urlscan.io logo urlscan.io
SecurityTrails logo

www.onscreens.me Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Submission: On August 12 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 25 domains to perform 122 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onscreens.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2022. Valid for: a year.
This is the only time www.onscreens.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 62.122.171.6 50245 (SERVEREL-AS)
1 6 185.94.236.253 42567 (MOJHOST-EU)
5 2a01:4f8:161:... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 151.139.128.10 20446 (STACKPATH...)
6 205.185.216.10 20446 (STACKPATH...)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4860:486... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
13 151.101.2.137 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 162.247.243.29 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 174.137.133.17 27257 (WEBAIR-IN...)
122 26
35    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.onscreens.me
video.q34r.org
commentsmodule.com
3    62.122.171.6 (United States)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.171.6.serverel.net
pasbstbovc.com
6    185.94.236.253 (Netherlands)

ASN42567 (MOJHOST-EU, NL)
poweredby.jads.co
5    2a01:4f8:161:6222::2 (Fürth, Germany)

ASN24940 (HETZNER-AS, DE)
blow.week1time.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3038::6815:ea82 (United States)

ASN13335 (CLOUDFLARENET, US)
statistic.satiq.net
4    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6816:2747 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tapioni.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
4    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ads.juicyads.com
6    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
i.jads.co
5    2606:4700::6812:6528 (United States)

ASN13335 (CLOUDFLARENET, US)
chaturbate.com
6    2606:4700::6810:5e2a (United States)

ASN13335 (CLOUDFLARENET, US)
static-assets.highwebmedia.com
2    2606:4700::6813:f253 (United States)

ASN13335 (CLOUDFLARENET, US)
roomimg.stream.highwebmedia.com
1    2001:4860:4860::8844 (United States)

ASN15169 (GOOGLE, US)
dns.google
3    2606:4700:3035::ac43:a5b8 (United States)

ASN13335 (CLOUDFLARENET, US)
sadjklq.com
13    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2606:4700:3034::ac43:aba9 (United States)

ASN13335 (CLOUDFLARENET, US)
videocdnmetrika.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
marazma.com
1    174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.poprtb.com
Apex Domain
Subdomains		 Transfer
18 onscreens.me
www.onscreens.me
140 KB
16 q34r.org
video.q34r.org
135 KB
13 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 475
48 KB
12 jads.co
poweredby.jads.co — Cisco Umbrella Rank: 30926
i.jads.co — Cisco Umbrella Rank: 52715
148 KB
8 highwebmedia.com
static-assets.highwebmedia.com — Cisco Umbrella Rank: 17322
roomimg.stream.highwebmedia.com — Cisco Umbrella Rank: 18800
103 KB
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4117
77 KB
5 chaturbate.com
chaturbate.com — Cisco Umbrella Rank: 14152
33 KB
5 gstatic.com
fonts.gstatic.com
101 KB
5 week1time.com
blow.week1time.com
94 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1042
64 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
202 KB
3 sadjklq.com
sadjklq.com — Cisco Umbrella Rank: 118388
3 KB
3 pasbstbovc.com
pasbstbovc.com — Cisco Umbrella Rank: 963398
37 KB
2 marazma.com
marazma.com — Cisco Umbrella Rank: 191456
905 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 295
733 B
2 videocdnmetrika.com
videocdnmetrika.com — Cisco Umbrella Rank: 213984
2 KB
2 satiq.net
statistic.satiq.net
22 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
2 KB
1 poprtb.com
xml.poprtb.com — Cisco Umbrella Rank: 157680
165 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
87 KB
1 dns.google
dns.google — Cisco Umbrella Rank: 942
457 B
1 juicyads.com
ads.juicyads.com — Cisco Umbrella Rank: 370872
284 KB
1 commentsmodule.com
commentsmodule.com — Cisco Umbrella Rank: 104710
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2069
246 B
1 tapioni.com
cdn.tapioni.com — Cisco Umbrella Rank: 59605
1 KB
122 25
Domain Requested by
18 www.onscreens.me www.onscreens.me
16 video.q34r.org www.onscreens.me
video.q34r.org
unpkg.com
13 js-agent.newrelic.com chaturbate.com
8 mc.yandex.ru 1 redirects www.onscreens.me
videocdnmetrika.com
cdn.jsdelivr.net
mc.yandex.ru
6 static-assets.highwebmedia.com chaturbate.com
static-assets.highwebmedia.com
6 i.jads.co poweredby.jads.co
6 poweredby.jads.co 1 redirects www.onscreens.me
poweredby.jads.co
5 chaturbate.com 2 redirects poweredby.jads.co
chaturbate.com
5 fonts.gstatic.com fonts.googleapis.com
5 blow.week1time.com www.onscreens.me
blow.week1time.com
4 unpkg.com video.q34r.org
4 www.googletagmanager.com www.onscreens.me
www.googletagmanager.com
video.q34r.org
chaturbate.com
3 sadjklq.com video.q34r.org
sadjklq.com
3 pasbstbovc.com www.onscreens.me
pasbstbovc.com
2 marazma.com 1 redirects video.q34r.org
2 bam.nr-data.net chaturbate.com
2 videocdnmetrika.com sadjklq.com
videocdnmetrika.com
2 roomimg.stream.highwebmedia.com chaturbate.com
2 statistic.satiq.net www.onscreens.me
statistic.satiq.net
2 fonts.googleapis.com www.onscreens.me
video.q34r.org
1 xml.poprtb.com
1 cdn.jsdelivr.net videocdnmetrika.com
1 dns.google video.q34r.org
1 ads.juicyads.com poweredby.jads.co
1 commentsmodule.com video.q34r.org
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.tapioni.com blow.week1time.com
122 27

This site contains links to these domains. Also see Links.

Domain
theporndude.com
bongacams.com
t.me
ddownload.com
www.amateurshouse.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-14 -
2023-09-14		 a year crt.sh

Buypass Class 2 CA 5		 2023-05-31 -
2023-11-26		 6 months crt.sh
8sptzne.mom
R3		 2023-07-06 -
2023-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
q34r.org
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
satiq.net
GTS CA 1P5		 2023-06-16 -
2023-09-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2022-12-26 -
2024-01-26		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
commentsmodule.com
GTS CA 1P5		 2023-06-16 -
2023-09-14		 3 months crt.sh
*.juicyads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-12 -
2024-06-11		 a year crt.sh
*.highwebmedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-03 -
2023-10-05		 a year crt.sh
*.live.mmcdn.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2024-03-08		 a year crt.sh
dns.google
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
sadjklq.com
GTS CA 1P5		 2023-07-27 -
2023-10-25		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
videocdnmetrika.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
marazma.com
GTS CA 1P5		 2023-08-02 -
2023-10-31		 3 months crt.sh
*.poprtb.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh

This page contains 14 frames:

Primary Page: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Frame ID: 52F4F0833BCD4546BE3DA03FE25ADFBC
Requests: 43 HTTP requests in this frame

Frame: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Frame ID: 7A59B6EAC986AB3F61F7DBF547BA82F4
Requests: 28 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000494
Frame ID: CD8B9543FD83B1BFE5D56A0D2C92B417
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000494
Frame ID: 1BEEA9CDA8D6C2B7CF91D60FA8965D46
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1005493
Frame ID: 909C2D5B029E32D9CB134FEE77ADAF3E
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1005493
Frame ID: 337A74512CB405B9EA785661D395DC1D
Requests: 3 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000493
Frame ID: 897889BC7BCA6CAA17BC7BFCFFA1679D
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000493
Frame ID: DAE09AF5D5166BA0EE450F49AABD8836
Requests: 3 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000049
Frame ID: FA5B3209B7FE038A7D2D72D59E4F62E1
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1000049
Frame ID: B39E65E0E2C26E6AAFD2B61E5AA31009
Requests: 3 HTTP requests in this frame

Frame: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Frame ID: F76E40BA4389E3F68667C249D6FD1345
Requests: 25 HTTP requests in this frame

Frame: https://chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 79CD55057FB6BE1E325DC3D069559D72
Requests: 2 HTTP requests in this frame

Frame: https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
Frame ID: 30F32254807A90C5C01DDF592FD73DC0
Requests: 7 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
Frame ID: 8C6F657CE8AB1FC38D74ACDFDFB80DB4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

priyarj: / 07/19/2023, 17:58:27 - stripchat - ONScreens.me

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

122
Requests

93 %
HTTPS

72 %
IPv6

25
Domains

27
Subdomains

26
IPs

4
Countries

1580 kB
Transfer

3352 kB
Size

37
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://poweredby.jads.co/js/jads.js HTTP 301
  • https://poweredby.jads.co/js/jads2.js
Request Chain 55
  • https://chaturbate.com/in/?track=lstlbmescreeons&tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1 HTTP 302
  • https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Request Chain 60
  • https://mc.yandex.ru/watch/86516845?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1341740528741%3Ahid%3A842940397%3Az%3A120%3Ai%3A20230812204928%3Aet%3A1691866168%3Ac%3A1%3Arn%3A72076238%3Arqn%3A1%3Au%3A1691866168335629020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C59%2C65%2C3%2C0%2C0%2C%2C402%2C0%2C%2C%2C%2C553%3Aco%3A0%3Acpf%3A1%3Ans%3A1691866167377%3Arqnl%3A1%3Ast%3A1691866168%3At%3Apriyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1341740528741%3Ahid%3A842940397%3Az%3A120%3Ai%3A20230812204928%3Aet%3A1691866168%3Ac%3A1%3Arn%3A72076238%3Arqn%3A1%3Au%3A1691866168335629020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C59%2C65%2C3%2C0%2C0%2C%2C402%2C0%2C%2C%2C%2C553%3Aco%3A0%3Acpf%3A1%3Ans%3A1691866167377%3Arqnl%3A1%3Ast%3A1691866168%3At%3Apriyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Request Chain 89
  • https://chaturbate.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Request Chain 118
  • https://marazma.com/load HTTP 302
  • https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request priyarj-07-19-2023-17-58-27-stripchat
www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/ 		50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c0f35d46944037b526e186da07539e0d14784c18afe8b9acaf5c1cf88d84c582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=7776000
cf-cache-status
HIT
cf-ray
7f5ae5fabef40eaf-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 12 Aug 2023 18:49:27 GMT
expires
Fri, 10 Nov 2023 18:47:38 GMT
last-modified
Sat, 12 Aug 2023 18:47:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9y0fL4TyR8AiWI6osbIxMNLWpfzpRdBOVnvw%2BsaEqxaC2aHsDQ4xeTHtckM9%2BV%2B7LCMWKjnuR1%2BrqCJZMEZqFmYT5A%2B3gTualyNvkYH9%2BVpMTfUHSY5ew9mIMvpTXz9PHRa5JxMMI0xx2K2yNwo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-page-cache-status
MISS
x-powered-by
Express
2257.2aca2995.css
www.onscreens.me/assets/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/assets/2257.2aca2995.css
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
06763099c342d2a6f0cb56462ae26d04775241db45afa843df1d920e3d8bc683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6379
cf-polished
origSize=34461
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:16 GMT
server
cloudflare
etag
W/"869d-189d6e1e939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEGDY7Zc2qG%2FLl2bZsWp8MobhIE%2B4JFP8Fl09HCTc2xwQ2knkuPMb54cIvKChzTML67HGRT4q0SGP6Cr8o45X08z68vaAyAzbpPWuu%2FOeTEYAiKHCaP73H8qvK7vexM9coO9T%2FiEEFVzPeV3Ghkf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb3f970eaf-AMS
expires
Fri, 10 Nov 2023 17:01:20 GMT
9bebb836.js
pasbstbovc.com/t/9/fret/meow4/1949468/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pasbstbovc.com/t/9/fret/meow4/1949468/9bebb836.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
bd024befe2605a3a602e162c67573680fdcf95c833f7bba3523d74fa12cc524d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 16:07:35 GMT
server
nginx
accept-ch
sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag
W/"64d3b9c7-16a72"
vary
Accept-Encoding
content-type
application/javascript
x-js-ab2
current
timing-allow-origin
*
PD-head.886a05e5.svg
www.onscreens.me/assets/ 		20 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onscreens.me/assets/PD-head.886a05e5.svg
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
886a05e55a7a865cdba97de94ba28d3922411bcbb543896412c4de4ceeef4967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3268
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 20:41:16 GMT
server
cloudflare
etag
W/"4e0b-189d6e1e939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtxtsaoyjAWSH41eCZ70a8J4PFknlEJf2N62Zxh9IaYrJ4Rvrll%2B3wxy1SfWCOVpfhIOtuu0%2B5O0Xn3mQJR%2F9ZmDiFybGX6xws4r81Dqsn0t0be%2B3XrhjrZ91cuxRNenJzByTv1Q7pM%2BLOMiEBa1"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fc70eaf-AMS
expires
Fri, 10 Nov 2023 17:04:57 GMT
bongacams.3ca8e7c2.svg
www.onscreens.me/assets/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onscreens.me/assets/bongacams.3ca8e7c2.svg
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3ca8e7c2187c7f9ba24c81efcf46e857f5947124a273bf63b60a5b76288fe5f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3268
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 20:41:16 GMT
server
cloudflare
etag
W/"5bf-189d6e1e939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry9ZqPQxgWZ9PJVJ7rWSro1fExkgCT2YLnVS3nLuMpX12RVDFKrFOLytxx%2FjP3iUScu1wkvLYwT3yEnuP3Vpk6Apfz4wrYsK110aHEwV8jPWMbNBIgdUzlANZlqnGE9F0u3IGHpjzHAY7wE%2FGw73"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fca0eaf-AMS
expires
Fri, 10 Nov 2023 17:18:26 GMT
onscreens.me.ff611eda.svg
www.onscreens.me/assets/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onscreens.me/assets/onscreens.me.ff611eda.svg
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff611edaa01dda0db86a5c9fd58932ce19a86b81c4d497c6a06e9c99c9323014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4522
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 20:41:16 GMT
server
cloudflare
etag
W/"1938-189d6e1e939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFt7yPgVkMnq06rStXU3TUfYJTNDx9OpGqzKfEcrU%2F4bG9bKZgp5LKv2EHVoaQs6XcWvwz8NBlevldnv1wn35Wth4NuAdm05aATYv8FaDkqV%2BsoNLasA2Ekky8tUhA0%2BlrScORCmJH4wjCYPjF8T"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fcc0eaf-AMS
expires
Fri, 10 Nov 2023 17:18:10 GMT
onscreens.me-dark.dcbf5dfb.svg
www.onscreens.me/assets/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onscreens.me/assets/onscreens.me-dark.dcbf5dfb.svg
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dcbf5dfb00d36ef58a8a55590c47336218a98b18afaa8644c52cb4b2803eb6ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1391
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Aug 2023 20:41:16 GMT
server
cloudflare
etag
W/"1938-189d6e1e939"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlZsKIKPMR2MC14nIh9nbRtNXVTmdGWdGoDZNuoiFTYTpqmbMX5I%2F4dI4bob44c9Rma4WeojAzCWn96CFLMgZC9fe6QbON%2BReXPA%2B99i59zMx8jtcWB5%2Fysn9jDnH6R9k7RMii23oBE25fq5s%2B8O"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fd10eaf-AMS
expires
Fri, 10 Nov 2023 17:02:32 GMT
jads2.js
poweredby.jads.co/js/
Redirect Chain
  • https://poweredby.jads.co/js/jads.js
  • https://poweredby.jads.co/js/jads2.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads2.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
HTTP/1.1
Server
185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sat, 12 Aug 2023 18:49:27 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 20:12:17 GMT
Server
nginx
ETag
W/"6442ee21-eae"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close

