bi.epilreoffer.com Open in urlscan Pro
173.0.146.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://free-porntubevideos.blogspot.nl/
Effective URL:
https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s
Submission: On February 26 via api (February 26th 2024, 8:01:59 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 18 HTTP transactions. The main IP is 173.0.146.207, located in United States and belongs to SERVERS-COM, US. The main domain is bi.epilreoffer.com. The Cisco Umbrella rank of the primary domain is 160521.
TLS certificate: Issued by R3 on February 15th 2024. Valid for: 3 months.

This is the only time bi.epilreoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2009	15169 (GOOGLE) (GOOGLE)
1 2	185.66.200.221 185.66.200.221	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2001	15169 (GOOGLE) (GOOGLE)
1	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 1	2606:4700:303... 2606:4700:3030::ac43:b408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	2a02:b4a:1:7:... 2a02:b4a:1:7::9274:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	18.210.103.13 18.210.103.13	14618 (AMAZON-AES) (AMAZON-AES)
1	173.0.146.207 173.0.146.207	7979 (SERVERS-COM) (SERVERS-COM)
18	15

3 2607:f8b0:4006:81c::2001 (United States) 1 redirects

ASN15169 (GOOGLE, US)

free-porntubevideos.blogspot.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
free-porntubevideos.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2009 (United States)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.221 (Slovakia) 1 redirects

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu

ylx-4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2001 (United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

qoca.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

95488.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:b408 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idygez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.98 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ijftan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mdakky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b4a:1:7::9274:1 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wokoez.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.103.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-103-13.compute-1.amazonaws.com

track.wbdpnz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.0.146.207 (United States)

ASN7979 (SERVERS-COM, US)

bi.epilreoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	blogspot.com free-porntubevideos.blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 12422	94 KB
2	wokoez.com 1 redirects wokoez.com — Cisco Umbrella Rank: 493823	607 B
2	mdakky.com mdakky.com — Cisco Umbrella Rank: 38607	201 B
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 ajax.googleapis.com — Cisco Umbrella Rank: 362	32 KB
2	ylx-4.com 1 redirects ylx-4.com	1 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 10879	59 KB
1	epilreoffer.com bi.epilreoffer.com — Cisco Umbrella Rank: 160521	6 KB
1	wbdpnz.com 1 redirects track.wbdpnz.com — Cisco Umbrella Rank: 489577	615 B
1	ijftan.com ijftan.com	37 KB
1	idygez.com 1 redirects idygez.com — Cisco Umbrella Rank: 615991	571 B
1	95488.space 95488.space	376 B
1	qoca.site qoca.site — Cisco Umbrella Rank: 451110	741 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1082	7 KB
1	blogspot.nl 1 redirects free-porntubevideos.blogspot.nl	298 B
18	15

	Domain	Requested by
2	wokoez.com	1 redirects ijftan.com
2	mdakky.com	ijftan.com
2	lh3.googleusercontent.com	free-porntubevideos.blogspot.com
2	ylx-4.com	1 redirects free-porntubevideos.blogspot.com
2	www.blogger.com	free-porntubevideos.blogspot.com
2	free-porntubevideos.blogspot.com	free-porntubevideos.blogspot.com
1	bi.epilreoffer.com	ijftan.com
1	track.wbdpnz.com	1 redirects
1	ijftan.com	95488.space
1	idygez.com	1 redirects
1	95488.space	qoca.site
1	qoca.site	ylx-4.com
1	1.bp.blogspot.com	free-porntubevideos.blogspot.com
1	ajax.googleapis.com	free-porntubevideos.blogspot.com
1	maxcdn.bootstrapcdn.com	free-porntubevideos.blogspot.com
1	fonts.googleapis.com	free-porntubevideos.blogspot.com
1	free-porntubevideos.blogspot.nl	1 redirects
18	17

This site contains no links.

