 200 4380008f9466e53d50bdf03edb675c08-full
cdn.strpst.com/cdn/avatars/4/3/8/ Frame 685B 7 KB
7 KB 22ms
19ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/4/3/8/4380008f9466e53d50bdf03edb675c08-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e3d85af72b8eea7ef4dd2e2ba27baba4f8ccf27cbd7f7c6339e94010755ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 524891
cf-polished: origSize=7508, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7306
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Sep 2022 07:47:39 GMT
server: cloudflare
etag: "63354d9b-1d54"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbdef5b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H2 200 87055dc979260d1ef53b95722e4d92da-full
cdn.strpst.com/cdn/avatars/8/7/0/ Frame 685B 9 KB
9 KB 23ms
21ms Image
image/jpeg 2606:4700::6810:3d34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.strpst.com/cdn/avatars/8/7/0/87055dc979260d1ef53b95722e4d92da-full
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3d34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91782c85dc633f197289ebc78104c1641d3db9c153aa4ad50bf4b9cbe248827a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: HIT
age: 263589
cf-polished: origSize=9086, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8887
cf-bgj: imgq:100,h2pri
last-modified: Thu, 06 Oct 2022 01:31:21 GMT
server: cloudflare
etag: "633e2fe9-237e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 757baf6bbded5b50-FRA
expires: Thu, 10 Nov 2022 01:46:57 GMT

GET
H3 200 abc.gif
go.xlivrdr.com/ Frame 685B 103 B
103 B 54ms
52ms Image
image/gif 2606:4700::6812:10a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.xlivrdr.com/abc.gif?campaignId=bc8a535d7390b9f96d115009fa1584167747868faf3ef884ed9c00f4a7569bc1&creativeId=57b6a5a4cb9fe0926b4ea6c7e352797ed19305fb2dd0f4a2a9af33c713bbe978&iterationId=172276&liveBadgeColor=%23d8143c&masterSmartpopId=0&ruleId=0&smartpopId=6035&thumbType=avatar&userId=9ea39785438e301541da4fed7bc974d7711613cdc62dd3022c3da9841b818edf&variationId=27700&modelsLimit=6&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&language=en&autoplay=onHover&player=hls&thumbFit=cover&autoplayForce=0&quality=original&stripcashR=0&linkToModel=ifOnlineNew&newModelsListAPI=0&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=hls-newAPI&landing=WidgetV4Universal&referrer=http%3A%2F%2Fadserver.juicyads.com%2F&i=0&ib=0&filtersMatch=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:10a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.xlivrdr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: *
cf-ray: 757baf6bba185bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103

GET
H/1.1 200
OK ohXc.htm Show response
intelligenceadx.com/ 44 B
277 B 240ms
215ms Script
text/javascript 208.95.114.100
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://intelligenceadx.com/ohXc.htm?_=BAoAY0N5kQFjQ3mRgAGBAsAAIATGUIoFF3HMz84mb7Xc0XkfSAc0iaMVk67S7y6IcCoVwQBHMEUCIGbbVQHtgeEQUvHOSzj4bj0yLjpETcB528eRWzGBLfLEAiEA7Arg3GZtDUKMFaxprcPzQvNlc_arkIPTALlp2DNsfPPCACBe9y6u55IwgARFRr60wJYvG1QvBBgWc7unRQH1qj5vWMQAECoDGyAABvARAAAAAAAAAG7FABAKY91zSC2KhuqDFzh8TAsGwwBHMEUCIQCStPuIpzi9apMvQwGU-gOLQhk1HiGtmDSKkHnC-Ji7QAIgOZF4bs3ZI_YSvPmBL1m2_tbPOoEkFvkzfr2ocyqEgAs&v=4&SCXwDsRy=4234259&WufaUXZh=&QjPInZef=0,0&pQmyHTNA=&nSYMlfow=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.intelligenceadx.com
URL: https://www.intelligenceadx.com/Bacon.min.js
Protocol: HTTP/1.1
Server: 208.95.114.100 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:57 GMT
asf: 9
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
popads-ec: ASB
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 44

