www.iafd.com Open in urlscan Pro
172.67.69.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Effective URL:
https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Submission: On December 23 via api (December 23rd 2023, 6:33:38 pm UTC) from AU — Scanned from AU

Summary HTTP 40 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 40 HTTP transactions. The main IP is 172.67.69.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.iafd.com. The Cisco Umbrella rank of the primary domain is 729516.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 25th 2023. Valid for: a year.

This is the only time www.iafd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 19	172.67.69.12 172.67.69.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.51.93 104.22.51.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
3	173.236.192.105 173.236.192.105	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	142.251.221.72 142.251.221.72	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
1 2	142.250.76.104 142.250.76.104	15169 (GOOGLE) (GOOGLE)
1	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
1	142.250.66.206 142.250.66.206	15169 (GOOGLE) (GOOGLE)
2	148.113.1.194 148.113.1.194	16276 (OVH) (OVH)
1	205.185.216.10 205.185.216.10	() ()
1	93.93.51.191 93.93.51.191	() ()
4	93.93.51.200 93.93.51.200	() ()
40	16

19 172.67.69.12 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

iafd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iafd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banman.iafd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.51.93 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.236.192.105 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: vps47771.dreamhostps.com

revive.iafd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.221.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.104 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.113.1.194 (Mumbai, India)

ASN16276 (OVH, FR)
PTR: ns5021500.ip-148-113-1.net

adserver.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (None, )

ASN- ()

ads.juicyads.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.93.51.191 (None, )

ASN- ()

pt.wmptcd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (None, )

ASN- ()

pt-static1.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static2.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	iafd.com 4 redirects iafd.com — Cisco Umbrella Rank: 651961 www.iafd.com — Cisco Umbrella Rank: 729516 revive.iafd.com banman.iafd.com — Cisco Umbrella Rank: 952511	87 KB
4	ptwmstcnt.com pt-static1.ptwmstcnt.com pt-static2.ptwmstcnt.com pt-static3.ptwmstcnt.com	21 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 587 www.google-analytics.com — Cisco Umbrella Rank: 27	18 KB
2	juicyads.com adserver.juicyads.com — Cisco Umbrella Rank: 42987	6 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 5068	32 KB
1	wmptcd.com pt.wmptcd.com	3 KB
1	juicyads.me ads.juicyads.me	27 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	337 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	751 B
0	vcmdiawe.com Failed galleryn2.vcmdiawe.com Failed
40	14

	Domain	Requested by
13	www.iafd.com	1 redirects www.iafd.com
4	banman.iafd.com	1 redirects www.iafd.com banman.iafd.com
3	revive.iafd.com	www.iafd.com revive.iafd.com
2	pt-static1.ptwmstcnt.com	pt.wmptcd.com
2	adserver.juicyads.com	revive.iafd.com adserver.juicyads.com
2	ssl.google-analytics.com	1 redirects www.iafd.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.iafd.com pt.wmptcd.com
2	cdn.datatables.net	www.iafd.com
2	iafd.com	2 redirects
1	pt-static3.ptwmstcnt.com	pt.wmptcd.com
1	pt-static2.ptwmstcnt.com	pt.wmptcd.com
1	pt.wmptcd.com	adserver.juicyads.com
1	ads.juicyads.me	adserver.juicyads.com
1	www.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.iafd.com
1	cdnjs.cloudflare.com	www.iafd.com
1	code.jquery.com	www.iafd.com
1	fonts.googleapis.com	www.iafd.com
0	galleryn2.vcmdiawe.com Failed	pt.wmptcd.com
40	20

This site contains links to these domains. Also see Links.