Subject Issuer	Validity	Valid
misc-sni.blogspot.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
banners.ylx-4.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
qoca.site R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
95488.space R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
ijftan.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
mdakky.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
wokoez.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
bi.epilreoffer.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s
Frame ID: 58443F95672EEA4CB6A9C43C568FD368
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://free-porntubevideos.blogspot.nl/ HTTP 302
https://free-porntubevideos.blogspot.com/ Page URL
https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=814788&ga=a HTTP 302
https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZp... Page URL
https://95488.space/go.php?go=https%3A%2F%2Fidygez.com%2Fgosl%2FInNpZCI6MTMyNTg2Nywic21hcnRsaW5r... Page URL
https://idygez.com/gosl/InNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_... HTTP 302
https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=... Page URL
https://wokoez.com/cuclc?aid=14474828365096764234&t=1708977708&s=877656 HTTP 302
https://track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a537224&campaign_id=877656&co... HTTP 302
https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

17
Subdomains

15
IPs

3
Countries

267 kB
Transfer

730 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://free-porntubevideos.blogspot.nl/ HTTP 302
https://free-porntubevideos.blogspot.com/ Page URL
https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=814788&ga=a HTTP 302
https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252a07bf06fc1f22_3031958_1708977705.5622_27707&refferer=1547036946_aHR0cHM6Ly9mcmVlLXBvcm50dWJldmlkZW9zLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c Page URL
https://95488.space/go.php?go=https%3A%2F%2Fidygez.com%2Fgosl%2FInNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1708977706affb67d5afd27601a265a984%26si1%3D%26si2%3D15442737&do=711ce1ebbcf9b95646caa8a06653a2f6 Page URL
https://idygez.com/gosl/InNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737 HTTP 302
https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737 Page URL
https://wokoez.com/cuclc?aid=14474828365096764234&t=1708977708&s=877656 HTTP 302
https://track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a537224&campaign_id=877656&country=US&browser=Chrome&zone_id=a537224&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner_id=1026113&sub_period={sub_period}&cost=0.0016&click_id=a2_14474828365096764234_537224_2_0 HTTP 302
https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://free-porntubevideos.blogspot.nl/ HTTP 302
https://free-porntubevideos.blogspot.com/

Request Chain 11

https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=814788&ga=a HTTP 302
https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252a07bf06fc1f22_3031958_1708977705.5622_27707&refferer=1547036946_aHR0cHM6Ly9mcmVlLXBvcm50dWJldmlkZW9zLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c

Request Chain 13

https://idygez.com/gosl/InNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737 HTTP 302
https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
free-porntubevideos.blogspot.com/
Redirect Chain

https://free-porntubevideos.blogspot.nl/
https://free-porntubevideos.blogspot.com/

264 KB
72 KB

133ms
121ms

Document
text/html

2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3acd5cb471d739b70a93f4c8181e91c721e5e59247bba26e4dcb138dd0e7c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 73222
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:44 GMT
etag: W/"c0cf4790cb1a00ab63d9b57f6041607a2e6759d43367ad1f973a26c4b1ce8c87"
expires: Mon, 26 Feb 2024 20:01:44 GMT
last-modified: Wed, 21 Feb 2024 02:02:47 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 186
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:44 GMT
expires: Mon, 26 Feb 2024 20:01:44 GMT
location: https://free-porntubevideos.blogspot.com/
server: GSE
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
8 KB 210ms
62ms Stylesheet
text/css 2607:f8b0:4006:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sat, 24 Feb 2024 01:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 20:59:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 23 Feb 2025 01:48:12 GMT

GET
H2 200 mobile_redir.php
ylx-4.com/ 101 B
355 B 498ms
160ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://ylx-4.com/mobile_redir.php?section=dirfreeporn&pub=814788&ga=a&desktop=1
Requested by: Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.200.221 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 20:01:45 GMT
last-modified: Mon, 26 Feb 2024 20:01:45 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Mon, 26 Feb 2024 20:01:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 34 KB
2 KB 225ms
79ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800%7CRaleway:400,500,600,700,800,900%7CPT+Sans:400,700