GET
H/1.1 200
OK id Show response
sefsdvc.com/en/us/media/dynamic/ Frame 82F8 1 KB
1 KB 310ms
99ms Document
text/html 192.99.16.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sefsdvc.com/en/us/media/dynamic/id?zid=11906&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom6=&custom7=PUB_126309&cturl=https://t.irtyf.com/ihxg01j1ds?file_id=252177&aff_id=126309&offer_id=3785&aff_sub=&url=
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=890258
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.16.114 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5001909.ip-192-99-16.net
Software: nginx/1.15.7 /
Resource Hash: a84f0f29996d808e5c19b8127c28c3aa99a7ba0c8f1151c9b14a1a988a58ae10

Request headers

Referer: http://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 10 Oct 2022 01:46:57 GMT
Expires: Thu, 31 Dec 1998 11:59:59 GMT
P3P: CP="NOI DSP COR NID"
Pragma: no-cache
Server: nginx/1.15.7
Transfer-Encoding: chunked
X-Robots-Tag: none

GET
H/1.1 200
OK id Show response
sefsdvc.com/en/us/media/script/ Frame 82F8 3 KB
3 KB 97ms
96ms Script
text/javascript 192.99.16.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sefsdvc.com/en/us/media/script/id?zid=12571&custom10=3262&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom4=&custom5=&custom6=&custom7=PUB_126309;ADV11906_28536_74199&custom8=&custom9=&random=68116856&millis=1665366417674&referrer=http%3A%2F%2Fincestflix.win&cturl=http%3A%2F%2Fsefsdvc.com%2Fservlet%2Fclick%2Fzone%3Fzid%3D11906%26cid%3D28536%26mid%3D74199%26pid%3D0%26sid%3D8%26uuid%3D452cc7800b514214f13e68d808427a06%26ip%3D185.213.155.166%26default%3Dfalse%26random%3D23810269%26timestamp%3D20221009214657%26test%3Dfalse%26custom1%3D%26custom2%3D60531%26custom3%3D%257Btransaction_id%257D%26custom6%3D%26custom7%3DPUB_126309%26referrer%3Dhttp%253A%252F%252Fpoweredby.jads.co%252F%26cturl%3Dhttps%253A%252F%252Ft.irtyf.com%252Fihxg01j1ds%253Ffile_id%253D252177%2526aff_id%253D126309%2526offer_id%253D3785%2526aff_sub%253D%2526url%253D%26redirect%3D
Requested by: Host: sefsdvc.com
URL: https://sefsdvc.com/en/us/media/dynamic/id?zid=11906&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom6=&custom7=PUB_126309&cturl=https://t.irtyf.com/ihxg01j1ds?file_id=252177&aff_id=126309&offer_id=3785&aff_sub=&url=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.16.114 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5001909.ip-192-99-16.net
Software: nginx/1.15.7 /
Resource Hash: bd943312f1bcfe51733f534eb983a26fd6c2fa8feedf2a0a8202ba3055449122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sefsdvc.com/en/us/media/dynamic/id?zid=11906&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom6=&custom7=PUB_126309&cturl=https://t.irtyf.com/ihxg01j1ds?file_id=252177&aff_id=126309&offer_id=3785&aff_sub=&url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Oct 2022 01:46:57 GMT
Server: nginx/1.15.7
Content-Type: text/javascript;charset=UTF-8
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Connection: keep-alive
X-Robots-Tag: none
Content-Length: 2840
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 330ms
108ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0&t=Not%20Found%20-%20INCESTFLIX.WIN
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK interactive2.js Show response
sefsdvc.com/js/ Frame 82F8 11 KB
11 KB 95ms
94ms Script
text/javascript 192.99.16.114
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sefsdvc.com/js/interactive2.js
Requested by: Host: sefsdvc.com
URL: https://sefsdvc.com/en/us/media/script/id?zid=12571&custom10=3262&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom4=&custom5=&custom6=&custom7=PUB_126309;ADV11906_28536_74199&custom8=&custom9=&random=68116856&millis=1665366417674&referrer=http%3A%2F%2Fincestflix.win&cturl=http%3A%2F%2Fsefsdvc.com%2Fservlet%2Fclick%2Fzone%3Fzid%3D11906%26cid%3D28536%26mid%3D74199%26pid%3D0%26sid%3D8%26uuid%3D452cc7800b514214f13e68d808427a06%26ip%3D185.213.155.166%26default%3Dfalse%26random%3D23810269%26timestamp%3D20221009214657%26test%3Dfalse%26custom1%3D%26custom2%3D60531%26custom3%3D%257Btransaction_id%257D%26custom6%3D%26custom7%3DPUB_126309%26referrer%3Dhttp%253A%252F%252Fpoweredby.jads.co%252F%26cturl%3Dhttps%253A%252F%252Ft.irtyf.com%252Fihxg01j1ds%253Ffile_id%253D252177%2526aff_id%253D126309%2526offer_id%253D3785%2526aff_sub%253D%2526url%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.16.114 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5001909.ip-192-99-16.net
Software: nginx/1.15.7 /
Resource Hash: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sefsdvc.com/en/us/media/dynamic/id?zid=11906&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom6=&custom7=PUB_126309&cturl=https://t.irtyf.com/ihxg01j1ds?file_id=252177&aff_id=126309&offer_id=3785&aff_sub=&url=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
Last-Modified: Fri, 14 Feb 2020 21:12:20 GMT
Server: nginx/1.15.7
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Expires: Mon, 10 Oct 2022 18:59:36 GMT

