swiftfling.com Open in urlscan Pro
151.101.65.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covid--19-shop.rf.gd/
Effective URL:
https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22Z...
Submission: On May 07 via manual (May 7th 2020, 6:32:47 am UTC) from AU

Summary HTTP 35 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 18 domains to perform 35 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is swiftfling.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 12th 2020. Valid for: 3 months.

This is the only time swiftfling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	199.59.242.153 199.59.242.153	395082 (BODIS-NJ) (BODIS-NJ)
1	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1 2	198.54.112.216 198.54.112.216	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	52.59.185.192 52.59.185.192	16509 (AMAZON-02) (AMAZON-02)
10	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	188.42.160.79 188.42.160.79	35415 (WEBZILLA) (WEBZILLA)
1	67.22.42.112 67.22.42.112	48684 (VIKINGHOST) (VIKINGHOST)
1	2001:1aa8:185... 2001:1aa8:185::212:101	24642 (NL-CAVEO) (NL-CAVEO)
1	2606:4700::68... 2606:4700::6811:316b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	94.130.38.41 94.130.38.41	24940 (HETZNER-AS) (HETZNER-AS)
2	74.117.182.34 74.117.182.34	40824 (WZCOM-) (WZCOM-)
3	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	213.196.2.1 213.196.2.1	7979 (SERVERS) (SERVERS)
1	213.196.5.4 213.196.5.4	7979 (SERVERS) (SERVERS)
35	16

6 199.59.242.153 (United States) 1 redirects

ASN395082 (BODIS-NJ, US)

covid--19-shop.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.54.112.216 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

6491.negleyns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.185.192 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-185-192.eu-central-1.compute.amazonaws.com

wrison-subustall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

swiftfling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.160.79 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.22.42.112 (Netherlands)

ASN48684 (VIKINGHOST, NL)

trafforsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1aa8:185::212:101 (Netherlands)

ASN24642 (NL-CAVEO, NL)

tracker.ero-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:316b (United States)

ASN13335 (CLOUDFLARENET, US)

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.38.41 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.41.38.130.94.clients.your-server.de

eu.track.digitaladsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.117.182.34 (Fort Lauderdale, United States)

ASN40824 (WZCOM-, US)

stats-d1272-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.2.1 (Netherlands) 1 redirects

ASN7979 (SERVERS, US)

r.remarketingpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.196.5.4 (Netherlands)

ASN7979 (SERVERS, US)

datadbs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	swiftfling.com swiftfling.com	957 KB
6	rf.gd 1 redirects covid--19-shop.rf.gd	14 KB
3	exoclick.com main.exoclick.com	1 KB
2	stats-d1272-serving.com stats-d1272-serving.com	1 KB
2	rtmark.net my.rtmark.net	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	negleyns.com 1 redirects 6491.negleyns.com	865 B
2	gstatic.com fonts.gstatic.com	18 KB
1	datadbs.com datadbs.com	513 B
1	remarketingpixel.com 1 redirects r.remarketingpixel.com	832 B
1	digitaladsystems.com eu.track.digitaladsystems.com	199 B
1	tsyndicate.com tsyndicate.com	622 B
1	ero-advertising.com tracker.ero-advertising.com	131 B
1	trafforsrv.com trafforsrv.com	389 B
1	googletagmanager.com www.googletagmanager.com	26 KB
1	wrison-subustall.com 1 redirects wrison-subustall.com	2 KB
1	googleapis.com fonts.googleapis.com	791 B
1	google.com www.google.com	58 KB
35	18

	Domain	Requested by
10	swiftfling.com	6491.negleyns.com swiftfling.com
6	covid--19-shop.rf.gd	1 redirects covid--19-shop.rf.gd
3	main.exoclick.com	swiftfling.com
2	stats-d1272-serving.com	swiftfling.com
2	my.rtmark.net	www.googletagmanager.com swiftfling.com
2	www.google-analytics.com	www.googletagmanager.com swiftfling.com
2	6491.negleyns.com	1 redirects covid--19-shop.rf.gd
2	fonts.gstatic.com
1	datadbs.com	swiftfling.com
1	r.remarketingpixel.com	1 redirects
1	eu.track.digitaladsystems.com	swiftfling.com
1	tsyndicate.com	swiftfling.com
1	tracker.ero-advertising.com	swiftfling.com
1	trafforsrv.com	swiftfling.com
1	www.googletagmanager.com	swiftfling.com
1	wrison-subustall.com	1 redirects
1	fonts.googleapis.com	covid--19-shop.rf.gd
1	www.google.com	covid--19-shop.rf.gd
35	18

This site contains links to these domains. Also see Links.