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d389a4c929be8bbad35b7f43e111746968b42be080050f9d1b85f696149a549e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 20:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 19:56:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 20:01:45 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 149ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:01:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 878
age: 7249413
cdn-cachedat: 09/04/2022 07:29:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 47801fb9004b8a2e3075babab36b33e8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85bac82088fa2594-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 220ms
65ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 07:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Feb 2025 07:34:28 GMT

GET
H2 400 /
free-porntubevideos.blogspot.com/feeds/posts/default/-/ 0
0 116ms
96ms Script
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://free-porntubevideos.blogspot.com/feeds/posts/default/-/?published&alt=json-in-script&callback=labelthumbs

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Blogger Render Server 1.0 /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 20:01:45 GMT
server: Blogger Render Server 1.0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
x-xss-protection: 0

GET
H2 200 1.jpg
1.bp.blogspot.com/-Mgk01MLt3AA/W46PqR7Go8I/AAAAAAAABFo/sWDfl08g6mkiI2c1IpYhj8k2fp9gEnjyACLcBGAs/s320/ 22 KB
22 KB 205ms
62ms Image
image/jpeg 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Mgk01MLt3AA/W46PqR7Go8I/AAAAAAAABFo/sWDfl08g6mkiI2c1IpYhj8k2fp9gEnjyACLcBGAs/s320/1.jpg

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6768c8c7152ae80e1bc53882ce8280dfb4d14c6d235e525fcb0fd95c6cf5f2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 19:55:22 GMT
x-content-type-options: nosniff
age: 383
content-disposition: inline;filename="1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22681
x-xss-protection: 0
server: fife
etag: "v45b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 27 Feb 2024 19:55:22 GMT

GET
H2 200 AEn0k_t1pvINOte3K-4ebHxpEZzqrNX1idBGCIwWTepi8USWWNjj2-Uen0F083TB1Ki-yS7YlXkxOQLWkczrGWJicVTurHIflqQVEIVGeRL_f0ZpL2sNL75yxjK2tfOraXpy0bvgE6mgor3qioiCA2R_r1HYAEx-t_Db9F9dVf83TVEshT5oeL_vXN869wtfuD0xR...
lh3.googleusercontent.com/blogger_img_proxy/ 19 KB
19 KB 202ms
65ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t1pvINOte3K-4ebHxpEZzqrNX1idBGCIwWTepi8USWWNjj2-Uen0F083TB1Ki-yS7YlXkxOQLWkczrGWJicVTurHIflqQVEIVGeRL_f0ZpL2sNL75yxjK2tfOraXpy0bvgE6mgor3qioiCA2R_r1HYAEx-t_Db9F9dVf83TVEshT5oeL_vXN869wtfuD0xRUX13xms6zHIBvgt4PaiEDkHmzbqHw=s0-d

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2ab1dc481083065a52ccd6af6e42d851a327697d7c86071f33224855bd602117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 19:55:22 GMT
x-content-type-options: nosniff
server: fife
age: 383
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19307
x-xss-protection: 0
expires: Tue, 27 Feb 2024 19:55:22 GMT

GET
H2 200 AEn0k_tmuZWhGmz1fjNJlLiZtHU1Xwtlps_KkEx9iaNT8Dn2pbAWSJmF47q9x1g6McztJbIE0-2vkT7rZJMGpsDzEFCgGSuLPtiZaElIP-iH70KAjY8Crth-vH3VOVepis_fg4G_GcHrvgWFWAs2QYs1ZHqMX8cuFQ=s0-d
lh3.googleusercontent.com/blogger_img_proxy/ 12 KB
12 KB 64ms
63ms Image
image/jpeg 2607:f8b0:4006:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tmuZWhGmz1fjNJlLiZtHU1Xwtlps_KkEx9iaNT8Dn2pbAWSJmF47q9x1g6McztJbIE0-2vkT7rZJMGpsDzEFCgGSuLPtiZaElIP-iH70KAjY8Crth-vH3VOVepis_fg4G_GcHrvgWFWAs2QYs1ZHqMX8cuFQ=s0-d

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7a843e1057e558240bfd172f2e91f827e62dcb0184a2b87e539244b512c71dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 19:55:23 GMT
x-content-type-options: nosniff
server: fife
age: 382
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11822
x-xss-protection: 0
expires: Tue, 27 Feb 2024 19:55:23 GMT