GET
H/1.1 200
OK 20180117123230-003616A_GDAT_18_ALL_DE_71_L.jpg
www.imglnke.com/3785/ Frame 82F8 81 KB
82 KB 234ms
22ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imglnke.com/3785/20180117123230-003616A_GDAT_18_ALL_DE_71_L.jpg
Requested by: Host: sefsdvc.com
URL: https://sefsdvc.com/en/us/media/script/id?zid=12571&custom10=3262&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom4=&custom5=&custom6=&custom7=PUB_126309;ADV11906_28536_74199&custom8=&custom9=&random=68116856&millis=1665366417674&referrer=http%3A%2F%2Fincestflix.win&cturl=http%3A%2F%2Fsefsdvc.com%2Fservlet%2Fclick%2Fzone%3Fzid%3D11906%26cid%3D28536%26mid%3D74199%26pid%3D0%26sid%3D8%26uuid%3D452cc7800b514214f13e68d808427a06%26ip%3D185.213.155.166%26default%3Dfalse%26random%3D23810269%26timestamp%3D20221009214657%26test%3Dfalse%26custom1%3D%26custom2%3D60531%26custom3%3D%257Btransaction_id%257D%26custom6%3D%26custom7%3DPUB_126309%26referrer%3Dhttp%253A%252F%252Fpoweredby.jads.co%252F%26cturl%3Dhttps%253A%252F%252Ft.irtyf.com%252Fihxg01j1ds%253Ffile_id%253D252177%2526aff_id%253D126309%2526offer_id%253D3785%2526aff_sub%253D%2526url%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: d9bd89fe44e8f172e949898ffb2edf6b5a35b4df7101c0b7ccb225671ff4eaa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sefsdvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Mon, 10 Oct 2022 01:46:57 GMT
Last-Modified: Wed, 17 Jan 2018 17:32:32 GMT
ETag: "1516210352"
X-HW: 1665366417.dop211.am5.t,1665366417.cds220.am5.shn,1665366417.dop211.am5.t,1665366417.cds290.am5.c
Content-Type: image/jpeg
Cache-Control: max-age=24825
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83403