Domain
wrison-subustall.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
info-extraction.glib.ai Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh
*.trafforsrv.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-21` - `2020-11-20`	a year	crt.sh
*.ero-advertising.com RapidSSL TLS RSA CA G1	`2019-03-18` - `2021-04-16`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
eu.track.digitaladsystems.com Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh
stats-d1272-serving.com Let's Encrypt Authority X3	`2020-03-23` - `2020-06-21`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2019-09-18` - `2020-10-02`	a year	crt.sh
datadbs.com Let's Encrypt Authority X3	`2020-03-15` - `2020-06-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Frame ID: 63BDDD0BB969C7E9A5364A5783B2E73E
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid--19-shop.rf.gd/ Page URL
http://covid--19-shop.rf.gd/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F32166807%2F158883... HTTP 302
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232... Page URL
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232... HTTP 302
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-rf.gd&ca... HTTP 302
https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

35
Requests

80 %
HTTPS

39 %
IPv6

18
Domains

18
Subdomains

16
IPs

3
Countries

1098 kB
Transfer

1354 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wrison-subustall.com/click
Title: Accepter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid--19-shop.rf.gd/ Page URL
http://covid--19-shop.rf.gd/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F32166807%2F1588833133%2Fmf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232%2FYXBpeDAzLXJmLmdk%2Ffeed&notadsafe HTTP 302
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed Page URL
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk HTTP 302
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id={flow_id}&cpv=0.001&clickid=1588833135.22-32166807-47735 HTTP 302
https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://covid--19-shop.rf.gd/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F32166807%2F1588833133%2Fmf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232%2FYXBpeDAzLXJmLmdk%2Ffeed&notadsafe HTTP 302
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed

Request Chain 29

https://r.remarketingpixel.com/px.gif?akey=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1732333593 HTTP 307
https://datadbs.com/dbs?uuid=d72f931a-a2a1-45ec-8b52-994bfd7d197d&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjE4MzAiOjE1ODg4MzMxMzZ9LCJhY2NsIjp7ICIyMCwwIjoxNTg4ODMzMTM2fX0.YlUmO8t6-74FoWxCzJ8ptzxbM3nAXhQUZnW2jnxd8ok

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
covid--19-shop.rf.gd/ 4 KB
4 KB 251ms
188ms Document
text/html 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://covid--19-shop.rf.gd/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 4db8aee3c3ced09a45926a5ea9884804592f6791d26579af15ad3c4927b8a018

Request headers

Host: covid--19-shop.rf.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: openresty
Date: Thu, 07 May 2020 06:32:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BXK/XFlOaY8CLcw+2F/crDKvWNzRbeQKrlnl8D2+HYnMv1CY0w4w9YmF/XdkKWQjnJISQ63+4XaPC7d+1qLpAQ==

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 162 KB
58 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d0069272e07a939a33b9c8f8475c5643b6bfe7e343811733c759f559ae7a0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "12326141676211367737"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Thu, 07 May 2020 06:32:13 GMT

GET
H/1.1 200
OK px.gif
covid--19-shop.rf.gd/ 42 B
275 B 106ms
105ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://covid--19-shop.rf.gd/px.gif?ch=1&rn=9.889121108993857
Requested by: Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:13 GMT
Last-Modified: Tue, 11 Feb 2020 15:25:56 GMT
Server: openresty
ETag: "5e42c784-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
covid--19-shop.rf.gd/ 42 B
275 B 226ms
203ms Image
image/gif 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://covid--19-shop.rf.gd/px.gif?ch=2&rn=9.889121108993857
Requested by: Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:13 GMT
Last-Modified: Tue, 11 Feb 2020 15:26:27 GMT
Server: openresty
ETag: "5e42c7a3-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
covid--19-shop.rf.gd/ 8 KB
8 KB 140ms
139ms Script
text/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://covid--19-shop.rf.gd/glp?r=&u=http%3A%2F%2Fcovid--19-shop.rf.gd%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash: 9745547be118c779509b6eb120f3403043a68c49595dd0b44adb5d45ef515547