GET
H2 200 2650238066-widgets.js
www.blogger.com/static/v1/widgets/ 141 KB
51 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2650238066-widgets.js

Requested by

Host: free-porntubevideos.blogspot.com
URL: https://free-porntubevideos.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2009 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://free-porntubevideos.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 15:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51584
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 12:56:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 25 Feb 2025 15:38:50 GMT

GET
H2

200

/
qoca.site/0c356e95a4/bc18fc1d41/
Redirect Chain

https://ylx-4.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=814788&ga=a
https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252...

700 B
741 B

685ms
176ms

Document
text/html

185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252a07bf06fc1f22_3031958_1708977705.5622_27707&refferer=1547036946_aHR0cHM6Ly9mcmVlLXBvcm50dWJldmlkZW9zLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c

Requested by

Host: ylx-4.com
URL: https://ylx-4.com/mobile_redir.php?section=dirfreeporn&pub=814788&ga=a&desktop=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://free-porntubevideos.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 20:01:46 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

Redirect headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:45 GMT
expires: Mon, 26 Feb 2024 20:01:45 GMT
last-modified: Mon, 26 Feb 2024 20:01:45 GMT
location: https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252a07bf06fc1f22_3031958_1708977705.5622_27707&refferer=1547036946_aHR0cHM6Ly9mcmVlLXBvcm50dWJldmlkZW9zLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 go.php
95488.space/ 643 B
376 B 480ms
156ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://95488.space/go.php?go=https%3A%2F%2Fidygez.com%2Fgosl%2FInNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1708977706affb67d5afd27601a265a984%26si1%3D%26si2%3D15442737&do=711ce1ebbcf9b95646caa8a06653a2f6

Requested by

Host: qoca.site
URL: https://qoca.site/0c356e95a4/bc18fc1d41/?placementName=ROTATOR&type=a&cv=XZixCAdjjZjZArCdikZZpCpCijNriZNrrjNGACrCZZZCCrixCrZZCrCrGCxCiZZjpAprZCCr_45952&adApiR=loaded_string_386216534739511fc3cf9252a07bf06fc1f22_3031958_1708977705.5622_27707&refferer=1547036946_aHR0cHM6Ly9mcmVlLXBvcm50dWJldmlkZW9zLmJsb2dzcG90LmNvbS8=&randomA=yx&templateX348921892=direct&yxDom=eWx4LTQuY29t_bdfb2615848f0cdf110ba813b710123c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.8.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://qoca.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

video-10 Show response
ijftan.com/
Redirect Chain

https://idygez.com/gosl/InNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjYxMTMs?click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737

57 KB
37 KB

678ms
285ms

Document
text/html

31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
Requested by: Host: 95488.space
URL: https://95488.space/go.php?go=https%3A%2F%2Fidygez.com%2Fgosl%2FInNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1708977706affb67d5afd27601a265a984%26si1%3D%26si2%3D15442737&do=711ce1ebbcf9b95646caa8a06653a2f6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 47872528d0e84f54021c45fac6b39e21e57e12c4182ae48c2b1715505623ecb3

Request headers

Referer: https://95488.space/go.php?go=https%3A%2F%2Fidygez.com%2Fgosl%2FInNpZCI6MTMyNTg2Nywic21hcnRsaW5rIjp0cnVlfQ%3D%3DeyJwaWQiOjEwMjYxMTMs%3Fclick_id%3D30affC1708977706affb67d5afd27601a265a984%26si1%3D%26si2%3D15442737&do=711ce1ebbcf9b95646caa8a06653a2f6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:47 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 85bac82cc91167b4-MIA
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 20:01:47 GMT
location: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
max-age: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlBd0VEWeB%2FixK97BRvXFD6h2ejNooVVMC8m12uzQ4ih%2FR%2Fev4snygFOrHFxLrT85Yalqh6MDWT1%2Bu7b6FYYbkYiOUCLOQZvWp0LKFjxHy6ORJTNtzrpv9zzjmhqRYpyQ5MiYUSX1Qo5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-zone: eu