GET
H2 200 pw6ncl4qo2
t.irtya.com/ Frame 82F8 43 B
420 B 549ms
218ms Image
image/gif 107.178.242.109
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.irtya.com/pw6ncl4qo2?offer_id=3785&file_id=268559&aff_id=60531&aff_sub=&aff_sub2=PUB_126309%3BADV11906_28536_74199;ADA12571_29004_72209&aff_sub3=&aff_sub4=&aff_sub5=&source=%7Btransaction_id%7D&campaign_id=3262&options=
Requested by: Host: sefsdvc.com
URL: https://sefsdvc.com/en/us/media/script/id?zid=12571&custom10=3262&pid=0&custom1=&custom2=60531&custom3=%7Btransaction_id%7D&custom4=&custom5=&custom6=&custom7=PUB_126309;ADV11906_28536_74199&custom8=&custom9=&random=68116856&millis=1665366417674&referrer=http%3A%2F%2Fincestflix.win&cturl=http%3A%2F%2Fsefsdvc.com%2Fservlet%2Fclick%2Fzone%3Fzid%3D11906%26cid%3D28536%26mid%3D74199%26pid%3D0%26sid%3D8%26uuid%3D452cc7800b514214f13e68d808427a06%26ip%3D185.213.155.166%26default%3Dfalse%26random%3D23810269%26timestamp%3D20221009214657%26test%3Dfalse%26custom1%3D%26custom2%3D60531%26custom3%3D%257Btransaction_id%257D%26custom6%3D%26custom7%3DPUB_126309%26referrer%3Dhttp%253A%252F%252Fpoweredby.jads.co%252F%26cturl%3Dhttps%253A%252F%252Ft.irtyf.com%252Fihxg01j1ds%253Ffile_id%253D252177%2526aff_id%253D126309%2526offer_id%253D3785%2526aff_sub%253D%2526url%253D%26redirect%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.242.109 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 109.242.178.107.bc.googleusercontent.com
Software: nginx / Express
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sefsdvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 01:46:58 GMT
content-encoding: gzip
via: 1.1 google
tracking_id: 102233c2a1d79f362d18ec4b7af39c
x-powered-by: Express
actioncode: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
x-request-id: 7bd2bd9fb319e3a89ed69d1354f22683
pragma: no-cache
server: nginx
etag: W/"39-5zGAYBq/yvm/2MAmUD/uWRSnd9M"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: Tune-SDK-Version
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
260 B 116ms
106ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!egp9r8qw62s8&dn=TC&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 10 Oct 2022 01:46:57 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 4
expires: Tue, 11 Oct 2022 01:46:58 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0&t=Not%20Found%20-%20INCESTFLIX.WIN
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 109ms
109ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0&t=Not%20Found%20-%20INCESTFLIX.WIN
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
111ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
106ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 107ms
107ms Image
text/plain 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!egp9r8qw62s8&lm=0&ts=1665366417767&dn=TC&iso=0
Requested by: Host: incestflix.win
URL: http://incestflix.win/404
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://incestflix.win/404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 10 Oct 2022 01:46:58 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=886816