Domain
blog.iafd.com
www.rame.net
twitter.com
instagram.com
www.facebook.com
www.flickr.com
www.theporndude.com
www.adultdvdempire.com
eurobabeindex.com
egafd.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-25` - `2024-01-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-27` - `2024-02-19`	3 months	crt.sh
revive.iafd.com R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-12` - `2024-06-11`	a year	crt.sh
*.juicyads.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-12` - `2024-05-24`	a year	crt.sh
ccs.livejasmin.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
pt-static1.ptwmstcnt.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Frame ID: BC34771EC084D52BBF8DC19B734F3898
Requests: 23 HTTP requests in this frame

Frame: https://banman.iafd.com/a.aspx?ZoneID=23&Task=Get&PageID=55261&SiteID=1
Frame ID: DD7765165ABE54F00864F42AA946D62E
Requests: 1 HTTP requests in this frame

Frame: https://www.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 449C5CDEFE97FC91DCEF0D4E9C46B409
Requests: 2 HTTP requests in this frame

Frame: https://banman.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 9019290F80EBCD311DD9F4A4E0AE9624
Requests: 2 HTTP requests in this frame

Frame: https://adserver.juicyads.com/js/jads.js
Frame ID: 31590D8E018F4D0FCC21F729AF06BB1E
Requests: 2 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=741262
Frame ID: AF9EC457EB83D8915B862DFB04B3B3FE
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=741262
Frame ID: 8F65918E38DEF9A5417B7539C951A856
Requests: 2 HTTP requests in this frame

Frame: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Frame ID: C5FBA41620249FA111F75648FF0F1495
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

lara roxx - iafd.com

Page URL History Show full URLs

http://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm HTTP 307
https://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm HTTP 301
https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

85 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

3
Countries

363 kB
Transfer

1066 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.iafd.com/
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.rame.net/
Title: RAME.NET

Search URL Search Domain Scan URL

URL: http://www.rame.net/faq
Title: Adult Movie FAQ

Search URL Search Domain Scan URL

URL: https://twitter.com/iafdcom
Title: IAFD @ Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/iafdcom
Title: IAFD @ Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/internetadultfilmdatabase
Title: IAFD @ Facebook

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/iafd
Title: IAFD @ Flickr

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/morbidthoughts
Title: MorbidThoughts @ Flickr

Search URL Search Domain Scan URL

URL: http://www.theporndude.com/
Title: The Porn Dude

Search URL Search Domain Scan URL

URL: http://www.adultdvdempire.com/
Title: Adult DVD Empire

Search URL Search Domain Scan URL

URL: http://eurobabeindex.com/
Title: Eurobabe Index

Search URL Search Domain Scan URL

URL: http://egafd.com/
Title: Euro Girls Adult Film Database

Search URL Search Domain Scan URL

URL: http://blog.iafd.com/2015/09/01/what-the-fuck-happened-here-a-primer-to-our-new-layout/
Title: About The New Design

Search URL Search Domain Scan URL

URL: http://blog.iafd.com/
Title: Our Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm HTTP 307
https://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm HTTP 301
https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://iafd.com/graphics/cdn/iafd-responsive.css HTTP 301
https://www.iafd.com/graphics/cdn/iafd-responsive.css

Request Chain 20

https://www.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 22

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=853851125&utmhn=www.iafd.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=lara%20roxx%20-%20iafd.com&utmhid=934721796&utmr=-&utmp=%2Fperson.rme%2Fperfid%3Dlaracox%2Fgender%3Df%2Flara-roxx.htm&utmht=1703356413799&utmac=UA-1149126-1&utmcc=__utma%3D23600418.323130201.1703356414.1703356414.1703356414.1%3B%2B__utmz%3D23600418.1703356414.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2146060711&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1149126-1&cid=323130201.1703356414&jid=2146060711&_v=5.7.2&z=853851125

Request Chain 24

https://banman.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://banman.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request lara-roxx.htm Show response
www.iafd.com/person.rme/perfid=laracox/gender=f/
Redirect Chain

http://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
https://iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