Redirect headers

Location
jads2.js
Date
Sat, 12 Aug 2023 18:49:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
statistics.js
www.onscreens.me/js/ 		368 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/js/statistics.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
08eb57c6f0f295475b2e10544d8cfc9bc69a5d354d3e59f7a15b838536c92125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115635
cf-polished
origSize=519
x-cache-status
MISS
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:19 GMT
server
cloudflare
etag
W/"207-189d6e1f569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3PLz%2FKT%2BPz684%2BzCfcCZC3Czu1GbNgrA4c%2BW0goLdECaZoJBytJAh9GJMAAKB8k4QfkPAjSrkUPOAaqIjIyKy72jNPcc6nbT6Z9dEUyXIpxyKf4j6S%2Fu68CiSEUrO1V2AuUgxPTmkmSopWYR3kD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fc30eaf-AMS
expires
Thu, 09 Nov 2023 09:35:59 GMT
st2.js
www.onscreens.me/js/ 		337 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/js/st2.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff548f546eb7b4719d103206b80b1ddfcf0dacdf8a97c81b00c147ecd0ec2d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
115635
cf-polished
origSize=409
x-cache-status
MISS
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:19 GMT
server
cloudflare
etag
W/"199-189d6e1f569"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgT2OmUvfIXOIl6MNr2R4dUrQO%2BNCXCgCCLo12tEGA5E06K4NPcqbKObI50bcc7XM86KEgfiix4YwS38i4hCGNkwjZefXa99S9yhmRNEAuvDJVt3Z6sayKRRut50JYcDxtykuz7SN%2FaDdpULGm2I"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fb5fc50eaf-AMS
expires
Thu, 09 Nov 2023 09:58:16 GMT
dY5uaQ5.js
blow.week1time.com/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blow.week1time.com/dY5uaQ5.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f8:161:6222::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
0b8b38633b185684c492474c16e6af35c2694af879d79d714afb1866a3740172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
462326
content-length
55872
last-modified
Thu, 27 Jul 2023 14:46:25 GMT
server
nginx
etag
"64c28341-da40"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f5abaf46f471c42-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
4aJcfA0.js
blow.week1time.com/ 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blow.week1time.com/4aJcfA0.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f8:161:6222::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
c2367575b5fa65a8b331f1b01fbebd1b3fd1934cc958f2154fd0922a8e2aca61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Thu, 27 Jul 2023 14:46:25 GMT
server
nginx
etag
"64c28341-95aa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7ed5b3f25ef44dbd-FRA
content-length
38314
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/assets/2257.2aca2995.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e41bc293c7e7c94f2bd57d23a1dfecab0664a21b44c37f1530eb5596499ff939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 18:49:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Aug 2023 18:49:27 GMT
solid.gif
pasbstbovc.com/ 		43 B
792 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pasbstbovc.com/solid.gif?z=1949468&abvar=0
Requested by
Host: pasbstbovc.com
URL: https://pasbstbovc.com/t/9/fret/meow4/1949468/9bebb836.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
x-route-id
stats.tag.loaded
server
nginx
accept-ch
sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
video.q34r.org/e/ Frame 7A59 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afe63ae8a7adf75cdc9d70b79ce2dbfd61cbbf3207d51d077158324def728db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://www.onscreens.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f5ae5fcdc09b921-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 18:49:27 GMT
link
<//video.q34r.org>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2gsDP7HYHUb5N9uVv9kIH2tr36Hb5Idyn4gobi88KfZwNWSflgk02fwY4nvVdwr%2Bc7QS2wvZjl%2BqYnysClGRG4HXWnUVV4ibOxV%2BE8PmWthze%2FwNsgUNezWuXHWrFyoIkHKa4ndAfQ4mJlWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
matomo.js
statistic.satiq.net/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statistic.satiq.net/matomo.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/js/statistics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
378
cf-polished
origSize=65842
content-encoding
br
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 12 Jun 2023 09:55:19 GMT
server
cloudflare
etag
W/"6486eb87-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ywmbEwKLBD3dq0kQ01lajFSZgEacWkICS9hXbpzbGJUe7zRsaZlZsuyDt9%2B6Nz%2FDCWYe110HV8GovIxu7cegSNu1d0t2FZawszzZjO%2BppZhjZKpMli5tOgv7J0SNCG2ydrjKmJxLRx5T3hg8hRjtQFO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f5ae5fcda7bb89d-AMS
gtm.js
www.googletagmanager.com/ 		117 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NX9QCCZ
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/js/st2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69ae5a5300e318fd2e3fbf8a309ccbb1a6ce507f5cc276af48a884032541333b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46407
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 12 Aug 2023 18:49:27 GMT
1949468
pasbstbovc.com/get/ 		37 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pasbstbovc.com/get/1949468?zoneid=1949468&jp=_cledhpu1atavyw9ehbx2vp&nojs=0&ix=0&abvar=0&febuild=1.0.131&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=-120&md=0&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&isRef=1&sp=0&cid=4051527815134944
Requested by
Host: pasbstbovc.com
URL: https://pasbstbovc.com/t/9/fret/meow4/1949468/9bebb836.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
62.122.171.6 , United States, ASN50245 (SERVEREL-AS, US),
Reverse DNS
62.122.171.6.serverel.net
Software
nginx /
Resource Hash
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
server
nginx
accept-ch
sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary
Accept-Encoding
content-type
text/javascript
x-route-id
config
timing-allow-origin
*
o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
fonts.gstatic.com/s/notosans/v30/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjFhdVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b7b42dc1fe022438e97d26a6e9e979ba233d5c6760f54843d666392a73d05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:49:11 GMT
x-content-type-options
nosniff
age
46816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14472
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:02:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 05:49:11 GMT
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v30/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 05:49:05 GMT
x-content-type-options
nosniff
age
46822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14256
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:02:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 05:49:05 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v30/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:18:58 GMT
x-content-type-options
nosniff
age
153029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14100
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:02:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 00:18:58 GMT
BngrUXNETWXI6LwhGYvaxZikqZqK6fBq6kPvUce2oAZcdthSBUsYck4-_FNJ093dVQ.woff2
fonts.gstatic.com/s/notosansmono/v27/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosansmono/v27/BngrUXNETWXI6LwhGYvaxZikqZqK6fBq6kPvUce2oAZcdthSBUsYck4-_FNJ093dVQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+Mono&family=Noto+Sans:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90d2dbafea80be38fb370ea9fd7f808e0f6d7ffabfe52ccd8832d8a693d8f077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:34:24 GMT
x-content-type-options
nosniff
age
126903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11044
x-xss-protection
0
last-modified
Tue, 23 May 2023 17:14:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:34:24 GMT
adshow.php
poweredby.jads.co/ Frame CD8B 		0
0
adshow.php
poweredby.jads.co/ Frame 1BEE 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1000494
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
3e57280723b770c8795ae6401f56b570619e038ef9213276d9f1a7513864fdfe

Request headers

Referer
https://www.onscreens.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Aug 2023 18:49:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
adshow.php
poweredby.jads.co/ Frame 909C 		0
0
adshow.php
poweredby.jads.co/ Frame 337A 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1005493
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
3049d27a72a2c4f26053190330ec6aadd7f7ac760191bf2dae6a79afa6f6c959

Request headers

Referer
https://www.onscreens.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Aug 2023 18:49:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
adshow.php
poweredby.jads.co/ Frame 8978 		0
0
adshow.php
poweredby.jads.co/ Frame DAE0 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1000493
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
9fa788c5f5f8afbceeb678668a78a3e1a9051007b0024caa297f1fbb8bfa55a1

Request headers

Referer
https://www.onscreens.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Aug 2023 18:49:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
adshow.php
poweredby.jads.co/ Frame FA5B 		0
0
adshow.php
poweredby.jads.co/ Frame B39E 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/adshow.php?adzone=1000049
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.253 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
7e4c96c7f5646bbfaf16e995581a77ac2a1109e4545fe38ad155c800db4c2f29