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=889798

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=890258

Domain: viztzwr7m4v8.l4.adsco.re
URL: https://viztzwr7m4v8.l4.adsco.re/

Domain: 6.adsco.re
URL: http://6.adsco.re/

Domain: 4.adsco.re
URL: http://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.incestflix.win/	1970-01-20 16:12:06	Name: _ga Value: GA1.2.1025355126.1665366416
.incestflix.win/	1970-01-20 06:37:32	Name: _gid Value: GA1.2.1688165176.1665366416
.incestflix.win/	1970-01-20 06:36:06	Name: _gat Value: 1
.dtscout.com/	1970-01-20 06:36:11	Name: m Value: 1
.dtscout.com/	1970-01-20 06:36:20	Name: oa Value: 1
.dtscout.com/	1970-01-20 09:00:06	Name: df Value: 1665366416
incestflix.win/	1970-01-20 06:36:31	Name: a Value: TlxGQcRP9r9OVveGvNqFJ6XDKurf9cRZ
go.xlivrdr.com/	1970-01-20 06:37:29	Name: __cflb Value: 0H28uukSkGJRy5UBr1u9iAwwBfboBLDB3xVHmHSWymN
incestflix.win/	1970-01-20 06:36:28	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAY0N5kQFjQ3mRgAGBAsAAIATGUIoFF3HMz84mb7Xc0XkfSAc0iaMVk67S7y6IcCoVwQBHMEUCIGbbVQHtgeEQUvHOSzj4bj0yLjpETcB528eRWzGBLfLEAiEA7Arg3GZtDUKMFaxprcPzQvNlc_arkIPTALlp2DNsfPPCACBe9y6u55IwgARFRr60wJYvG1QvBBgWc7unRQH1qj5vWMQAECoDGyAABvARAAAAAAAAAG7FABAKY91zSC2KhuqDFzh8TAsGwwBHMEUCIQCStPuIpzi9apMvQwGU-gOLQhk1HiGtmDSKkHnC-Ji7QAIgOZF4bs3ZI_YSvPmBL1m2_tbPOoEkFvkzfr2ocyqEgAs
incestflix.win/	1970-01-20 06:36:28	Name: _popprepop Value: 1
sefsdvc.com/	1970-01-20 15:21:42	Name: AVPUID Value: 26e1ab62e191dc3fb2d4a08b89938051