GET
DATA 200
OK truncated
/ 23 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fa1976ede9427f69176f405d723c8829069d7e32d99e3a4f3d50fcf079eda6e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 rpe Show response
mdakky.com/ 0
100 B 436ms
149ms XHR
text/plain 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1026113&st=1325867&wd=537224&d=ijftan.com&tpl=43&rnd=0.2957066604725709&sbid=&sbid2=15442737
Requested by: Host: ijftan.com
URL: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ijftan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Feb 2024 20:01:48 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ 0
101 B 431ms
149ms XHR
text/plain 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=12&src=2&p=1026113&st=1325867&wd=537224&d=ijftan.com&tpl=43&rnd=0.4403178149750959&sbid=&sbid2=15442737
Requested by: Host: ijftan.com
URL: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ijftan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Feb 2024 20:01:48 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 phtbload Show response
wokoez.com/ 150 B
308 B 449ms
150ms Fetch
application/javascript 2a02:b4a:1:7::9274:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wokoez.com/phtbload?a=1&e=aeyJwaWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjR9
Requested by: Host: ijftan.com
URL: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9274:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: abe0ae372b5e2b878c14e5149cd90fbcadbdc20336cf704ac7525e96edaf6ae8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ijftan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Feb 2024 20:01:48 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1

200
OK

Primary Request mjwGW Show response
bi.epilreoffer.com/ilpjsDgCHjPk5ao/
Redirect Chain

https://wokoez.com/cuclc?aid=14474828365096764234&t=1708977708&s=877656
https://track.wbdpnz.com/34cb433c-770b-4be0-a140-affedeca6aad?source_id=a537224&campaign_id=877656&country=US&browser=Chrome&zone_id=a537224&creative_id={CREATIVE_ID}&format=pops&os=Windows&partner...
https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s

12 KB
6 KB

337ms
70ms

Document
text/html

173.0.146.207
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s

Requested by

Host: ijftan.com
URL: https://ijftan.com/video-10?h=waWQiOjEwMjYxMTMsInNpZCI6MTMyNTg2Nywid2lkIjo1MzcyMjQsInNyYyI6Mn0=eyJ&click_id=30affC1708977706affb67d5afd27601a265a984&si1=&si2=15442737