Request headers

Referer
https://www.onscreens.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 12 Aug 2023 18:49:28 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
_image
www.onscreens.me/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onscreens.me/_image?f=png&w=728&h=90&href=%2Fassets%2Fdd_728-90.6b8d7ba0.png
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
19a8fd22e72dbac7ced6d9f448c8948ac8a4b57f8c3d7b25cc2fc635a5b8bd4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5765
x-powered-by
Express
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
"rtdbd9kbwp6n"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2AFYJ61B%2BL3at00bP3PkR%2B3bKL8jiwd9trLgeZX5TYxbWB5%2FmAfAKyN6AVoj5zV5fXT4joIIDABohe1Qcy8FO%2Bbb3ja4i%2F9S46jbUohIH9SKIOCiObdQrpoB1c2uLbdipfaLkxujqHKIbXGKN0M"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=7776000, public
cf-ray
7f5ae5fcbe5806c4-AMS
expires
Fri, 10 Nov 2023 15:14:33 GMT
SideNav.1d7655a4.js
www.onscreens.me/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/SideNav.1d7655a4.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fd02fbc9657358acae09c456a400dd098237273a01e77f7ca47e3660474ff844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=2660
x-powered-by
Express
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"a64-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlrfVeDWBAuH%2BBJjzp6KlajF%2Bh8DaRe0%2BpPOe%2FFhdwsBzj%2BVaUIAKf3TFbiX6kIHR22kT3ZHJxOH7%2F38bRbglSsCjy0ie4E1ZdNF%2FVVqOvD7tZ%2FYFVyryEZXhjl%2Fw6By60NBQhVOh4yj45B%2F75Rh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fcce6906c4-AMS
expires
Thu, 09 Nov 2023 09:02:23 GMT
client.85ddab9c.js
www.onscreens.me/ 		132 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/client.85ddab9c.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
987ce43cf79687c65b8a9db7a7524162bbb7b3b27bd10925e0c50d842298cb17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=135156
x-powered-by
Express
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"20ff4-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETohzK962KJsM9DfdYsGiWtwgQB2595Hh0iReHIG7uAAB%2BY16rWJhg7H%2B9xczfblfOgxYELvZPCcexJ%2FoxGYstZn2BFt0wk46aNJH03rr9niHf08KXywVL%2FfYGhydfsGyCTTTYVEOwoVkD5c6vBb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fcce6a06c4-AMS
expires
Thu, 09 Nov 2023 10:55:06 GMT
ThemeToggleButton.9b7bae2b.js
www.onscreens.me/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/ThemeToggleButton.9b7bae2b.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
02bfe808f51189a6e4b07af00d294e826c32dfebb5e1746b3b0fc893c2b48e21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118391
cf-polished
origSize=1172
x-powered-by
Express
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"494-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BD5ns6iNc5sx2ChfvtlAJf5JbBE2vOv6iO56uLdLOhJIeb7tu2M0JAYBgRKJwC%2FyVSj5ysiNTtrWYWpR2aNofVIKDwaTkgo3JNM1ih42t4ArX%2FGOm2sBOyU80hhVao%2BCR0tPrFYmdSsy1PfSBCK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fcce6b06c4-AMS
expires
Thu, 09 Nov 2023 08:54:15 GMT
SearchMenu.aa5cb1fa.js
www.onscreens.me/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/SearchMenu.aa5cb1fa.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f8904d6555752ab89a1e1d316c1dd26d542c184186988017d5a7b56edbfb3e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=42913
x-powered-by
Express
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"a7a1-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdBMTNymMfwm3FHnXvqf0Lj%2FDPqMp3Waj8GpM0YKKQMGFL6QPrqyos2nBUIMn6T0YUxtoREdWFl57s2kzAlxUlMNWzHeV9NDedzHuWbf%2F0r%2BNYQzcnRYHXFOy8aNJxwDKAeg%2FaqROw8qsbZTU1Dv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fcce6c06c4-AMS
expires
Thu, 09 Nov 2023 10:55:06 GMT
adgpt.js
cdn.tapioni.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tapioni.com/adgpt.js
Requested by
Host: blow.week1time.com
URL: https://blow.week1time.com/dY5uaQ5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2747 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674eb461715da45489fb9f53461975f4ed611b39c13eea8a13ba64edf789a672

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 27 Jul 2023 14:46:25 GMT
server
cloudflare
age
816435
etag
"64c28341-330"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7f5ae5fdbba6b97a-AMS
content-length
816
expires
Thu, 31 Dec 2037 23:55:55 GMT
412125
blow.week1time.com/api/settings/ 		33 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://blow.week1time.com/api/settings/412125
Requested by
Host: blow.week1time.com
URL: https://blow.week1time.com/dY5uaQ5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f8:161:6222::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 12 Aug 2023 18:49:27 GMT
cache-control
private
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
matomo.php
statistic.satiq.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://statistic.satiq.net/matomo.php?action_name=priyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&idsite=8&rec=1&r=499984&h=20&m=49&s=27&url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&_id=2584ef6f7fa8d6e6&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=pSw04N&pf_net=83&pf_srv=64&pf_tfr=3&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: statistic.satiq.net
URL: https://statistic.satiq.net/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.onscreens.me/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers
websocket_ip.min.js
video.q34r.org/js/ Frame 7A59 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/websocket_ip.min.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13653016
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
cloudflare
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Edkxo7o%2ByTQVhtoKMY8MJnfyI2ySQJwWwW6pRtLWPDDHPzZdW70NWvODJuE%2BgtPSWpWILTN%2Bbx6DJC2wF7vRZZdofOvBDmZ9wJeytsKbGK5DVutlMucPyWbj1tJlqX%2BYsMM2UPfaifrArb2r2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae5fd8cb6b921-AMS
419320
blow.week1time.com/api/spots/ 		0
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blow.week1time.com/api/spots/419320?s1=%25subid1%25
Requested by
Host: blow.week1time.com
URL: https://blow.week1time.com/4aJcfA0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f8:161:6222::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
cache-control
private
server
nginx
content-length
0
index.f47281e8.js
www.onscreens.me/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/chunks/index.f47281e8.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ff7f802dc756ff5430854f65659cfe9ccff8d3c7e42e5aa256cd07cb17cae247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/SideNav.1d7655a4.js
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=7198
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"1c1e-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpAyavtMTqoxS0%2F2FkZSqbRZQCMSDhyxOVevEMfKcW9cR04fP%2BzgJVAgsxKWVyVUgf%2Be6QVQATVcSzvZuUw3V9E66OOj0owtnlqgfDIJypLYVxu20CQf4s3WSZrqSAS%2FuQMy46HJbbtAZkBGbe65"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fdaf9506c4-AMS
expires
Thu, 09 Nov 2023 09:11:38 GMT
index.5f5d0630.js
www.onscreens.me/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/chunks/index.5f5d0630.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e6d7d05844c2e0af9c925fcc333ed3f33c5c89419832e52dd6e1b98ccac59881
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/SideNav.1d7655a4.js
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=6168
x-powered-by
Express
x-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"1818-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5v%2FnIKuGwEh5QgtMFbxAeYAhkn4CyVSRGRZYYY%2FD4f20e8TB6QuuJiVYQkTj525FQQZPMD5yMrmieayBrSPDVc8iYN4tZOH8vc%2BnfLSjArW8Mag5ygb0UtKDFrVKhWo3u34YagrwqQZcix3BxO6N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fdaf9706c4-AMS
expires
Thu, 09 Nov 2023 10:56:11 GMT
jsx-runtime.479f2197.js
www.onscreens.me/chunks/ 		679 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/chunks/jsx-runtime.479f2197.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f3eed05646b724832d779e0e06a37b2909f6fe98cc61f9fd53f0fa769060e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/SideNav.1d7655a4.js
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=928
x-cache-status
MISS
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"3a0-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSH6%2BUrXvhKNN8Z5VvvFlcgaunfsMqQ5xWFs5%2B9mAxs0QzORjcFZ%2F6T6veOQFlyXL4EaeJmHHlIj58%2FH%2Bb%2BPNz7yHuiAbDvqdwDpyM7a0fSfxoOe5He7mQuqf%2BaBF4UZZTFIIJO2LNho%2FvgvkL8p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fdaf9806c4-AMS
expires
Thu, 09 Nov 2023 09:35:16 GMT
index.80b32944.js
www.onscreens.me/chunks/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/chunks/index.80b32944.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
87787713f48db86d8c989d301c72738fead33883013ebe7eacd14b7b39377a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/SideNav.1d7655a4.js
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
114754
cf-polished
origSize=5693
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"163d-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90%2B%2BUkKM1dYotVB8OYF3LOMrNyswGUskn5NuggaT0AutTmlVPLoI4sZCQGwXaH6prqdsJifjIw1piV%2Fkv7%2BnpIj1Tm%2BuFJky1Dwj7KogUF6qGfdbZCLEMEYSjlYHWdSL87VYKQw%2B%2BrjbpjnH0npJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fdaf9906c4-AMS
expires
Thu, 09 Nov 2023 09:15:30 GMT
index.6515aeb4.js
www.onscreens.me/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onscreens.me/chunks/index.6515aeb4.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4842278ec3149ea60369ae040618c4348dbd5a70631a7b7e88946d36bf786570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.onscreens.me/ThemeToggleButton.9b7bae2b.js
Origin
https://www.onscreens.me
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118390
cf-polished
origSize=1622
x-powered-by
Express
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 20:41:20 GMT
server
cloudflare
etag
W/"656-189d6e1f609"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThE9yiR3zQlCkiQpkgSl7XwSuJ%2BXLG4kNSF6sXgScDR8WFqB688vW7JSQb%2F7nL%2Ff%2FE90l2RKsjc8tg5KdrJgLMA6jEuTElEgMDZ7jpf0SsrABlWyU1mV9l5etkBWtfF32hfw%2BdVDIfmiOIE2G1sO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=7776000, public
cf-ray
7f5ae5fdbfa706c4-AMS
expires
Thu, 09 Nov 2023 08:55:20 GMT
email-decode.min.js
video.q34r.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 7A59 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Aug 2023 14:42:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d25459-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCP1cQFmPyjOTpN4S4KM1X3tV8isbRgKeLh9eX41lS6VgMl6Faa6J0cL5wH1rrrat%2FQ8QcJB6%2FpvcztZwKi8T2LT2TOiTICUzoq56j7wWhr%2Fx4WQidvYIjPrZDoIJ%2FaMVCW0iYxC9b9qnUcJug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f5ae5fe1a80b956-AMS
expires
Mon, 14 Aug 2023 18:49:28 GMT
tag.js
mc.yandex.ru/metrika/ 		216 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 13:02:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64d4b5d0-12752"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75602
expires
Sat, 12 Aug 2023 19:49:28 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LCHG5KSTPG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NX9QCCZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbd264811311f63eb5ff294d6a145d71ecfb3c127274d12ac66feb32a07b9738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 12 Aug 2023 18:49:28 GMT
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ Frame 7A59 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
23686238
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GHKMBA0XTC5KG1GT7KN6J3B2-ams
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f5ae5fefb76b96e-AMS
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LCHG5KSTPG&gtm=45je3890&_p=825390550&cid=358214657.1691866168&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691866168&sct=1&seg=0&dl=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&dt=priyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LCHG5KSTPG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onscreens.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ Frame 7A59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5574632
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01G53HTS41PDY125K0TXCBEG90-ams
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f5ae5ff6befb96e-AMS
d_check.js
video.q34r.org/js/ Frame 7A59 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/d_check.js?34
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13640464
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
cloudflare
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tRt4jshN5ae12DHCuZnTh2k69HcZMCJ7zNf6NIIztSTjnLxkwDaGK0641BYJIFcIQXwYREliIryQFq3KxdbyNBkuUEj9bOzK64LuVPdwFCDTWVGCnZX9R4NyZJtHLetEaAF9bknt19lbt8w8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae5ff9c25b956-AMS
js.load.1.js
commentsmodule.com/js/ Frame 7A59 		5 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://commentsmodule.com/js/js.load.1.js?106314593641019
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CcnKAy%2FqYLHv9nPSxnwxJ5lAyvr8ZkeYMxR8pHnaFr5jgamvr%2FaK575EFH0dAdhj9XjKjrNFjEG6FvKArW4Eyisnmm3YPluxM6Z5jfH2IpI4ZHA6Ow%2BPG9dK%2B9%2BhILgFtvioEaPRI8wO830CXcn54lA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f5ae60048660ea8-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
embed.211.js
video.q34r.org/js/ Frame 7A59 		167 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/embed.211.js?736
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
9082790
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Sat, 29 Apr 2023 15:48:32 GMT
server
cloudflare
etag
W/"644d3c50-29c06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLypZLJHS%2B407j%2FvDN0WgUJTvqP6mHHSRp%2BfSZ4MwdoIQ1%2FaZWguyLKkvnu0Y%2BaUS8ixa6u0hyP8b6A8BPBi19JbQiGC%2Bx%2FHFS%2BcSiYZfcN%2F7obj0PhIkfVCXjaRRTanse%2FKV3%2F1v4muVhc2%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae5ffdc75b956-AMS
ad1490192-1530569409.gif
ads.juicyads.com/ads/user57648/ Frame DAE0 		284 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.juicyads.com/ads/user57648/ad1490192-1530569409.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx /
Resource Hash
005839f2a9f773c412f6910ff21281f934d1d9c9509cd9c170f72f2bee5f43ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Mon, 02 Jul 2018 22:10:09 GMT
server
nginx
etag
"5b3aa2c1-46fd8"
x-hw
1691866168.cds147.am5.hn,1691866168.cds255.am5.c
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=32090
accept-ranges
bytes
content-length
290776
1x1.gif
i.jads.co/ Frame DAE0 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Thu, 03 Nov 2016 21:36:07 GMT
etag
"1478208967"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds151.am5.c
content-type
image/jpeg
cache-control
max-age=28411528
accept-ranges
bytes
content-length
27460
/
chaturbate.com/tours/3/ Frame F76E
Redirect Chain
  • https://chaturbate.com/in/?track=lstlbmescreeons&tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1
  • https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e7a982fa95fe2fbbef8a6b3f81ade44020d08b61849fa94d39a7527127bf3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