30 KB
8 KB

5444ms
5435ms

Document
text/html

172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

57ad8b2b02411df72831e38b185e6ed6d045e42b57e566d9494ca311db622b20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 83a2b16a1e1aa938-SYD
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Sat, 23 Dec 2023 18:33:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVM7VA1x0fYaXrkd6atgIukImpAwpa9h%2F1xmeGMC5SD2hVXWb0KBrxOFM6Bzbj8SAtlbSyve36%2FGAbW7rlGkxVkfBuj3nrf3h2CbQbXE8EcxtUOPz4S5aQgn3dAu7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 83a2b1636b6aa938-SYD
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 18:33:27 GMT
location: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy8GWVGK6nDv9pwX8ErlWHPESw2DxjxK%2B%2BbVHlAidJE%2BVuUAfATLXzmSs%2BOvNAZLJoX3JsEO4YnO7NSTc03kVBT0HUCcocBxg%2FmQbYRKjU8HJq1QlGN45CO1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

GET
H2 200 bootstrap-3.4.1.min.css
www.iafd.com/graphics/cdn/ 119 KB
20 KB 25ms
22ms Stylesheet
text/css 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/cdn/bootstrap-3.4.1.min.css

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 4144
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
server: cloudflare
etag: W/"802bc98a7c3d41:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOZUr%2Fxio0UmhFK4iu45DPIiKONYGK%2FURAMjCZtEI7CFKDDrv3jRyKqoT61%2BT58Bc93McbeRQ1hpiLLJJTHo07K4g6UK7lBGmo2A2M50pN5d6aoUao1SoDODZUgLmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 83a2b18c2c17a938-SYD

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.13.4/css/ 19 KB
3 KB 320ms
8ms Stylesheet
text/css 104.22.51.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.4/css/jquery.dataTables.min.css

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.51.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

574812c14f532fd0bc80d2bf93c399e5114346e8869b3a48e1fb08d05ea2e9ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2078333
content-length: 2797
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
server: cloudflare
etag: "1161866-4c61-6097a9c4e9620-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83a2b18e1f8d574b-SYD
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 28 Nov 2024 17:14:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 802 B
751 B 500ms
100ms Stylesheet
text/css 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,700

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

ESF /

Resource Hash

4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 17:38:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 18:33:33 GMT

GET
H2

200

iafd-responsive.css
www.iafd.com/graphics/cdn/
Redirect Chain

https://iafd.com/graphics/cdn/iafd-responsive.css
https://www.iafd.com/graphics/cdn/iafd-responsive.css

6 KB
2 KB

11ms
10ms

Stylesheet
text/css

172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/cdn/iafd-responsive.css

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

32f6d67c9a8e41e28d895e4c323dc59c37a6a5fde100e4fb4114b60a89e86b91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:32 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5610
cf-polished: origSize=8905
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 20 Sep 2015 15:31:26 GMT
server: cloudflare
etag: W/"0db9a69b9f3d01:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=us%2BwZEuhZMCtw4ZI6CslTK%2Bq5wbLmcO4dOf0TGD5VtMnIPOKp9spGeOEPxWQATogZ4roldMm5iFFsTEni%2FYUR56zdwmabqRy8x3LYC%2FSS9GtK5J%2FFaqBj0NOt09rQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 83a2b18c4c29a938-SYD

Redirect headers

date: Sat, 23 Dec 2023 18:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 823
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyHYoYJNQ2ZWhUvWax6HAHPzPJvIQdzT1LbVg4pHmlGx0dEutQg5qOpDMqnhd5CUuXK%2BrkKTXr1tLF82HRtRA%2F29%2FCII%2FhSE2O2HqNZIS7Eius8ly9L%2BZ740"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.iafd.com/graphics/cdn/iafd-responsive.css
cache-control: max-age=14400
vary: Accept-Encoding
cf-ray: 83a2b18c2c1aa938-SYD

GET
H2 200 asyncjs.php Show response
revive.iafd.com/www/delivery/ 4 KB
2 KB 648ms
215ms Script
text/javascript 173.236.192.105
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.iafd.com/www/delivery/asyncjs.php
Requested by: Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.192.105 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps47771.dreamhostps.com
Software: Apache /
Resource Hash: 41e1eb2d69cb3b6034fc2cdfccf1843876309d9a684d06303963fee43045dfee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: gzip
server: Apache
etag: faffa55e634c7cc5e5abac451e5c09cd
vary: Accept-Encoding,User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600, max-age=2592000
expire: Sat, 23 Dec 2023 19:33:33 GMT
content-length: 1932
expires: Mon, 22 Jan 2024 18:33:33 GMT