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://viztzwr7m4v8.l4.adsco.re/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
9randpa.incestflix.win
adsco.re
adserver.juicyads.com
ajax.googleapis.com
c.adsco.re
cdn.strpst.com
cdn.tynt.com
creative.xlivrdr.com
de.tynt.com
go.xlivrdr.com
i.jads.co
ic.tynt.com
incestflix.win
intelligenceadx.com
poweredby.jads.co
sefsdvc.com
t.dtscout.com
t.irtya.com
video.ktkjmp.com
viztzwr7m4v8.l4.adsco.re
viztzwr7m4v8.n4.adsco.re
viztzwr7m4v8.s4.adsco.re
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.imglnke.com
www.intelligenceadx.com
4.adsco.re
6.adsco.re
poweredby.jads.co
viztzwr7m4v8.l4.adsco.re
104.18.18.39
107.178.242.109
158.69.139.230
162.252.214.5
185.200.116.90
185.94.236.244
185.94.237.101
192.99.16.114
2001:4860:4802:38::178
205.185.216.42
208.95.114.100
2606:4700:10::6816:4aab
2606:4700:10::6816:4bab
2606:4700:3038::6815:e9fb
2606:4700::6810:3d34
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:10a6
2606:4700::6812:11a6
2a00:1450:4001:80e::200a
2a02:6ea0:c700::10
38.132.109.186
54.39.49.142
67.202.105.34
69.16.175.10
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
0fc87114ecf1d8bdd5f75fd6a3cff45db5782d41249cd7af503bfd54a106a8bb
13ec4684ec9818d68b90f8bbdad62d7d1303f3cc6a93f24abe1238671c416fd3
18560aaa09707da5d5d7eea6418690a57b91868d0508c895b1a99f15de937408
27f56565d7dc6fbc75bf1ba529162c2780def8b89aafc8e07d2f09335139a56d
2cdee01df547c67f7d9c61da902912d84d1705695abf47cddb9b128ed61cb6d7
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3d9a81d2382f129a28df4a4d78d8415f5e04007c71955bb3669a1e236f6a3d64
41e3d85af72b8eea7ef4dd2e2ba27baba4f8ccf27cbd7f7c6339e94010755ee5
43790fed1ff1c3068e6ce4c111b5fbb9c3d83f8fe47ff9ef7bb305c70f978aa8
48b3995055db20905739143461c269621ac863079b4eddea1daafccbce3eedca
52b3a318c89af32edea7be40f942338c048f826fe70bcf65929ca405ff6dcaf1
56d31838cb90e196f86dc55b17e8297a5c36436fab92741ddd2f28df889cd91a
59209bbd993d65451746fc17fd29509d2e970360d294f8a8cb88181f48b22fb2
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5c4f9583a1ac878c1eaa454dbfc5091c7db393413e8607aa49f69b4a67f55153
60ccd128c75fbbdc2aea7fc68154eb7cfa4354b5ea79125bec98b9e9257e3273
74dd5aa437f11660b2f68e7ddadb35822bc89a0ac43e64e6c5e96f07d2d53f10
7ebc5e8fbe901bf7efac5c9d32521cebb759153fec8d66efbd47ec017ccb1a3f
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
80b3a6145d648726a959ec95b97014972e241090fdd407f9fbc20733bc16fe68
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87d5305f44d3e81ae43271a9dcff2e1e81397484224cd9f080e25442e1fe46f6
8bf7754779fd7b2d0099e25edfa85e3614f668de8784f18f1e3ebc03d4b20fb1
91782c85dc633f197289ebc78104c1641d3db9c153aa4ad50bf4b9cbe248827a
937458495c30f567aeafe715f0164bfe061ab17aee4a34aabbf191f69a6d32ae
94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3801ea3e0dc8caa04e9c8db5f45e096f064e6e4c691b2db6c2cd5a76900fe63
a7b3153bed9926cfe53ebccfec20e7c0099b94c9d808a32c31391eb180c85e2e
a84f0f29996d808e5c19b8127c28c3aa99a7ba0c8f1151c9b14a1a988a58ae10
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b941ebfea18f1829d444356221ccee856936351ae7e198f9ee70d466d59a71a8
bd943312f1bcfe51733f534eb983a26fd6c2fa8feedf2a0a8202ba3055449122
be6e3a4d1f312724031d6d54a0c97fde90085380b1d9366ec628b948de3dba4b
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c6069fe834f248639ea2f579722bbb86594477d50cd909f3f595cb1ebdafb1b3
cd20c7114779ed387e95ee18fceffb1c3cf445c808e396a3c13e0946b2fc2c01
ce2fd4c10e379945bc353fcee619a141a777532ef696baa1706dfb2e398824cb
d0ed3b93c5461e48d81d7a4ffa3e3e96b8d5255fbcaa38dfc64594c92b6fc8e3
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d5cdad9263edfdae32ad4dbe82bff533f444b63fc642d92b7bde533ed7c3db4a
d7363b7b1c8681054f6f068da2f15440a7841bc9a8af70c3e22abc41231ed642
d965dbe9e478f1fcd74ae8970d75b3ce3b2204b19ebcc4ba314334ba2750ae34
d9bd89fe44e8f172e949898ffb2edf6b5a35b4df7101c0b7ccb225671ff4eaa2
da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf
dbc4cad72b91792c8f6463d3455b96bec8af7795f61e3ddf5f4f532e2724d488
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa55a8fd5ba5cf4b97511fd0e6096782fd1700258ac9d3d677deb268b96aadb6

incestflix.win Open in urlscan Pro 2606:4700:3038::6815:e9fb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

63 %HTTPS

44 %IPv6

16 Domains

29 Subdomains

26 IPs

6 Countries

1116 kBTransfer

2041 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

incestflix.win Open in urlscan Pro
2606:4700:3038::6815:e9fb Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

63 %
HTTPS

44 %
IPv6

16
Domains

29
Subdomains

26
IPs

6
Countries

1116 kB
Transfer

2041 kB
Size

11
Cookies

81 HTTP transactions
1 data transactions