Referer
https://poweredby.jads.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f5ae601ef520a70-AMS
content-encoding
br
content-language
en
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type
text/html; charset=utf-8
date
Sat, 12 Aug 2023 18:49:28 GMT
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Language, Cookie
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f5ae600dded0a70-AMS
content-language
en
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://*.googletagmanager.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://*.nr-data.net https://certify-js.alexametrics.com https://player.vimeo.com/api/player.js https://static.hotjar.com https://script.hotjar.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://static.hotjar.com https://script.hotjar.com; img-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://*.stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://*.googletagmanager.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://*.nr-data.net https://certify.alexametrics.com https://stats.g.doubleclick.net https://cbgames.s3.amazonaws.com https://player.vimeo.com https://script.hotjar.com http://script.hotjar.com ; font-src 'self' data: https://*.mmcdn.com https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com http://script.hotjar.com https://script.hotjar.com ; connect-src 'self' blob: blob https://*.mmcdn.com wss://*.mmcdn.com wss://*.mmcdn.com:8443 https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://*.nr-data.net https://*.chaturbate.com https://chaturbate.com https://*.google-analytics.com https://analytics.google.com https://*.analytics.google.com https://*.googletagmanager.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://internet-up.ably-realtime.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://tls-use1.fpapi.io https://use1.fptls.com https://eun1.fptls.com https://aps1.fptls.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com ; media-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://storage.googleapis.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.mmcdn.com https://*.highwebmedia.com https://download.macromedia.com https://static-pub.highwebmedia.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://static-pub.highwebmedia.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.mmcdn.com https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://*.wnu.com https://wnu.com https://checkout.2000charge.com https://www.sofort.com https://*.girogate.de https://player.vimeo.com https://vars.hotjar.com https://directory-live.cb.dev https://*.web.cb.dev ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://*.wnu.com https://wnu.com https://devportal.cb.dev https://*.web.amer-1.jumio.ai https://saas-onboarding.incodesmile.com https://smartpay.coinsmart.com https://secure.paygarden.com ; manifest-src 'self' https://*.mmcdn.com https://*.highwebmedia.com ; report-uri https://report-uri.mmcdn.com/r/t/csp/enforce;
content-type
text/html; charset=utf-8
date
Sat, 12 Aug 2023 18:49:28 GMT
location
/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.mmcdn.com/a/t/g"}],"include_subdomains":true}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Language, Cookie
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
popunder.js
video.q34r.org/ad/top/ Frame 7A59 		0
0
embed_player.php
video.q34r.org/player/ Frame 7A59 		0
0
embed_player.php
video.q34r.org/player/ Frame 7A59 		47 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a8a0731055dbb196d7014e03e52e4d45a3d2edae5c273369b4ca7bc0e85bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://video.q34r.org/e/QkRBTi96YkxwQWdFa0p2UWRSMDFndz09
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f5ae6008d40b956-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 18:49:28 GMT
link
<//video.q34r.org>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUaO%2Fxmx%2FUjUe39b0klh8DzNgTHQBsF9fMDqo%2BbSFkAi%2FmRjRoXiRepqipVWjWvbUI3%2Bj7M3j%2BXe3D8Ih7b0HJX5lH14NzmWFoOagxFkK950wkeqFYFwe8KnRfKzv1%2BFjN04ATAUxoo76wz5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
advert.gif
mc.yandex.ru/metrika/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 13:02:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64d4b5d0-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 12 Aug 2023 19:49:28 GMT
1
mc.yandex.ru/watch/86516845/
Redirect Chain
  • https://mc.yandex.ru/watch/86516845?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&brows...
  • https://mc.yandex.ru/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&bro...
435 B
518 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1341740528741%3Ahid%3A842940397%3Az%3A120%3Ai%3A20230812204928%3Aet%3A1691866168%3Ac%3A1%3Arn%3A72076238%3Arqn%3A1%3Au%3A1691866168335629020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C59%2C65%2C3%2C0%2C0%2C%2C402%2C0%2C%2C%2C%2C553%3Aco%3A0%3Acpf%3A1%3Ans%3A1691866167377%3Arqnl%3A1%3Ast%3A1691866168%3At%3Apriyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
Requested by
Host: www.onscreens.me
URL: https://www.onscreens.me/126f5faa-265e-11ee-b11e-ca29b77277e2/priyarj-07-19-2023-17-58-27-stripchat
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
643afb62076f5e7d7e71e751b205105bfaa5f7d51aa86e55cd2b064db5c5e77c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 12-Aug-2023 18:49:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.onscreens.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Sat, 12-Aug-2023 18:49:28 GMT

Redirect headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:28 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12-Aug-2023 18:49:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/86516845/1?wmode=7&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1341740528741%3Ahid%3A842940397%3Az%3A120%3Ai%3A20230812204928%3Aet%3A1691866168%3Ac%3A1%3Arn%3A72076238%3Arqn%3A1%3Au%3A1691866168335629020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C59%2C65%2C3%2C0%2C0%2C%2C402%2C0%2C%2C%2C%2C553%3Aco%3A0%3Acpf%3A1%3Ans%3A1691866167377%3Arqnl%3A1%3Ast%3A1691866168%3At%3Apriyarj%3A%20%2F%2007%2F19%2F2023%2C%2017%3A58%3A27%20-%20stripchat%20-%20ONScreens.me&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin
https://www.onscreens.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 12-Aug-2023 18:49:28 GMT
websocket_ip.min.js
video.q34r.org/js/ Frame 7A59 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/websocket_ip.min.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13653017
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
cloudflare
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUpf0BlDPCNl%2FFJV0XIlWlkeB%2FOI0R753lowPIngjMsxv%2B%2FNhsltSm%2FW%2FN22r2wevaFihgjw67hFN1PvwGJAXM2v%2BWiKLt1HnG7NHXWcNPwo2YRlZQtEHgaxNgPHDGxaiY9ecK%2F7JzOEevrp2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae600fda6b956-AMS
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ Frame 7A59 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
23686238
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GHKMBA0XTC5KG1GT7KN6J3B2-ams
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f5ae6012e0bb96e-AMS
leaderboard-1397086274.jpg
i.jads.co/network/user22416/ Frame 1BEE 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user22416/leaderboard-1397086274.jpg
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0a9eca234bb62ae97fd57d3595479511d5da1b81a4fbede0c77fd281326a07e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Wed, 02 Mar 2016 19:41:49 GMT
etag
"1456947709"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds271.am5.c
content-type
image/jpeg
cache-control
max-age=9448025
accept-ranges
bytes
content-length
49319
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ Frame 7A59 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5574632
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01G53HTS41PDY125K0TXCBEG90-ams
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f5ae6017e6bb96e-AMS
d_check.js
video.q34r.org/js/ Frame 7A59 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/d_check.js?34
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13640464
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
cloudflare
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NexmZ%2B4lLGP233UnUSOT6r7u2BYhlFzsvTZpUVf9qlpd4aPzKzKPFzNsjCnubvZNlS978SXs3BWthQqZnqrjIbaIvYgSfOUkXpMXuQXDa4WY8ZOyP6a0CBOLeWVlxcgNF%2Fvem3dzIJKCAWAS9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae601ceb0b956-AMS
embed.211.js
video.q34r.org/js/ Frame 7A59 		167 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/embed.211.js?736
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
9082790
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Sat, 29 Apr 2023 15:48:32 GMT
server
cloudflare
etag
W/"644d3c50-29c06"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uHnbv%2BfUgkLUOvn%2F%2BP%2Bi58O%2FP1M3ycUMw41bnX4Xzsc45UOiM8EYOsV5C%2BwuUODyPRg%2B2xRab1NvztuA88IrE509VxnA%2FDv1YGcqTUAj2HUGH%2FVUygEI3jty6G%2FXzqsGcClJB3rBRE8%2FMxL6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae601fee9b956-AMS
33261-1617884182-0301469001617884182.png
i.jads.co/network/user500/ Frame 337A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user500/33261-1617884182-0301469001617884182.png
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1005493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
f9e5e435e5aa5877bbe306abb79af87ebbabf89e2eb52dd4b3122c2af281c9d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Thu, 08 Apr 2021 12:16:22 GMT
etag
"1617884182"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds241.am5.c
content-type
image/png
cache-control
max-age=25243711
accept-ranges
bytes
content-length
1470
1x1.gif
i.jads.co/ Frame 337A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/1x1.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1005493
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Thu, 03 Nov 2016 21:36:07 GMT
etag
"1478208967"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds151.am5.c
content-type
image/jpeg
cache-control
max-age=28411528
accept-ranges
bytes
content-length
27460
popunder.js
video.q34r.org/ad/top/ Frame 7A59 		21 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/ad/top/popunder.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3489912
alt-svc
h3=":443"; ma=86400
content-length
21
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Wed, 15 Sep 2021 14:06:22 GMT
server
cloudflare
etag
"6141fdde-15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMPd6edLdsNkjVrI5eimfHUX9U%2FLeRTIYvSoP3w7p8x%2FRwScp5oKv08uIoHPyk5UQUpCMZRQa85hdQIf7ujTysSdimUULydjHAzBHFjQLQJLf2Mi%2BiUEVImydXWKMelHeETY%2BV6kDbNPE6hggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f5ae6026f63b956-AMS
ns.html
www.googletagmanager.com/ Frame 7A59 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WBDQQ5
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
embed_player.3.css
video.q34r.org/styles/global/ Frame 7A59 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/styles/global/embed_player.3.css?130
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13640464
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
cloudflare
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWELfvFfiauRxj7693Dto1c4YTIskvWhAwxpRN4sSXTjkPdCUiw85sILc0%2BSMNa3Qc53PasMNml%2FfJgc6%2BTkeqlbH13N9l94C7Q4v3bkU8j7yGrhf8ts3vI5WA5%2BCv3y%2BBZ4%2FKVZQEz9Cpj2LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae602ffdbb956-AMS
output.9351446b200f.css
static-assets.highwebmedia.com/CACHE/css/ Frame F76E 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c7b74d341e1006ca03a1666759b351ebb67b5b0def3772fec424754c653f44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DFMB082RN2D0S9D3
age
1035548
cf-polished
origSize=29523
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SxSXgTFioNipB/9nXWSkmHmomFAxkgXo5DnFhGGOdTU4ErTqrf0IoLwO33vplglJ+DZdbkz4Yd4=
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 19:08:35 GMT
x-amz-meta-s3cmd-attrs
md5:fe770cada60500d284e14a00b0177e15
server
cloudflare
etag
W/"fe770cada60500d284e14a00b0177e15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YVqy%2BLBz9G9koatht0WXQ%2F35JUU99Z2xXgUJNALcZYlm7FQNXt04khHyyemi%2FP4hFD96I%2BlH7p7tzY%2Fg91FOJAIPjrdPcAwkZWXr6xlH5BW2tn%2BxDfkPQwJGyTR9zTZrM3fK30H3bVw%2BUMUL7iHadM3RbaYdvs3hIReXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7f5ae603ba151caa-AMS
expires
Mon, 11 Sep 2023 18:49:28 GMT
jackandjill.jpg
roomimg.stream.highwebmedia.com/riw/ Frame F76E 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/riw/jackandjill.jpg?1691866140
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb2914c1605445798ee1578138b81194d86e314d4b818a801e662a5c82222c5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-server-name
CB Jpeg Server
age
29
cf-polished
origSize=9566
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9513
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Aug 2023 18:48:59 GMT
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GEG3wG%2FaOpC7thC4ohTor2l2XobXnWG1O1j0UA0Xcx9bOAo9ggclTXPdb2VIL%2BiIfl7SulN3f%2FNuPDj4ogr6MAAt5IZdvRZPnfXabu9YGB6EobKya%2FYEPuTNOhmOciDsZjz8tYrBUg2leYB5T%2BS2OQu%2FTaQRle748PJcCQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=30
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7f5ae603c9390e18-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 12 Aug 2023 18:49:58 GMT
jenny_taborda.jpg
roomimg.stream.highwebmedia.com/riw/ Frame F76E 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/riw/jenny_taborda.jpg?1691866140
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7967f3b4c9fe9bb5e574efffbd8673ce4173054b4060915655cfc77e120581b4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-server-name
CB Jpeg Server
age
9
cf-polished
status=not_needed
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13103
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100,h2pri
last-modified
Sat, 12 Aug 2023 18:49:19 GMT
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIWa4PJZCfcSKN3Gd%2Biu9S8mysOtw3nRTAiwClCZupEBM3WZRKedTYqvLDj8HjnFfvdQFWKmZo0vI%2FRP18T7RWcuruRw0ewe6MkcjkqoHw4tnVk6at8bO2xtCbvCsQGDJKOn8zn1B7repObVhZ1gNx0KDJOYid5fA%2F%2FAfVU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=30
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7f5ae603c93b0e18-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 12 Aug 2023 18:49:58 GMT
js
www.googletagmanager.com/gtag/ Frame F76E 		215 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GX0FLQH21P
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c48c081025563ab8d1a89b0eece7054d1d253bb5a19bde1cd9d628d349e095c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78025
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 12 Aug 2023 18:49:28 GMT
script-2.12.5.js
video.q34r.org/js/ Frame 7A59 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/script-2.12.5.js
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/js/embed.211.js?736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13664499
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Tue, 01 Dec 2020 19:28:37 GMT
server
cloudflare
etag
W/"5fc69965-4cb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb%2BZzCRmqbon2k9qeJknpiZkjXQvxlJ6%2F7GRER4o5vkWwwHn9CEjnPv9WoAz9iy5brIRksoTT1mlGlxpXDVxfij3eepaYVB0RgnlAfmtuYBcxqVdOlTYICucRx8NdWACL0m%2BktPSmZgsNWolMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae6035823b956-AMS
trace
video.q34r.org/cdn-cgi/ Frame 7A59 		319 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/cdn-cgi/trace
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0d81b0bb27b41cf8fb9a634035ab37194a707a49657845217112777c1c1b3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7f5ae6035827b956-AMS
expires
Thu, 01 Jan 1970 00:00:01 GMT
segment.css
video.q34r.org/styles/global/ Frame 7A59 		616 B
859 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/styles/global/segment.css?11
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889727ca9e58ccddfc9c0df7031ea9b5fd19b42a15286cc5c380eef5bea350ab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13640466
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Sun, 17 Mar 2019 16:12:54 GMT
server
cloudflare
etag
W/"5c8e7206-268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe%2Fy73j3zrDhCF8X6ErjUFUw%2F1%2BSvWC%2FDW7VS0a0HakgrvTknq4rOC4EeSQ7nU5YHacxCRV3LYQGIYfucu3TURAul4Rnsc06iGI45F0jvWMKODzmIbK76vOqfUau9w0T5P7xQl93JIBfvDvF1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae6035829b956-AMS
embed_menu.css
video.q34r.org/styles/cbv2new/theme/ Frame 7A59 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/styles/cbv2new/theme/embed_menu.css?21
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45bc2ebb82341b0beb20bf20f0318c5f520e782e2c23da5280d26ab94e046013