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 06:32:13 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
791 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/glp?r=&u=http%3A%2F%2Fcovid--19-shop.rf.gd%2F&rw=1600&rh=1200&ww=1600&wh=1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 May 2020 06:32:13 GMT
server: ESF
date: Thu, 07 May 2020 06:32:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 May 2020 06:32:13 GMT

POST
H/1.1 200
OK gzb
covid--19-shop.rf.gd/ 206 B
523 B 538ms
538ms XHR
text/javascript 199.59.242.153
BODIS-NJ

General

Check archive.org

Show headers Download Go to

Full URL: http://covid--19-shop.rf.gd/gzb
Requested by: Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/glp?r=&u=http%3A%2F%2Fcovid--19-shop.rf.gd%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 199.59.242.153 , United States, ASN395082 (BODIS-NJ, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: http://covid--19-shop.rf.gd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 06:32:14 GMT
Server: openresty
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 206
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://covid--19-shop.rf.gd

Response headers

date: Fri, 10 Apr 2020 00:09:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:37 GMT
server: sffe
age: 2355752
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Sat, 10 Apr 2021 00:09:41 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Origin: http://covid--19-shop.rf.gd

Response headers

date: Wed, 06 May 2020 00:50:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 106916
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 06 May 2021 00:50:17 GMT

GET
H/1.1

200
OK

feed
6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/
Redirect Chain

http://covid--19-shop.rf.gd/rz?u=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F32166807%2F1588833133%2Fmf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232%2FYXBpeDAzLXJmLmdk%2Ffeed&notadsafe
http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed

408 B
496 B

534ms
501ms

Document
text/html

198.54.112.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed
Requested by: Host: covid--19-shop.rf.gd
URL: http://covid--19-shop.rf.gd/glp?r=&u=http%3A%2F%2Fcovid--19-shop.rf.gd%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 198.54.112.216 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: 6491.negleyns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://covid--19-shop.rf.gd/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://covid--19-shop.rf.gd/

Response headers

Server: nginx/1.14.2
Date: Thu, 07 May 2020 06:32:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Content-Encoding: gzip

Redirect headers

Server: openresty
Date: Thu, 07 May 2020 06:32:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
Location: http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed

GET
H2

200

Primary Request / Show response
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/
Redirect Chain

http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk
https://wrison-subustall.com/8b0384b4-eb5f-42b7-9468-4177830d3930?revenue={payout}&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id={flow_id}&cpv=0.001&clic...
https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG...

9 KB
3 KB

426ms
355ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735

Requested by

Host: 6491.negleyns.com
URL: http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

97689b3c3c5ea68ae038afe453f31b9503ca95ba74e52f591db25ce93c00a79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

:method: GET
:authority: swiftfling.com
:scheme: https
:path: /adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://6491.negleyns.com/match-6491/47735/32166807/1588833133/mf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232/YXBpeDAzLXJmLmdk/feed

Response headers

status: 200
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: 1d63e7028ad13b4c2ef63b8d3c7e05688e2bee725e4d694fc510f72c2ecd868b
last-modified: Fri, 01 May 2020 14:07:13 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Thu, 07 May 2020 06:32:15 GMT
x-served-by: cache-cdg20744-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1588833136.577615,VS0,VE331
vary: x-fh-requested-host, accept-encoding
content-length: 2878