GET
H2 200 favicon-16x16.png
www.iafd.com/ 358 B
778 B 13ms
12ms Image
image/webp 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iafd.com/favicon-16x16.png

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ec00dc75132d719ae219e5a6defeda125e2a3e23344f6af48bd416b536102bbe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:32 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4144
cf-polished: origFmt=png, origSize=669
x-powered-by: ASP.NET
content-disposition: inline; filename="favicon-16x16.webp"
alt-svc: h3=":443"; ma=86400
content-length: 358
cf-bgj: imgq:100,h2pri
last-modified: Fri, 26 Dec 2014 21:36:04 GMT
server: cloudflare
etag: "2cb9a8f35321d01:0"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SW%2F0aRylGOLjb2Sqm2ZXWQqnBY0b6UrYPTmEXH2hDbxSaDsdiAXBA0XS%2B5Yv22zLY0lHKnkBMEQmnCQqO1bPKZTjBAGcNwe5Q%2FS4lzkqPpVLpoT3b4TL7BmIjvzWsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a2b18c2c1ba938-SYD

GET
H2 200 email-decode.min.js Show response
www.iafd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 7ms
6ms Script
application/javascript 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb0LvTngsbh4z%2FID4Vw%2Foe4DYYQdPP27e4%2F7tmQpc9abSp%2FcSkZUJ9aolaMZ8gF03%2BcPvPySU3%2BKUGlDB8KQ2IFkw%2B28w4gFEBEpetlhWN%2FJzly9cFwbMePfbtSv5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 83a2b18c2c1ca938-SYD
expires: Mon, 25 Dec 2023 18:33:32 GMT

GET
H2 200 laracox_f_lararoxx.jpg
www.iafd.com/graphics/headshots/ 7 KB
8 KB 268ms
267ms Image
image/jpeg 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iafd.com/graphics/headshots/laracox_f_lararoxx.jpg

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6101164feded9063152574d712b39850c57d7b53f32b60e5c13b9e058a68e051

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=8086
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 7457
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Jan 2007 16:49:04 GMT
server: cloudflare
etag: "2433ad8ed73fc71:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuAibr%2BIYK5Rqzl1V3WPpHy9ucvJB6picDFkrNHj6RflfK42MDvt6%2FxwynrAZgttiPcJqC%2BtdTjwNN%2FuFop8NHY%2FKKX%2FT4%2F%2FtZH1j1mf7V1woPLbdRhGt9ohMxW0jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a2b18c4c27a938-SYD

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 342ms
13ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8554213
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-bne12522-BNE
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703356413.176711,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 72, 125920

GET
H2 200 bootstrap.js Show response
www.iafd.com/graphics/cdn/ 50 KB
13 KB 15ms
12ms Script
application/javascript 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/cdn/bootstrap.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3606
cf-polished: origSize=75484
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 13 Feb 2019 14:22:49 GMT
server: cloudflare
etag: W/"802bc98a7c3d41:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFdGVBc6W7GmNKPFMOb0L%2BtKFkOEGRaxvJr%2F5xCOQyMjNYGRYLfVnqE1hW7zdgk6KE5jSWUuT8VVHUdjspTzYy8%2BBF3nMLCzX69sq8b2PgJdWiAjTVBtJ1I4%2FX1WLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 83a2b18dfcb7a938-SYD

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.13.4/js/ 85 KB
29 KB 12ms
9ms Script
application/javascript 104.22.51.93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.4/js/jquery.dataTables.min.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.51.93 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

552bbd0c3eaf26eaeb697823c5026ff41bb379d19f266ed71203d041e84a065c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1993579
content-length: 29729
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
server: cloudflare
etag: "1162352-15337-6097a9c4eb178-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83a2b18e1f8f574b-SYD
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 29 Nov 2024 16:47:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 508ms
109ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LGEBTJPDNN

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f2ef9738cb227c051739ecbdee3b5d3f7de73db80f043406dfbcafdebef4a18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 18:33:33 GMT