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13640466
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Wed, 02 Dec 2020 01:21:09 GMT
server
cloudflare
etag
W/"5fc6ec05-26c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFmDMyTSVSRjsC7WBJSYUeCKq%2F%2BzlV9jiegsG%2FNoKskgIcU1LR1VHv9KZ9nNsQtKc7tKLY05tNdwW0ahrBr2yJYpFo8RwUfnnhWa0F7cqYVbWsgfhLl4HqTD8vOFTykrHd0dkG63eIoTjVRYIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae6039856b956-AMS
412125
blow.week1time.com/api/users/ 		552 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blow.week1time.com/api/users/412125?host=www.onscreens.me&ev=209&wh=1200&ww=1600&uuid=&s1=%25subid1%25
Requested by
Host: blow.week1time.com
URL: https://blow.week1time.com/dY5uaQ5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f8:161:6222::2 Fürth, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
f87ffecddf0e0acf3f68e36a09a04ae4eea17dde03da828701564fa275fc6ece

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.onscreens.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
cache-control
private
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
css
fonts.googleapis.com/ Frame 7A59 		5 KB
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/styles/cbv2new/theme/embed_menu.css?21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 12 Aug 2023 17:48:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Aug 2023 18:49:28 GMT
juicyads_black.gif
i.jads.co/ads/ Frame B39E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/ads/juicyads_black.gif
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Wed, 02 Mar 2016 17:54:59 GMT
etag
"1456941299"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds201.am5.c
content-type
image/gif
cache-control
max-age=5482172
accept-ranges
bytes
content-length
2193
300x250-1392051358.jpg
i.jads.co/network/user22416/ Frame B39E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.jads.co/network/user22416/300x250-1392051358.jpg
Requested by
Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=1000049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
65dfd5345e9e11d6825f552319a0c5711f90712e2addab7f6b0cf919dda47ccc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://poweredby.jads.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
last-modified
Wed, 02 Mar 2016 19:41:50 GMT
etag
"1456947710"
x-hw
1691866168.dop250.am5.t,1691866168.cds018.am5.hn,1691866168.cds201.am5.c
content-type
image/jpeg
cache-control
max-age=9448010
accept-ranges
bytes
content-length
29810
ico-couple.svg
static-assets.highwebmedia.com/images/ Frame F76E 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-assets.highwebmedia.com/images/ico-couple.svg?b74df354b80e
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74df354b80e250dc83e4f231ae2416d34e0a72323f20fec5d1c54c67fb3e79a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9X9DFCP5VN01QWR6
age
1169932
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iLmSmz4DD8K9rUll3lC/OfvpNKE/m1M7zgR8oOvKG1bIIpWp5aue6MCHyTD8Ik5yVWmIvJTlWMU=
last-modified
Tue, 09 Mar 2021 22:37:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:6886f061565cefb644a7577fa5993044
etag
W/"6886f061565cefb644a7577fa5993044"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8sya%2Fog%2FDJcoy3Pk5fvS8R0%2B65v9Bf4y41LvpeVr7JxesF2TkXppY6Rrha2g09hxpS2Zht7hcCipISnbaUGLbsqxodfV%2B%2FG8lPMlXW6dOjyOd4uGrIFbRf009tyKW6%2BiMcHPE0hZdumM6PyZakT9sSpHSR%2F9oOZJIcsbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
7f5ae6040a641caa-AMS
expires
Mon, 11 Sep 2023 18:49:28 GMT
ico-cams.png
static-assets.highwebmedia.com/images/ Frame F76E 		549 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-assets.highwebmedia.com/images/ico-cams.png?829027f88094
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QTVMMK11CZHMQ7S5
age
1902413
cf-polished
origSize=1457
alt-svc
h3=":443"; ma=86400
content-length
549
x-amz-id-2
NklzmhOlXczU/1QwsJf1m9DSHo9jnxNj+8PPrlzu2CGwMlvoKttxQ1G+M2QU4RnO/T6Qh9wYgqM=
cf-bgj
imgq:100,h2pri
last-modified
Tue, 19 Jan 2021 22:03:22 GMT
x-amz-meta-s3cmd-attrs
md5:58ecd9d7af4908cce84eccd4cbd6f0d0
server
cloudflare
etag
"58ecd9d7af4908cce84eccd4cbd6f0d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfW3s%2FX5Auw7ojoyffA7bS2Mn9P6bGYxfiRK%2FhptzxB1EYuyyTt%2F%2Fj9pcPnzbUkZbQ0gL2Za%2Fa%2FsDMHQs0EN4bkbjh4oRonEyk00zlvlNpkh2rqASu2Gd%2FLA%2FJQcxS%2FReYjh5ak%2FlrmZ1X11vOM%2FTfEnqz%2FE%2Br5lgjYFDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7f5ae6040a661caa-AMS
expires
Mon, 11 Sep 2023 18:49:28 GMT
ico-female.svg
static-assets.highwebmedia.com/images/ Frame F76E 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-assets.highwebmedia.com/images/ico-female.svg?818c9c4c368f
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
818c9c4c368ff40bbc414f8bb3a80990c7208bcf0b45f9d9aa947f1ea2e1eb93

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5MM7XDXDP5XNG3X1
age
699491
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yR+hf9agRoE0k6OB09hYhu8FqziJaeEeCImp9opwQGeMmRSPW3B4zLRGaDUuwm6dJW5KKB+igmw=
last-modified
Tue, 09 Mar 2021 22:37:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:304b64c8f4b6c7e0c36c86b419151c45
etag
W/"304b64c8f4b6c7e0c36c86b419151c45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1Yg%2Bs38c9n8SSer0RpGAGtEzRDLB8IwR8lGWMSrzknG1lDSkf5827W43jWimkI80GAiLOKRzaxshAcHnTDZHZbR291DNzQQZZL6wXJZYG0VtlLPE2qBbbQEYFMM1qQ0bD1bDIeAL69sQl99OA5gyr2DhgiSIfWftpjzrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=2592000
cf-ray
7f5ae6040a671caa-AMS
expires
Mon, 11 Sep 2023 18:49:28 GMT
ubuntum-webfont.woff
static-assets.highwebmedia.com/fonts/ Frame F76E 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/fonts/ubuntum-webfont.woff?a7fc63c36394
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e

Request headers

Referer
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Origin
https://chaturbate.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PDF9MB0HG0CD7N0C
age
2082715
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kBXu23aI3qFJJ2Xf9oMmfocLSIObl9b29P/n7Gs1QBC5X3YzQDUEyvPc0ZswiZAb34cj0EKdCro=
last-modified
Tue, 19 Jan 2021 22:07:54 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:9968f3d2a16c9ae20a54d0e44ee83d3a
etag
W/"9968f3d2a16c9ae20a54d0e44ee83d3a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeOZD0csV0C8d2RiqqA0k1o3ceYu%2F4BT%2FXidEzXkVP4u8c%2FrEvklbruPZdABjzXT9xVsHTVaOA%2BFgGhWjQYEmei89314SJegp%2B9AABMpdLscsJlbjEe9Umh258VzpJB3fOgyj7C3QfTZTFA%2FAvGCOi2c%2BfJt9boeNuZC2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
cf-ray
7f5ae6043b0db987-AMS
expires
Mon, 11 Sep 2023 18:49:29 GMT
ubuntur-webfont.woff
static-assets.highwebmedia.com/fonts/ Frame F76E 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-assets.highwebmedia.com/fonts/ubuntur-webfont.woff?896a82003cd1
Requested by
Host: static-assets.highwebmedia.com
URL: https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5e2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d