Redirect headers

Server: nginx
Date: Thu, 07 May 2020 06:32:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Pragma: no-cache
Set-Cookie: 8b0384b4-eb5f-42b7-9468-4177830d3930-v4=8b0384b4-eb5f-42b7-9468-4177830d3930; Max-Age=86400; Expires=Fri, 08-May-2020 06:32:15 GMT; Domain=wrison-subustall.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=4L-LtrpqlFIo3Z8aF4Ko1ByZbvppZf_sg_C6Bdv9RHIMn-t51Ks069VqBiRmaw46iO12vl2Z7LrKv4CZHgWgiUDfSJUql-g-40BzmdHawTcSDqQ6q-AdyVkJRnmmhRSIyUidrIRkFSJlRTzv9BFjTn3ZINZX4nYNMqjVX_DK9ZgvYO_7G778Q4QTyJipAsJ1YmN9UKpKxfCK3wYMu5wlsydgo8IBWmGFeZ08DW5wLoV_p_kf52-lIaI73q5uXcvi_t2ixKeLAVG5u2jdkPPpRyXaypRAmjFG9oX_2jRBcDh8pjXk86y2Kob2oaXtXqDEYHlE0WKoTpDLm76uHEzgMl-Revtnp8hv0qvUoUBR4RwtmPK3UvJ6ZTh3YbYkXCRrixzb7hOHvGfMHE-apIi_cX5wg0U2TXw9nf_dn5OIZjJTjIM_DQJEeIr9PfQQEzR4ZJ4Kj_KKV6wZ8c0OdEkaMCBRozSnKct64Gn-P_3g_rhr-P1fJsThviVgh-MtGLjrdzTIuqkjm_umw5ZkAMq2P5hWZu8dqiOjyrDuw_fCRAmUGgX0b9ifCweC_Uaqkelu; Max-Age=86400; Expires=Fri, 08-May-2020 06:32:15 GMT; Domain=wrison-subustall.com; Path=/; Secure; HttpOnly;SameSite=None

GET
H2 200 style.css
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/css/ 11 KB
2 KB 24ms
23ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/css/style.css

Requested by

Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b175d8ca22790652157773d57bea9f42c486e63ab6dabddde5debae18d31f006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.948117,VS0,VE0
etag: 73b8dad11b3b607a73ed82ba7a681ee3e05076d75af57858f5e7eca57420c31f
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:15 GMT
accept-ranges: bytes
content-length: 1700
x-cache-hits: 2

GET
H2 200 javascriptje.js Show response
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/js/ 85 KB
30 KB 25ms
24ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/js/javascriptje.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04378445af160757c9616795d113e0970f02cb40d9d3e9fda029bf684e8956bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.948148,VS0,VE0
etag: ebe870ee505416e053737a68b234b75b593118502bc5b10eb3acbbf8229909ed
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:15 GMT
accept-ranges: bytes
content-length: 30543
x-cache-hits: 2

GET
H2 200 bg2.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 130 KB
130 KB 26ms
25ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg2.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.974619,VS0,VE1
etag: 748ece048a165a9b2352da9e9601e2d7fb2e1d04d1c7cf93dd9cb658b17bca9c
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:15 GMT
accept-ranges: bytes
content-length: 132921
x-cache-hits: 1

GET
H2 200 bg3.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 159 KB
159 KB 46ms
46ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg3.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.998501,VS0,VE1
etag: 14aaa99d76c3b3d5a85d9e43bd1b0d42b4bbf178b670b6357f3eae84f8a25d87
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:15 GMT
accept-ranges: bytes
content-length: 162135
x-cache-hits: 1

GET
H2 200 bg4.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 125 KB
125 KB 57ms
56ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg4.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.008368,VS0,VE0
etag: 4d50304bdf3973e2d6dda60b2cb1f9e5953b611bbca0f6164f7a02a29788a3e9
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:16 GMT
accept-ranges: bytes
content-length: 127380
x-cache-hits: 2

GET
H2 200 bg5.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 113 KB
113 KB 67ms
65ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg5.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.010363,VS0,VE0
etag: beeb761689d638579c18884128601330457842e33f72c9c747431c79bdeeac23
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:16 GMT
accept-ranges: bytes
content-length: 115798
x-cache-hits: 2

GET
H2 200 bg6.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 164 KB
164 KB 82ms
80ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg6.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.010471,VS0,VE1
etag: e8c899801aab332670c04ff04a41ae67d41112ff8a02b40ae7b8f0d174fa5a43
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:16 GMT
accept-ranges: bytes
content-length: 167275
x-cache-hits: 1

GET
H2 200 bg7.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 124 KB
123 KB 71ms
70ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg7.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.010547,VS0,VE0
etag: b6c423403a9fe3672659638f4a8456e115012b63a4e6c94aa74458c19b19fe02
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:16 GMT
accept-ranges: bytes
content-length: 126182
x-cache-hits: 2