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

173.0.146.207 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

b627d691ce2ad45173566fa376196f7c7f1cbf540f17027ed404af745c31fcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ijftan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Feb 2024 20:01:49 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 26 Feb 2024 20:01:49 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s
pragma: no-cache
server: nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qoca.site/0c356e95a4/bc18fc1d41	1970-01-20 18:43:29	Name: total_impressions Value: 1
.ylx-4.com/	1970-01-20 18:43:30	Name: used_ad3031958 Value: 1
.ylx-4.com/	1970-01-20 18:43:30	Name: total_impressions Value: 1
.ylx-4.com/	1970-01-20 19:26:09	Name: cpa_875164 Value: popup_568828251_4
qoca.site/	1970-01-20 18:43:29	Name: used_ad3031958 Value: 1
.ijftan.com/	1970-01-20 18:44:24	Name: truniq Value: 1
.ijftan.com/	1970-01-20 18:44:24	Name: tracking Value: 1
.ijftan.com/	1970-01-21 03:28:33	Name: prompt Value: 1
.track.wbdpnz.com/	1970-01-20 18:44:24	Name: 34cb433c-770b-4be0-a140-affedeca6aad-v4 Value: JFk4faViHQQhV7QmsWt8rTkOG1TM_DLHVqweAUhzCJE
.track.wbdpnz.com/	1970-01-21 03:28:33	Name: cc-v4 Value: sFduu0oLHPn744yRPYPbznMtW%2BWId9fd8Fwp4SFml9h1Ta8I2ae4wD4mjNcmzHLKUpOBsoQNbP%2FeSShX6AcNr0dJ4BrMNxQefeiIker2lgKrSGCLUHRmXLQ67NTDtswO9k63mbWTKlad0znIJEZO6Q%3D%3D
bi.epilreoffer.com/	1970-01-20 18:44:24	Name: GL_UI4 Value: eJw9jd1Og0AUhKH8tVrQSXgAHwHQlnhpfAgvyWH3QNfCbrOsEN%2FejYlezZfJN5kgCHblA8I1PSD6ohOequqV6Ux1I0TfEslmqGV7bp9fhpZZnhoc1NI56id2MfbLTNZ1bo1xHFmzVaITRnKOR2%2F9NVdtNh0j6S1pmSOZvTHlyHprtoVtGSHWNDPS94s1PpOZPo1FVDeNZ6U9hxV2Zimj4g7Zh9LSD4sjdnVVFGmA%2B9tEbjB27pRMQySjJckI37AX5Hg09huZ5OXqzA0wk%2Bz%2B%2Fd%2FfaKsrpJJXJfy5cRe2P7zETuI%3D
bi.epilreoffer.com/	1970-01-20 18:44:24	Name: GL_GI10 Value: eJwNzDEKg0AQBdCdAZVALD4xvScQNhJiL1gllXiARUUGdEfWTc4fi9c%2BYwwXV7DsyOumsvWjsrapXk%2FQAh568OiRD17iPJV9dHE%2BQAHcvcHBI%2BtWDTI50IjkI24TkODe6jL7WLa6bV8vo4ui%2FgCfLq2GXcP5gPaUwFGzBHxMhQH90tsfYn0jLw%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://free-porntubevideos.blogspot.com/feeds/posts/default/-/?published&alt=json-in-script&callback=labelthumbs Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://bi.epilreoffer.com/ilpjsDgCHjPk5ao/mjwGW?param_4=a537224&param_5=wjti8iv962hovcfv2enhc39s(Line 9) Message: Scripts may close only the windows that were opened by them.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
95488.space
ajax.googleapis.com
bi.epilreoffer.com
fonts.googleapis.com
free-porntubevideos.blogspot.com
free-porntubevideos.blogspot.nl
idygez.com
ijftan.com
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
mdakky.com
qoca.site
track.wbdpnz.com
wokoez.com
www.blogger.com
ylx-4.com
173.0.146.207
18.210.103.13
185.66.200.221
185.66.201.43
185.66.201.8
2606:4700:3030::ac43:b408
2606:4700::6812:bcf
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::200a
2607:f8b0:4006:80f::2009
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2001
2a02:b4a:1:7::9166:1
2a02:b4a:1:7::9274:1
31.220.27.98
2ab1dc481083065a52ccd6af6e42d851a327697d7c86071f33224855bd602117
47872528d0e84f54021c45fac6b39e21e57e12c4182ae48c2b1715505623ecb3
4fa1976ede9427f69176f405d723c8829069d7e32d99e3a4f3d50fcf079eda6e
6768c8c7152ae80e1bc53882ce8280dfb4d14c6d235e525fcb0fd95c6cf5f2dc
7a843e1057e558240bfd172f2e91f827e62dcb0184a2b87e539244b512c71dc8
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a3acd5cb471d739b70a93f4c8181e91c721e5e59247bba26e4dcb138dd0e7c9a
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
abe0ae372b5e2b878c14e5149cd90fbcadbdc20336cf704ac7525e96edaf6ae8
b627d691ce2ad45173566fa376196f7c7f1cbf540f17027ed404af745c31fcb5
d389a4c929be8bbad35b7f43e111746968b42be080050f9d1b85f696149a549e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

bi.epilreoffer.com Open in urlscan Pro 173.0.146.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

63 %IPv6

15 Domains

17 Subdomains

15 IPs

3 Countries

267 kBTransfer

730 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

12 Cookies

2 Console Messages

Security Headers

Indicators

bi.epilreoffer.com Open in urlscan Pro
173.0.146.207 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

63 %
IPv6

15
Domains

17
Subdomains

15
IPs

3
Countries

267 kB
Transfer

730 kB
Size

12
Cookies

18 HTTP transactions
1 data transactions