Request headers

Referer
https://static-assets.highwebmedia.com/CACHE/css/output.9351446b200f.css
Origin
https://chaturbate.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2XZXKAZWKFNM818J
age
525907
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2Nssok16E8pvameUTVBUb3yPjpNTb4yTnaMwVwTj3bXEO8YCA7wowTU/4WtP+3ucFNzJIhb2riE=
last-modified
Tue, 19 Jan 2021 22:07:55 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:30556905d926944a6ada140546bcf5ce
etag
W/"30556905d926944a6ada140546bcf5ce"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U5OhLUcujFda%2B8FE%2BPNL1l9R2YP05ltX14LbPzzdKW00zRm9ovp7gfmcr7caQMU%2BkYhfFQWzaRbQzG5y3I53ubr7fyQSuX3EXBX8T03mWs2SvrOEMTH1B%2BtLn75ah1N2z7taOtwvhbepZvgmiN0V8cH6%2BY0UKSOQFuvAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
cf-ray
7f5ae6043b0fb987-AMS
expires
Mon, 11 Sep 2023 18:49:29 GMT
invisible.js
chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 79CD
Redirect Chain
  • https://chaturbate.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H3
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22cd47fd59e5575a2539774d3ab0f27256be5c822f1ff1f7d37bca200f7c63ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhFWbOQvCsaCptTxVdvxEl2SjrxBra6rtwn3QXwLEY%2B%2FInyWVtWIc23Q4JJQm6W2n1%2Fd%2BJwaquh6%2BzKZNf8NISv188ZyX%2BvYyub%2Bl5T%2BofNQmnqJBDxHOzKW2%2FHc3kYbs%2FvractWbWc7SHZB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f5ae6046e6a0b48-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 12 Aug 2023 18:49:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsRhwAGiaO%2B50bRTXa8jzNXcruaMnyWUFYVDCsobbu2MF2trnPnGVx6Xesh2DydEWK9udinH6hES0CRWGdRDTOlj5GcO1Pfp15Pu85gCvmMLMhQC0qqeA8eIDASZMLzHS%2FDaxK9ixfX9kTrS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
cache-control
max-age=300, public
cf-ray
7f5ae6042e0d0b48-AMS
alt-svc
h3=":443"; ma=86400
segment.7.js
video.q34r.org/js/ Frame 7A59 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.q34r.org/js/segment.7.js?157
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9882b1d4950f6e9ec65efbef9636a76a43b423302695035cf88b8c44474acd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:28 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
13464061
alt-svc
h3=":443"; ma=86400
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 10 Dec 2021 17:25:16 GMT
server
cloudflare
etag
W/"61b38d7c-1c01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WPcnedgm7TzGiF4iqx2EajHL2nQzQU2Q1ik3zmopOKj8Q8PgfH52OZGZZwyKrV0rMb9377Lb%2B12NV%2FJxYy7l5%2FZL2Vo57Kn3h8KkdFpeK7WbsDwAY00JCRMd1NlMhtWtintATtbWlh31MCuTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
7f5ae60428ebb956-AMS
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 7A59 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://video.q34r.org
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
67466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Aug 2024 00:05:03 GMT
resolve
dns.google/ Frame 7A59 		226 B
457 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dns.google/resolve?name=115.150.204.31.in-addr.arpa&type=PTR&cd=true
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4860::8844 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
280127f8932063bd2b71a2d94a9124d3c73f3e52ac2802005cb3a5cd132d2d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 12 Aug 2023 18:49:29 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=2999
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
161
x-xss-protection
0
expires
Sat, 12 Aug 2023 18:49:29 GMT
netu.php
sadjklq.com/ Frame 7A59 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sadjklq.com/netu.php
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a5b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
5a1c2863ee52bc9fc00e97531543fd3e7bb77b042d591753c3ef0fe4dc760bf3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://video.q34r.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecBFIwKxSE7OxSfvEqc%2Ft6nEimWoXOO9AK2onKmzC3Q9dmIy0yqu7N9HB6jz0g79si0JvysJKvSErCnt5AcCfRUaqrGtQ7bdsL8NX6a9IvrLD3%2FfepRtPirpj3bFaHX%2BmAA8fMhhWnkO8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7f5ae604d80cb7af-AMS
alt-svc
h3=":443"; ma=86400
7f5ae601ef520a70
chaturbate.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 79CD 		0
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chaturbate.com/cdn-cgi/challenge-platform/h/b/cv/result/7f5ae601ef520a70
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YALrNbliWsZ%2Fk8nXNCHZ7fzlG8bSEM0SdDPgGgxct%2FJOOV2Z60BNs1BhYa5DS9cnTK4LrcoTBAVsr3TW9QCMeBdngpLZymkFOj1deaEojHQRvW12%2FVSCSy09AmvFEdBhiP1GJSlumu3V4vw"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7f5ae6054fb10b48-AMS
alt-svc
h3=":443"; ma=86400
async-api.e9f77430-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.e9f77430-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
370a9e517ef0694db38a18b53a46711e1461912f0074f024db5373ff946fc894
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Nnzi3DxfGlFxxxaHTHoVoaEtXaaSwSj1
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCNM14T9PW2RB52
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1384
x-amz-id-2
PgNs2Xcdzebatkx2EE+wUHldrklUlE65phBJ4WdWpTRlYcTbwDtvAb2/3hobwZMEgmvp16CfHck=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691866169.235864,VS0,VE0
etag
"193a6d6f02af9cfb9888de413246e90b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
549
860.95a91211-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/860.95a91211-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0aee72df00de1dcfe4d631dd2a72979cee0e756ef7e243b2799856582c44557
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
EoQgbqtiNktUFHe2XcVVByjJaUw3xjmB
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
HAB4VT89PCCZ7QC9
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5422
x-amz-id-2
/gyIKdHrpgsOZ3pmdMcRiEdASNvWqWBfQLBUforTtmu9OKeit8FZdvfFm3AtPl5MU5Lszar29J4=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.236101,VS0,VE0
etag
"b550851fb79f7d61442ca34a6120ac44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
553
session-manager.d080e4cc-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		1 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session-manager.d080e4cc-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
oaOpBoY_R0Emmn1D4qOBGa8Bli_CwZsc
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
HAB8MPYVW023QGVK
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
686
x-amz-id-2
U7JIukoYKbLiBCiTBJMWiLHh1eU2s4sZXT/6UnDUiUgOIxufaxfPddOucSpRlg/muHMXfiODEWI=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.236081,VS0,VE0
etag
"a097cb2068fb2d63e521cacf139c921d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
496
f.php
sadjklq.com/ Frame 30F3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sadjklq.com/f.php?sid=212040
Requested by
Host: sadjklq.com
URL: https://sadjklq.com/netu.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a5b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
6085ea5e92f83f9e5d11e2193a280e00f0d3ab894bc88824e2ce5c47fc41fe80

Request headers

Referer
https://video.q34r.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7f5ae605a8c2b7af-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 18:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60hg5fry9DJHoRBk9xgF32McL91X7Vl1nP5jirD4AGZaTQ744If5kFbneCltFhHjas%2Fve9yQlQxBvmq488uCrnLrgT9P9ALwsMj3vvnRaCHeS5dKIpPE3%2B%2BCG9PtdXEPBdFJXQAwllT2Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
lazy-feature-loader.c1052c27-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-feature-loader.c1052c27-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f51d7bb4a7314fbd42bd5a2cec23adcfd23441c6539c3437cac22bc10c285a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
4gplzRtxWsISTBSfvxcHM2iQ7IWskafp
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
ZZ7D0T9WAE2NVMWE
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
422
x-amz-id-2
j69qc1BWeOauQjzMW5MGzxUEF2UhdKzIYXnOxhO0/Nm3vGQfQL++Vr+VkIRASoGIJfUy/aXawUo=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691866169.273742,VS0,VE0
etag
"e2a4dffecb3f725ca685cfc37cc223f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
551
646.9e7a6b8d-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/646.9e7a6b8d-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de72c7056110de6c12aefd6fedb26a0e323d4cfab62d84c64db52e168af372e5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
J93EXw1eqMtGdXxiO91RJ8N7Vb2Flihy
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCQGY2JZD24C6KP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3460
x-amz-id-2
ZyREQKZPHcJYJopyGa5MuKv3KzgD4v+uPWqU285N+2rNFq4AgQr6CLcUFX8ZMypwMNshJwphlWQ=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691866169.303554,VS0,VE0
etag
"ec83dba32689d4a796844e10a31121ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
551
page_view_event-aggregate.4988d952-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.4988d952-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7662a5a8640648c39b824f101e232d34b73499503492d05394988f00ab79f1b4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
97KO3uF7bK0xbSFbyTLOB.IfHKJDnJRG
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
QC68KREARNGZT7TG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4294
x-amz-id-2
yB/cxgwHRwTRruX/P1e5iSxrU54MDN0n1wB5s/lyLahtqsSySNwxartmrt/jnGoLXHiTmjy0xAQ=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.303663,VS0,VE0
etag
"82daa027f82e87cd1c2fdffd51598981"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
551
page_view_timing-aggregate.7b2a53ee-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.7b2a53ee-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1c8bf8b428570336332bf63dd4efaf9e41b95dd4d83e324592d87d3042f747e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
9V3_HBwcuGR4s0SRIPY4jJi2AWvILXpO
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCWM9TQKMNEJ55V
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5638
x-amz-id-2
be4CZ2b1PoloMvu8p1MrS2X2Cbu/NCqzQ9Uc+XNBuHzXQxo+zJ6qHM3xHqfd5YduCCZZlfihtv4=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.303745,VS0,VE0
etag
"be733f239fd67b0efd24d572dfe8263c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
547
metrics-aggregate.b86cefcf-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.b86cefcf-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
141c410edab90686e098d4a827e8b79d8c8e295694508ddb4e3003f955127b65
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
dqbxt2r61x_OSAHoWthSPNHI9j_y3Vhk
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCMM814ZDTG8P7T
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3060
x-amz-id-2
LMFNNFURlOmFUa3ABRMXDp6WbSgcc0Wk9xE/mm8hRPaoDeCLfUJuRJoNxWF00cMzaroPGEXoP1U=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.304004,VS0,VE0
etag
"41c470a0065b8af87ec8b24a5a1862ca"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
549
jserrors-aggregate.319b8300-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.319b8300-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54139966e109c68735a44b35b95246e11cdd5650953f83ddcc313918c1781f1c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Wqoe0vEV1sR_CfPyr.jdfBzQfelSdNcp
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCPEZW1S3YX1FGZ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3788
x-amz-id-2
Ybt9hzd8V/uT6t9dHxA5QmGFXlmftJcwDQ4dKGPlW6W+MgIhrU9MWK7cNeU6qACzU+itOOj0k+M=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691866169.304368,VS0,VE0
etag
"35a3ce136e1282f16781b827a37a89f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
389
ajax-aggregate.d95c640e-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/ajax-aggregate.d95c640e-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd5e7c7720684f36bf690799e993f4596a528ddad2d2b0776a44b54f351a346a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
5_bUHwPFgsylfRZgZg9LU_MxHwk2thZV
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCVP17CC4Q14NPP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3180
x-amz-id-2
KRwGfrrKG0KMZUxQcGp3lSmYeaHRPVk7B8AZsKd7mLMubJuA67Vdk1Xxs7X8ZBiHrf+MdJ/AmXM=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691866169.304612,VS0,VE0
etag
"d560f610f09ecacfa4f67f360dc3de45"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
386
session_trace-aggregate.ac30a1f3-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.ac30a1f3-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3311fa9ef47f454f5320d40bcd3f91242131a623ed05fdc413ef3be5c04c99b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
a..pyNDlrB77mwaqeUK7hJqVgFTMus.l
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCK9Y5C7BEFQF7E
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4723
x-amz-id-2
pJmA1dsiqGPlMDG8TeRE+FI1J3jlelz+rVlqwiuwWXik3LW3g0hclFVzl4kKWLXuxz8MHqQR0Ds=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.304911,VS0,VE0
etag
"8363afb49dbbbf0e3cead025aa695785"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
386
page_action-aggregate.467f8594-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_action-aggregate.467f8594-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c4c64480a62d4461b33a7b3b890215112602eb40ba0c9237f20acda99313da6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
poxkzUMPnKJ.fArM4f0sbBjh6siyXLRa
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
DJCKWMMT10497DM0
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1947
x-amz-id-2
8uZ+O0DQFPmMF0Ih2aAUCR2MN7TB8NVtlnxigJXSU8LncE5O5Cf5Ve0Kipp3wU99RkzZB7eTdmo=
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.305162,VS0,VE0
etag
"33a909348b29a0c055bef58833261435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
388
spa-aggregate.550eec7b-1.237.1.min.js
js-agent.newrelic.com/ Frame F76E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/spa-aggregate.550eec7b-1.237.1.min.js
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78b18cfd9628f122a101ef693f21138d554ca7d55ff3c595c4d69c9b420714b4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://chaturbate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
yyO9gZPZh3EXOIuKtrznWz3VbTeouUgJ
content-encoding
br
via
1.1 varnish
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=300
x-amz-request-id
BJSXNM8PHBSC73KA
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
7763
x-amz-id-2
jxJw1BAq6ttM5qwobUpLc7p+1QazaI/Wkf46o5KfCtjH5hUP+hl6nuxWOo7GwOyUagBwoeZMU8ELEFJ7THbBaA==
x-served-by
cache-bru1480032-BRU
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691866169.305473,VS0,VE0
etag
"22f63f3005d466203719daf86f994001"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
283
banner.gif
sadjklq.com/ads/ Frame 30F3 		42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sadjklq.com/ads/banner.gif
Requested by
Host: sadjklq.com
URL: https://sadjklq.com/f.php?sid=212040
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a5b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://sadjklq.com/f.php?sid=212040
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5291
etag
"62c46f48-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MBzTM3OZDUsMMKhknyDAdAYG%2Bpv3ayMWtYsBmYfYth0BiS007CTkzkI6inm7HB%2Fw0VNd2KlnWIitU5tYZB%2BagXtMPsn8YzuS3nVVI7zFlyuppU7dAs7ypPcmJiWPRv%2BpfvQL5Yf1T8juA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f5ae606dcff1cbe-AMS
alt-svc
h3=":443"; ma=86400
content-length
42
f.php
videocdnmetrika.com/ Frame 30F3 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
Requested by
Host: sadjklq.com
URL: https://sadjklq.com/f.php?sid=212040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
d083f412f5c87a4931b1447e5d7bf0b28e29336715a35a4446059f16c35261e2