GET
H2 200 bg1.jpg
swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/ 109 KB
109 KB 78ms
77ms Image
image/jpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/images/bg1.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 01 May 2020 14:07:13 GMT
x-timer: S1588833136.010629,VS0,VE0
etag: 34f14374ccf040caa1e5eb06528439d7fa22a377ece95085d5fe8a51f0eef1a6
x-served-by: cache-cdg20744-CDG
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/jpeg
status: 200
cache-control: max-age=3600
date: Thu, 07 May 2020 06:32:16 GMT
accept-ranges: bytes
content-length: 111077
x-cache-hits: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
26 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2c5f0eefbc375fcba4fbe6366a05657bdf7de1d715de424c8437a4b9290918f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 07 May 2020 06:32:16 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26921
x-xss-protection: 0
last-modified: Thu, 07 May 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 May 2020 06:32:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6821
date: Thu, 07 May 2020 04:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18174
expires: Thu, 07 May 2020 06:38:35 GMT

GET
H/1.1 200
OK p.js Show response
my.rtmark.net/ 697 B
1 KB 194ms
40ms Script
text/javascript 188.42.160.79
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=ab30ce381235c0afb5799402c86b96587f5b8c989c6dceae2a4e09fc7e38406a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

d830c8b445cbd3d467f34a54db8c88bea57769dd50744756c27ad2449d877831

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 697

GET
H/1.1 200
OK retargeting.php
trafforsrv.com/ 35 B
389 B 175ms
68ms Image
image/gif 67.22.42.112
VIKINGHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trafforsrv.com/retargeting.php?id=981&gtmcb=1513240674
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.22.42.112 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 May 2020 06:32:16 GMT
Server: nginx
P3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 35
Expires: 0

GET
H2 200 rtpixel.php
tracker.ero-advertising.com/tracking/ 43 B
131 B 61ms
17ms Image
image/gif 2001:1aa8:185::212:101
NL-CAVEO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.ero-advertising.com/tracking/rtpixel.php?id=366&uid=93106&gtmcb=681902666
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:1aa8:185::212:101 , Netherlands, ASN24642 (NL-CAVEO, NL),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 07 May 2020 06:32:16 GMT
server: nginx
x-backend-server: nl1-web213-54
content-length: 43
content-type: image/gif

GET
H2 200 06eb0705-463f-4b96-836b-64bf3cfa8631
tsyndicate.com/api/v1/retargeting/set/ 35 B
622 B 53ms
19ms Image
image/gif 2606:4700::6811:316b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1324485496
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:316b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 06:32:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: image/gif; charset=utf-8
status: 200
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-request-id: 58f8e71cee80175e-FRA
cf-ray: 58f8e71cee80175e-FRA
content-length: 35
cf-request-id: 028f6ec6110000175ef4260200000001
x-robots-tag: none, noindex, nofollow
expires: 0

GET
H/1.1 200
OK rlu
eu.track.digitaladsystems.com/ads/ 35 B
199 B 171ms
42ms Image
image/gif 94.130.38.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu.track.digitaladsystems.com/ads/rlu?rl=20&gtmcb=66506443
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.38.41 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.41.38.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200 segment
stats-d1272-serving.com/tracking/ 49 B
637 B 836ms
215ms Image
image/gif 74.117.182.34
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-d1272-serving.com/tracking/segment?key=a8c4bae6-9860-4bad-99bf-efecafc9fb81&gtmcb=1907919481
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.117.182.34 Fort Lauderdale, United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Last-Modified: Thu, 07 May 2020 06:32:16 GMT
x-responded-by: cors-support-provider
ETag: W/"aef4f843e400b978fcf1c1f2eb5737caa06a928c900eace64e54329201ea87bb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: set-cookie
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 49
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
397 B 127ms
47ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=2024174357
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
397 B 129ms
43ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=321579828
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

dbs
datadbs.com/
Redirect Chain

https://r.remarketingpixel.com/px.gif?akey=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1732333593
https://datadbs.com/dbs?uuid=d72f931a-a2a1-45ec-8b52-994bfd7d197d&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjE4MzAiOjE1ODg4MzMxMzZ9LCJhY2NsIjp7ICIyMCwwIjoxNTg4ODMzMTM2fX0.YlUmO8t6...