Request headers

Referer
https://sadjklq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7f5ae6075d5d0e78-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 12 Aug 2023 18:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wxQSqYM7p6vJiIaqtEXrlBqbVYXYpXDkJrKZqCEjWqQbYlhepiZ8XCxL4%2Bp3vk7PZDxpQC3K2hGyGf%2FjrkIO8OGX9QV%2BS7mQFek07dKnoQQ%2BW032mAKo4JIqnjuW%2F8My0jMuoMZrsu9ZYSBiJlLFNNS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
6f524845d1
bam.nr-data.net/1/ Frame F76E 		40 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/6f524845d1?a=24279235&v=1.237.1&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1061&ck=0&s=01de5739e0bfded7&ref=https://chaturbate.com/tours/3/&af=err,xhr,stn,ins,spa&ap=37&be=436&fe=353&dc=170&at=H0ETGw9CExRCXBM9CgBBXAkZG1QPVUwSBxFKCgIbDwkdQ0RKBBANBQ4DGw8bbj5QVw4MPDtBShtGUFYPREk%2BBgIQBkQDBRUTIndmMwMaRllEDlMMUAQHCVAHBVFRVlgCCRwgfGpDTkEnJTl7Wk0TWwMOTUAgIjwkVkFzYkMLXwAOEAFPRHpzZnMORXwZFhEFQVwbU1hdElQVBwMPFwZEFRdLVABdZggSQV5BVFgFCQtQBwpRWFFeUgUJBwMLVRMVQwMNCw05X1lYVhITA0MjLSstSnF6amVDHRsDBxAQPAFMUEpCPlhJQ1hBVgJWCQ8IB1IBA1NYUgdTVAMPDRNNE1sEERc7BBNcRkpuBlRWQ1hBKi9EFRdQQT5SVhQMFxYaRAMXd31DHRsIEjwHDBNXQUtIPlJWDwQKAAYIWlAbC0MICUNOQQ0TOVdQTUYOQ1JDWEFGT0RQRWZeE1ZYDwsZBRcPVlsbC0NYCiVMDQEXRnsbbxNNE1ARPQoXE0QDF1ACJR9XBBZDJk0wGxkbWBFuWBIMQV5XXwwBDR1DWEk%2BAxAKPAlLUhsLQ1gKJUwNARdGextvE00TUBE9AAsNCFxWTVgOX2YVGxMBQVwbdlZDEV5LABYGRk9EUEVmRBJUSz4WGhQGRAMXUV4SRVAPBUFIQRRcRExUEkVmEQMXDEFcGxpNXhRDSk5RTEZPRE5ZZlkOQk1DWEEHCwdNQEtTAEVcTwEMCUFKG0ZQRQRuUAVAWVVPREpcTVQ%2BVVYMAwoKQVwbVlFQFURLAwMXAU0FVlgbHUNDXBAXBhcXOVFaSkVDCxsCCgIQFhRbVE1UT1JWDEBPRgEUVkJKVBNuUAVAWUYCXwkHXVJRBhRTV1JVTlIIB1scWQINWE8CVwJXAARfAQBVCVJAT0YRA19QS1QTEwNDChcQExUDGhZBDkZcEwcHBhpIU1RdQk9SVk5AT0YRA0hAXEIVblQEFgsLB0QDF350NRMVQxIaEAsJV2pPVBNCUA4MQV5BVRcMGx1DVVMADAQLPBBcR0pYDl8bW0BQSlFICwUbHUNEWD4GBhIKBVxqX1AMWFUYQFlGLBJRUEsTTRNMAD0HARUPWlBmRRhBXENYQQAGFVJBVkFDHRsUAzwLEDlfVFRYDUgbW0A0DQ0CVkJKE00TTAA9DBc8EFxHSlgOXxtbQFJUQUobQFhuA0NWFhEGFjwAWFhQXRgTA0MhCxYMC1wXFRMUUGYDEAwTEANLak9UE0JQDgxBXkFXCAAXAU8EDlhSQUhBE1hqSkUTWFcGQFlGLglDXFVdAB4MT1JDTDQPV1FWRhIRdzVCUlRNVgIVblgPBw1aQhtSV08ZdElBDVRuBAAoDRdJDAYOH1IHGUkpKzAuKhUVVVgKVBkmBwAPDE8ZdlFDDlxcTlNSUU1WFwAOCFEfCFZSQzcCAFhHUB5UAg5PUVVGT0ReXE1uAl5UDAsXRllECAUBBVgBXFMABQFURBUXXlgVbk0ABUFeQRALBhcJTwgXUUBPRhEDT1xKWA5fG1tAUlRbUgAFXAMDV1xWQE9GEwdLVFRCQwsbGj5BEAwTS2kbC0FtGxlTMQA/RBUVZRMCUFQRAwoDDTobDxltQ3Z9CwcyOEFKGWkbUj0TA0E%2BQVY/RBUVZRMRbRtbQj9GUzobGRltQ1tWCAw8CxUDS1lYSD0TA0E%2BQVU/RBUVZRMFWEoAAA8BPBVWQFdVPRMDQT5BVD9ERBcVEwRdUAYLAQgGOUpFVVgVbk0EERcXQVwbFXhTDXZLETYTREFKG1BVWAZYWw0HPBcTClBBZkUEQk0SPQ0XQVwbFUlEEllmEgcREgoFXBUbTBw%3D&perf=%7B%22timing%22:%7B%22of%22:1691866168362,%22n%22:0,%22r%22:0,%22re%22:242,%22f%22:242,%22dn%22:242,%22dne%22:242,%22c%22:242,%22s%22:242,%22ce%22:242,%22rq%22:243,%22rp%22:436,%22rpe%22:444,%22di%22:601,%22ds%22:601,%22de%22:606,%22dc%22:786,%22l%22:786,%22le%22:789%7D,%22navigation%22:%7B%22rc%22:1%7D%7D
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://chaturbate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://chaturbate.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-ams21026-AMS
banner.gif
videocdnmetrika.com/ads/ Frame 30F3 		42 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videocdnmetrika.com/ads/banner.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:aba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 17:05:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2320
etag
"62c46f48-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twMru7VXB%2ByU9%2BC8BlhmsX8AKILjkzPKt04ypK8OJecwNnBwts48zbRJzvch25rgsZgFGPAiFx6f4DmkZdj%2B2MTMKODJVf%2B5ZlzQp38R12%2BfNzSDA55ZQy67O%2FydMe5ZEi%2BdREMhW%2FFE4p7y9SbOHva%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f5ae607ee0b0e78-AMS
alt-svc
h3=":443"; ma=86400
content-length
42
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame 30F3 		217 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81a8da9783329cb7a3420956ef8e010c36bf684a25f69a76aef296bc880abbab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37494
x-jsd-version
1.289.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"36378-LPTjNpV4HRirBesZNjmU5V+Qfjk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwsGHBGTS2mjlleeEQ%2B%2Bw1qs5T3Flf01HiJPKisb%2Fsyaht%2BJkVLMftVyRAulysye4D7H7mhz%2B4gYv7T%2BmmEzaG4MRF3yKEDpJv49SwgQ1a7OyDwjAi7oIzNb%2FD%2F32vVd6co%2B7Vy1pEB2CuKfqzU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f5ae6084963b8a3-AMS
6f524845d1
bam.nr-data.net/events/1/ Frame F76E 		24 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/6f524845d1?a=24279235&v=1.237.1&to=MwYEbUdYXxJQWhULDApMIExbWkUIXldOFgwRERUXQ1BUFkIDFQ0WFlA%3D&rst=1278&ck=0&s=01de5739e0bfded7&ref=https://chaturbate.com/tours/3/
Requested by
Host: chaturbate.com
URL: https://chaturbate.com/tours/3/?tour=x1Rd&campaign=GDjeQ&c=2&p=0&join_overlay=1&disable_sound=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://chaturbate.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://chaturbate.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-ams21026-AMS
advert.gif
mc.yandex.ru/metrika/ Frame 30F3 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: videocdnmetrika.com
URL: https://videocdnmetrika.com/f.php?nd=1&sid=212040&rand=411607338
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 10 Aug 2023 13:02:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64d4b5d0-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 12 Aug 2023 19:49:29 GMT
90175160
mc.yandex.ru/watch/ Frame 30F3 		427 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/90175160?wmode=7&page-url=https%3A%2F%2Fvideocdnmetrika.com%2Ff.php%3Fnd%3D1%26sid%3D212040%26rand%3D411607338&page-ref=https%3A%2F%2Fsadjklq.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiodx84qlgpr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A1357911453145%3Ahid%3A608854900%3Az%3A120%3Ai%3A20230812204929%3Aet%3A1691866170%3Ac%3A1%3Arn%3A246288242%3Arqn%3A1%3Au%3A1691866170720422496%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A18%2C56%2C82%2C1%2C1%2C0%2C%2C8%2C0%2C%2C%2C%2C166%3Aco%3A0%3Acpf%3A1%3Ans%3A1691866169408%3Arqnl%3A1%3Ast%3A1691866170%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
1fcbb203302004307c579c1cf592975c50a67b1eb91200cef2cdf1c076398e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://videocdnmetrika.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 12-Aug-2023 18:49:29 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://videocdnmetrika.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Sat, 12-Aug-2023 18:49:29 GMT
zxwk7krOl5
marazma.com/sub/ Frame 8C6F 		233 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://marazma.com/sub/zxwk7krOl5
Requested by
Host: video.q34r.org
URL: https://video.q34r.org/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4

Request headers

Referer
https://video.q34r.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f5ae6119d470a58-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 12 Aug 2023 18:49:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTg1hd%2F01kKlDA2E7zgLNXU5qkuDl7Nz2K3jL%2FrrQ1rNuJ7lm1Q0kq%2B1SJe0boKN3Z0ekPGEaxmq5uDr6gInoQfbdtEZUaH3MteQho6lMk8hA93J3RbTzGr0NcBHE8AYPDtjzlAG%2B3lUcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.poprtb.com/ Frame 8C6F
Redirect Chain
  • https://marazma.com/load
  • https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://marazma.com
Referer
https://marazma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Sat, 12 Aug 2023 18:49:31 GMT
Pragma
no-cache
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f5ae6124ddf0a58-AMS
content-type
text/html; charset=utf-8
date
Sat, 12 Aug 2023 18:49:31 GMT
location
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7Ucl2YiF7kBB0TXNaMSq6ZQXfnH0Ra3qgOuU4kQcjn7wCOWeuBm4C56c1PPciAZTcmBZL8aFD9g3VNcY3afCkrkeVQW96Eqw%2F%2BjLEOCwEcJlZNlbg%2BazJw9WylOiEuKUGxdBxMZKr70sw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
86516845
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/86516845?wv-part=1&wmode=0&wv-hit=842940397&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&rn=531148790&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691866171%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230812204931%3Au%3A1691866168335629020%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1691866171&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onscreens.me/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:31 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12-Aug-2023 18:49:31 GMT
content-type
image/gif
access-control-allow-origin
https://www.onscreens.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 12-Aug-2023 18:49:31 GMT
86516845
mc.yandex.ru/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/86516845?wv-part=1&wmode=0&wv-hit=842940397&page-url=https%3A%2F%2Fwww.onscreens.me%2F126f5faa-265e-11ee-b11e-ca29b77277e2%2Fpriyarj-07-19-2023-17-58-27-stripchat&rn=362048426&wv-type=3&browser-info=we%3A1%3Aet%3A1691866172%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230812204931%3Au%3A1691866168335629020%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1691866172&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onscreens.me/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 12 Aug 2023 18:49:31 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 12-Aug-2023 18:49:31 GMT
content-type
image/gif
access-control-allow-origin
https://www.onscreens.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 12-Aug-2023 18:49:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1000494
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1005493
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1000493
Domain
poweredby.jads.co
URL
https://poweredby.jads.co/adshow.php?adzone=1000049
Domain
video.q34r.org
URL
https://video.q34r.org/ad/top/popunder.js
Domain
video.q34r.org
URL
https://video.q34r.org/player/embed_player.php?vpn=1&vid=1

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| Astro function| handleException object| clLogsArray function| S4rr function| _cledhpu1atavyw9ehbx2vp object| adsbyjuicy object| _paq object| dataLayer function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge object| a string| x number| mhz boolean| zfgloadedpopup object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log string| _asg_rnd object| NaConf object| _NA object| __AsgCookies function| __AsgInterstitial object| asgPopScript object| __asgStorageDriver object| __NA object| __ASG boolean| _asgIframeInitialized object| AsgAbBanner boolean| AsgAbBannerLoader object| __ASG_IP_PUSH boolean| _asg_is_incognito object| google_tag_manager object| google_tag_data function| ym function| onYouTubeIframeAPIReady object| gaGlobal object| yaCounter86516845 string| fss boolean| _asg_was_tabunder