7 B
513 B

119ms
38ms

Image
image/gif

213.196.5.4
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datadbs.com/dbs?uuid=d72f931a-a2a1-45ec-8b52-994bfd7d197d&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjE4MzAiOjE1ODg4MzMxMzZ9LCJhY2NsIjp7ICIyMCwwIjoxNTg4ODMzMTM2fX0.YlUmO8t6-74FoWxCzJ8ptzxbM3nAXhQUZnW2jnxd8ok
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.196.5.4 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
Cache-Control: no-cache, : no-cache
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: image/gif, image/gif
Content-Length: 7
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Thu, 07 May 2020 06:32:16 GMT
Server: nginx/1.17.6
Content-Type: image/gif
Location: https://datadbs.com/dbs?uuid=d72f931a-a2a1-45ec-8b52-994bfd7d197d&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoxLCJhY3VzIjoxLCJhY2kiOnsgIjE4MzAiOjE1ODg4MzMxMzZ9LCJhY2NsIjp7ICIyMCwwIjoxNTg4ODMzMTM2fX0.YlUmO8t6-74FoWxCzJ8ptzxbM3nAXhQUZnW2jnxd8ok
Cache-Control: max-age=0, : no-cache
Connection: keep-alive
Content-Length: 0
Expires: Thu, 07 May 2020 06:32:16 GMT

GET
H/1.1 200
OK tag.php
main.exoclick.com/ 0
397 B 165ms
58ms Image
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=1358422089
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200 segment
stats-d1272-serving.com/tracking/ 49 B
637 B 781ms
214ms Image
image/gif 74.117.182.34
WZCOM-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-d1272-serving.com/tracking/segment?key=da813846-7710-4846-ae14-3396e3c110d9
Requested by: Host: swiftfling.com
URL: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.117.182.34 Fort Lauderdale, United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Last-Modified: Thu, 07 May 2020 06:32:16 GMT
x-responded-by: cors-support-provider
ETag: W/"aef4f843e400b978fcf1c1f2eb5737caa06a928c900eace64e54329201ea87bb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: set-cookie
Cache-Control: no-cache, no-store, no-transform, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 49
Access-Control-Request-Headers: origin,accept,content-type,x-requested-with

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1276568984&t=pageview&_s=1&dl=https%3A%2F%2Fswiftfling.com%2Fadu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv%2F%3Fcep%3DTBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r%26lptoken%3D157388fa83c649253542%26revenue%3D%257Bpayout%257D%26target%3Dapix03-rf.gd%26category%3D%26S1%3D3791%26keyword%3D%26sid%3D32166807%26cid%3D47735%26aff_id%3D1772%26flow_id%3D%257Bflow_id%257D%26cpv%3D0.001%26clickid%3D1588833135.22-32166807-47735&dr=http%3A%2F%2F6491.negleyns.com%2Fmatch-6491%2F47735%2F32166807%2F1588833133%2Fmf_a46a9c5f-0540-4e0f-b4eb-debdab7c7232%2FYXBpeDAzLXJmLmdk%2Ffeed&ul=en-us&de=UTF-8&dt=Instant%20Sex%20Hookups&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1916726981&gjid=1774270127&cid=1485176315.1588833136&tid=UA-133587726-1&_gid=1491745421.1588833136&_r=1&gtm=2wg4t0TMR4NP&z=1506540776

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 May 2020 06:32:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
my.rtmark.net/ 43 B
707 B 41ms
40ms Image
image/gif 188.42.160.79
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=ab30ce381235c0afb5799402c86b96587f5b8c989c6dceae2a4e09fc7e38406a&ttl=&rurl=https%3A%2F%2Fswiftfling.com%2Fadu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv%2F%3Fcep%3DTBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r%26lptoken%3D157388fa83c649253542%26revenue%3D%257Bpayout%257D%26target%3Dapix03-rf.gd%26category%3D%26S1%3D3791%26keyword%3D%26sid%3D32166807%26cid%3D47735%26aff_id%3D1772%26flow_id%3D%257Bflow_id%257D%26cpv%3D0.001%26clickid%3D1588833135.22-32166807-47735

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://swiftfling.com/adu_fr_18_09_1_straight_amateur_teen_all_voluum_bb_mb9_jv/?cep=TBcF1yTxWCmR9uFGUmxD4LWCGwbMvJ22ZaMh18QLRfTwLIJP66jE6I_Zf_SGBZZgHFHHkJ90S5hnb8EvAhvvLIXkXRWw0WAuN_4hObMvwhC-CTG8Cw29vb_j-i_FaEOriGXrDf_LnNrPpWbaMAIWcPnntnZaCxhKWT0dyA9NEVWZMytA5CDKbER-qKvR7BOwfhRyzeqVS8RtcACbzvHeb5pDyLGgefLMiVd86tt3XFXuE6hMholLvnWlY6d-Szt9G8C2sH_wEXD4Qhngvp9EU2EEofmxCerCFz72X4CzcFY8yPZxQbQA-y1eGTtpT7ht328OLeo-_xSKya9N16vKfVFOJWBFIxDF5Qu4E-TeujOzF69BmI9bo-zpTCglmHvb9x0mQ_DP_GP0Nqu9tyc-7IFhrxeNafj14TDXLvVObKVyOVDjbg0jf-ZwtICNHwung3kAGCeuVl6hWgdgHCF68vkphKJ9QHSe34S34TBxbLUfclIh2Uml3eXavqYqgM6uDtaupS6izdzNokCIIcWmUdxY6bgxJFa6yNdZomreC1-1ZkdD39yJzIIWnSZy8e-r&lptoken=157388fa83c649253542&revenue=%7Bpayout%7D&target=apix03-rf.gd&category=&S1=3791&keyword=&sid=32166807&cid=47735&aff_id=1772&flow_id=%7Bflow_id%7D&cpv=0.001&clickid=1588833135.22-32166807-47735
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 07 May 2020 06:32:16 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.swiftfling.com/	1970-01-19 09:20:33	Name: _gat_UA-133587726-1 Value: 1
.swiftfling.com/	1970-01-19 09:21:59	Name: _gid Value: GA1.2.1491745421.1588833136
.swiftfling.com/	1970-01-20 02:51:45	Name: _ga Value: GA1.2.1485176315.1588833136

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6491.negleyns.com
covid--19-shop.rf.gd
datadbs.com
eu.track.digitaladsystems.com
fonts.googleapis.com
fonts.gstatic.com
main.exoclick.com
my.rtmark.net
r.remarketingpixel.com
stats-d1272-serving.com
swiftfling.com
tracker.ero-advertising.com
trafforsrv.com
tsyndicate.com
wrison-subustall.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.65.195
188.42.160.79
198.54.112.216
199.59.242.153
2001:1aa8:185::212:101
213.196.2.1
213.196.5.4
2606:4700::6811:316b
2a00:1450:4001:809::200e
2a00:1450:4001:814::200a
2a00:1450:4001:815::2004
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
52.59.185.192
67.22.42.112
74.117.182.34
94.130.38.41
95.211.229.246
04378445af160757c9616795d113e0970f02cb40d9d3e9fda029bf684e8956bb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804
4db8aee3c3ced09a45926a5ea9884804592f6791d26579af15ad3c4927b8a018
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c
7d0069272e07a939a33b9c8f8475c5643b6bfe7e343811733c759f559ae7a0ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2
90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8
9745547be118c779509b6eb120f3403043a68c49595dd0b44adb5d45ef515547
97689b3c3c5ea68ae038afe453f31b9503ca95ba74e52f591db25ce93c00a79d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b175d8ca22790652157773d57bea9f42c486e63ab6dabddde5debae18d31f006
b2c5f0eefbc375fcba4fbe6366a05657bdf7de1d715de424c8437a4b9290918f
bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77
bfa21901e87e44f386b8208764bc596acaaaa085e560bf989d40982eb0e5a7c8
d830c8b445cbd3d467f34a54db8c88bea57769dd50744756c27ad2449d877831
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780

swiftfling.com Open in urlscan Pro 151.101.65.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

80 %HTTPS

39 %IPv6

18 Domains

18 Subdomains

16 IPs

3 Countries

1098 kBTransfer

1354 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

swiftfling.com Open in urlscan Pro
151.101.65.195 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

80 %
HTTPS

39 %
IPv6

18
Domains

18
Subdomains

16
IPs

3
Countries

1098 kB
Transfer

1354 kB
Size

3
Cookies

35 HTTP transactions
0 data transactions