37 Cookies

Domain/Path Name / Value
pasbstbovc.com/ Name: CHCK
Value: 1
pasbstbovc.com/ Name: UID
Value: 2308121349a90da3fbb8f249558a26e2a912
www.onscreens.me/ Name: _pk_id.8.07bd
Value: 2584ef6f7fa8d6e6.1691866168.
www.onscreens.me/ Name: _pk_ses.8.07bd
Value: 1
blow.week1time.com/ Name: nauid
Value: WWAm9GBccC8oEdT9aop5
.onscreens.me/ Name: _ga_LCHG5KSTPG
Value: GS1.1.1691866168.1.0.1691866168.0.0.0
.onscreens.me/ Name: _ga
Value: GA1.1.358214657.1691866168
.jads.co/ Name: surferid
Value: c9801fd48fdb8038acff1bf10199218b
.jads.co/ Name: juicy_data
Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
video.q34r.org/ Name: uid
Value: ty47MAPyceBIdz__7RYsF-2l_HNOLEJ2
.onscreens.me/ Name: _ym_uid
Value: 1691866168335629020
.onscreens.me/ Name: _ym_d
Value: 1691866168
.onscreens.me/ Name: _ym_isad
Value: 2
.jads.co/ Name: imps9882
Value: 1
mc.yandex.ru/ Name: yabs-sid
Value: 694419891691866168
.yandex.ru/ Name: i
Value: vAPPimXZBqKfzi+pe/zihNIGU4JYiwmwfpADiJCqhrtv313gwt3LA1T1/2xxvewLvImdPVaiqCOlRh+IPKo7I9cyxOU=
.yandex.ru/ Name: yandexuid
Value: 5844081541691866168
.yandex.ru/ Name: yuidss
Value: 5844081541691866168
.yandex.ru/ Name: ymex
Value: 1723402168.yrts.1691866168#1723402168.yrtsi.1691866168
.yandex.ru/ Name: bh
Value: KgI/MA==
chaturbate.com/ Name: u_x1Rd
Value: 1
chaturbate.com/ Name: us_x1Rd
Value: 1
.chaturbate.com/ Name: affkey
Value: "eJwdjEEKgCAQRa8is45El66D1nWD0omoTHEmKqK7x7R87z/+AwxOwWX6AJUCH7Ng2yzYCXNZhTfibYxIviCmnWQp4mfmTE7rnE4sGMa7XoZAtU9akmGaJLJzYj5E/N/WwPsBDeIimA=="
.chaturbate.com/ Name: fromaffiliate
Value: 1
chaturbate.com/ Name: noads
Value: 1
chaturbate.com/ Name: stcki
Value: "QGvuR6=0"
.chaturbate.com/ Name: sbr
Value: sec:sbra902dc07-2511-412b-8349-a3a191f0ad03:1qUtg0:xvAKbz61FWjPtQaC2VnsLjaQ-wU
.chaturbate.com/ Name: __cf_bm
Value: APaz5SSNSPBKCGH9tjTdOc51qS0ITIc153mDJWErxa4-1691866168-0-AZUuxdBB6aABA88nxPTGnHVSXtfhF6l/R01tIIkAqZNrq8B7P7xR1uuF1dXWkABDR/JnJOjpIFc1xeYRvU6KWvo=
.onscreens.me/ Name: _ym_visorc
Value: w
.jads.co/ Name: imps42805
Value: 1
.jads.co/ Name: imps9183
Value: 1
.jads.co/ Name: juicy_data_1
Value: YToxOntpOjI5MDIzMztpOjE2OTIxMjUzNjc7fQ%3D%3D
.highwebmedia.com/ Name: _cfuvid
Value: uq4LUBK6x.ioHrmFC1da.hfbZ7FRwpiua5cmQ2rwav0-1691866168935-0-604800000
.chaturbate.com/ Name: cf_clearance
Value: h8_nsYPmG5BbW26ZxiUo7RrseHc2yJC2UxqvV.59co4-1691866169-0-1-16425f4b.fa16154c.65c20675-0.2.1691866169
.videocdnmetrika.com/ Name: _ym_uid
Value: 1691866170720422496
.videocdnmetrika.com/ Name: _ym_d
Value: 1691866170
.videocdnmetrika.com/ Name: _ym_isad
Value: 2

4 Console Messages

Source Level URL
Text
network error URL: https://commentsmodule.com/js/js.load.1.js?106314593641019
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'bluetooth'.
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.juicyads.com
bam.nr-data.net
blow.week1time.com
cdn.jsdelivr.net
cdn.tapioni.com
chaturbate.com
commentsmodule.com
dns.google
fonts.googleapis.com
fonts.gstatic.com
i.jads.co
js-agent.newrelic.com
marazma.com
mc.yandex.ru
pasbstbovc.com
poweredby.jads.co
region1.google-analytics.com
roomimg.stream.highwebmedia.com
sadjklq.com
static-assets.highwebmedia.com
statistic.satiq.net
unpkg.com
video.q34r.org
videocdnmetrika.com
www.googletagmanager.com
www.onscreens.me
xml.poprtb.com
poweredby.jads.co
video.q34r.org
151.101.2.137
151.139.128.10
162.247.243.29
174.137.133.17
185.94.236.253
2001:4860:4802:34::36
2001:4860:4860::8844
205.185.216.10
2606:4700:10::6816:2747
2606:4700:3034::ac43:aba9
2606:4700:3035::ac43:a5b8
2606:4700:3038::6815:ea82
2606:4700::6810:5614
2606:4700::6810:5e2a
2606:4700::6810:7daf
2606:4700::6812:6528
2606:4700::6813:f253
2a00:1450:4001:803::2008
2a00:1450:4001:828::2003
2a00:1450:4001:830::200a
2a01:4f8:161:6222::2
2a02:6b8::1:119
2a06:98c1:3120::3
2a06:98c1:3121::3
62.122.171.6
005839f2a9f773c412f6910ff21281f934d1d9c9509cd9c170f72f2bee5f43ef
02bfe808f51189a6e4b07af00d294e826c32dfebb5e1746b3b0fc893c2b48e21
02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06763099c342d2a6f0cb56462ae26d04775241db45afa843df1d920e3d8bc683
08c7b74d341e1006ca03a1666759b351ebb67b5b0def3772fec424754c653f44
08eb57c6f0f295475b2e10544d8cfc9bc69a5d354d3e59f7a15b838536c92125
0a9eca234bb62ae97fd57d3595479511d5da1b81a4fbede0c77fd281326a07e0
0b8b38633b185684c492474c16e6af35c2694af879d79d714afb1866a3740172
0c0d81b0bb27b41cf8fb9a634035ab37194a707a49657845217112777c1c1b3a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
141c410edab90686e098d4a827e8b79d8c8e295694508ddb4e3003f955127b65
19a8fd22e72dbac7ced6d9f448c8948ac8a4b57f8c3d7b25cc2fc635a5b8bd4a
1d85956e60f098d0e36bd9c3e3457ea595d083561c95edf8ddffb37a577dcb55
1fcbb203302004307c579c1cf592975c50a67b1eb91200cef2cdf1c076398e26
22cd47fd59e5575a2539774d3ab0f27256be5c822f1ff1f7d37bca200f7c63ad
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
280127f8932063bd2b71a2d94a9124d3c73f3e52ac2802005cb3a5cd132d2d27
2a750a5c4cd53d770d99cfd648aab9587e12c2fe9e2f6d0a52b699d2e88e5615
2b9882b1d4950f6e9ec65efbef9636a76a43b423302695035cf88b8c44474acd
3049d27a72a2c4f26053190330ec6aadd7f7ac760191bf2dae6a79afa6f6c959
370a9e517ef0694db38a18b53a46711e1461912f0074f024db5373ff946fc894
3ca8e7c2187c7f9ba24c81efcf46e857f5947124a273bf63b60a5b76288fe5f5
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641
3e57280723b770c8795ae6401f56b570619e038ef9213276d9f1a7513864fdfe
3f3eed05646b724832d779e0e06a37b2909f6fe98cc61f9fd53f0fa769060e7d
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
45bc2ebb82341b0beb20bf20f0318c5f520e782e2c23da5280d26ab94e046013
4842278ec3149ea60369ae040618c4348dbd5a70631a7b7e88946d36bf786570
4c48c081025563ab8d1a89b0eece7054d1d253bb5a19bde1cd9d628d349e095c
52dc5730b7afd3f35531dcca2bd7b9984f0271d15c8b449c4b1d425dddf12a33
52e7a982fa95fe2fbbef8a6b3f81ade44020d08b61849fa94d39a7527127bf3c
54139966e109c68735a44b35b95246e11cdd5650953f83ddcc313918c1781f1c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5776d146edfa1de32f5c74f409ced004eac80e4f8e2b981ab44dfd46ebba1712
5a1c2863ee52bc9fc00e97531543fd3e7bb77b042d591753c3ef0fe4dc760bf3
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5c4c64480a62d4461b33a7b3b890215112602eb40ba0c9237f20acda99313da6
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
6085ea5e92f83f9e5d11e2193a280e00f0d3ab894bc88824e2ce5c47fc41fe80
643afb62076f5e7d7e71e751b205105bfaa5f7d51aa86e55cd2b064db5c5e77c
65dfd5345e9e11d6825f552319a0c5711f90712e2addab7f6b0cf919dda47ccc
674eb461715da45489fb9f53461975f4ed611b39c13eea8a13ba64edf789a672
69ae5a5300e318fd2e3fbf8a309ccbb1a6ce507f5cc276af48a884032541333b
6afe63ae8a7adf75cdc9d70b79ce2dbfd61cbbf3207d51d077158324def728db
72b7b42dc1fe022438e97d26a6e9e979ba233d5c6760f54843d666392a73d05b
72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f
7662a5a8640648c39b824f101e232d34b73499503492d05394988f00ab79f1b4
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
78b18cfd9628f122a101ef693f21138d554ca7d55ff3c595c4d69c9b420714b4
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
7967f3b4c9fe9bb5e574efffbd8673ce4173054b4060915655cfc77e120581b4
7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e4c96c7f5646bbfaf16e995581a77ac2a1109e4545fe38ad155c800db4c2f29
818c9c4c368ff40bbc414f8bb3a80990c7208bcf0b45f9d9aa947f1ea2e1eb93
81a8da9783329cb7a3420956ef8e010c36bf684a25f69a76aef296bc880abbab
87787713f48db86d8c989d301c72738fead33883013ebe7eacd14b7b39377a99
886a05e55a7a865cdba97de94ba28d3922411bcbb543896412c4de4ceeef4967
889727ca9e58ccddfc9c0df7031ea9b5fd19b42a15286cc5c380eef5bea350ab
896a82003cd1a9134b0404c129bb7b8292e1d8a91298e275141b21086baa8a9d
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
8f51d7bb4a7314fbd42bd5a2cec23adcfd23441c6539c3437cac22bc10c285a5
90d2dbafea80be38fb370ea9fd7f808e0f6d7ffabfe52ccd8832d8a693d8f077
987ce43cf79687c65b8a9db7a7524162bbb7b3b27bd10925e0c50d842298cb17
9fa788c5f5f8afbceeb678668a78a3e1a9051007b0024caa297f1fbb8bfa55a1
a0a8a0731055dbb196d7014e03e52e4d45a3d2edae5c273369b4ca7bc0e85bc4
a1c8bf8b428570336332bf63dd4efaf9e41b95dd4d83e324592d87d3042f747e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
a7fc63c363948d7add8e1dade66045376e2bad22da6697f84d175e5f9a76166e
b1e12c59a9b1d3e8447d6a7aeb584101c71751561b98f3f0162f58f1e617c7fb
b74df354b80e250dc83e4f231ae2416d34e0a72323f20fec5d1c54c67fb3e79a
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bd024befe2605a3a602e162c67573680fdcf95c833f7bba3523d74fa12cc524d
c0aee72df00de1dcfe4d631dd2a72979cee0e756ef7e243b2799856582c44557
c0f35d46944037b526e186da07539e0d14784c18afe8b9acaf5c1cf88d84c582
c2367575b5fa65a8b331f1b01fbebd1b3fd1934cc958f2154fd0922a8e2aca61
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
d083f412f5c87a4931b1447e5d7bf0b28e29336715a35a4446059f16c35261e2
dcbf5dfb00d36ef58a8a55590c47336218a98b18afaa8644c52cb4b2803eb6ef
de72c7056110de6c12aefd6fedb26a0e323d4cfab62d84c64db52e168af372e5
e2f1967bd0ff37182a4c0d4af0ae9cb04cdcbd189cec906bc2e2d9e0a36209e7
e3311fa9ef47f454f5320d40bcd3f91242131a623ed05fdc413ef3be5c04c99b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41bc293c7e7c94f2bd57d23a1dfecab0664a21b44c37f1530eb5596499ff939
e6d7d05844c2e0af9c925fcc333ed3f33c5c89419832e52dd6e1b98ccac59881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f87ffecddf0e0acf3f68e36a09a04ae4eea17dde03da828701564fa275fc6ece
f8904d6555752ab89a1e1d316c1dd26d542c184186988017d5a7b56edbfb3e73
f9e5e435e5aa5877bbe306abb79af87ebbabf89e2eb52dd4b3122c2af281c9d5
fbd264811311f63eb5ff294d6a145d71ecfb3c127274d12ac66feb32a07b9738
fcb2914c1605445798ee1578138b81194d86e314d4b818a801e662a5c82222c5
fd02fbc9657358acae09c456a400dd098237273a01e77f7ca47e3660474ff844
fd5e7c7720684f36bf690799e993f4596a528ddad2d2b0776a44b54f351a346a
ff548f546eb7b4719d103206b80b1ddfcf0dacdf8a97c81b00c147ecd0ec2d2e
ff611edaa01dda0db86a5c9fd58932ce19a86b81c4d497c6a06e9c99c9323014
ff7f802dc756ff5430854f65659cfe9ccff8d3c7e42e5aa256cd07cb17cae247