GET
H2 200 bootstrap-dialog.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap3-dialog/1.34.6/js/ 20 KB
5 KB 317ms
8ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap3-dialog/1.34.6/js/bootstrap-dialog.min.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d78b2b2a4a04e31b4dcb8b488f163306c8b8e6f91b84bf3b5351fba3882f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2164857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4266
last-modified: Mon, 04 May 2020 16:06:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8f-4e06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ss9ReEUjRhmdZT2gRDQcWtc3f3mETYcRqgJcdCZcGRmVqTHr876U3rmes5yhxCt3HZqr%2Fyj8pGBcfRoGTre8%2FgdLhKGpd7tZBEpaGcIHdoz8Me94RyhBObSmZ1IJy1%2BTbIGGzmhi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83a2b1901954aad8-SYD
expires: Thu, 12 Dec 2024 18:33:33 GMT

GET
H2 200 objectstorage.1.0.0.js Show response
www.iafd.com/graphics/cdn/ 997 B
752 B 11ms
11ms Script
application/javascript 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/cdn/objectstorage.1.0.0.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4c4af32e83c073a728f5d76272bb27e4768d3849622737e38743c183f412a939

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6238
cf-polished: origSize=1523
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 23 Oct 2015 11:29:05 GMT
server: cloudflare
etag: W/"78ac23686dd11:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NOuQ6QP%2Ffy35%2FlQMgtHBWGaTQSE1H3cZEeq3ZZVQ2g3UlVzAVM4EaMahIVWsgXmy7pKbC1RFy1GgSwiXGE37%2Bvp%2BoftZquxw6xk1WsP1HXJEO%2BfxWXY0AGMbwfbNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 83a2b18e7ce2a938-SYD

GET
H2 200 filters.1.0.0.js Show response
www.iafd.com/graphics/cdn/ 1 KB
835 B 12ms
11ms Script
application/javascript 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/cdn/filters.1.0.0.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e4069999496de799aa6c069fdb2cb1083c3f045ca6dd6c4003e3d0da7ca88313

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4143
cf-polished: origSize=1683
x-powered-by: ASP.NET
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 04 Nov 2016 16:11:23 GMT
server: cloudflare
etag: W/"d37d4516b636d21:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tJUMcDzzXBxjtg4fXtsdxLAidrUpQPg7AP%2FmV9aJm8YtLpsML9W6JJ%2BswQyy4PZUg1dDSEtv74HyRsAFebDm1nnk2WmtnatzX3sUxL34grA23dqJPUffw30Y9lGuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 83a2b18e8ceea938-SYD

GET
H2 200 a.aspx Show response
banman.iafd.com/ Frame DD77 1 KB
994 B 1323ms
1317ms Document
text/html 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banman.iafd.com/a.aspx?ZoneID=23&Task=Get&PageID=55261&SiteID=1

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9372a8ac111ff1f9973218bd7d41d32edb18f749cab1c187b9829d31fc8c266f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.iafd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 83a2b18f5d1fa938-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 18:33:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di%2FlAb7XNv3c%2F1iybtmbI%2FG6X1Pct4t2NWnHi31mK2G7ZjrDvggFQtlvihH1sTH2cz7z%2FygWfYnC0FOlX4Ck3RebjbfYyHWZ4s%2Ba8RkY0N5%2BO5wEfUUrDfOVjrM1xtyNuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-powered-by: ASP.NET

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 21 KB
21 KB 402ms
4ms Font
font/woff2 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.iafd.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:23:25 GMT
x-content-type-options: nosniff
age: 353408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21224
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 16:23:25 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.iafd.com/graphics/fonts/ 18 KB
18 KB 11ms
11ms Font
application/font-woff2 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/graphics/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/graphics/cdn/bootstrap-3.4.1.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.iafd.com/graphics/cdn/bootstrap-3.4.1.min.css
Origin: https://www.iafd.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 823
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 18028
last-modified: Tue, 08 Sep 2015 20:31:25 GMT
server: cloudflare
etag: "243655575ead01:0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FUCMxMfBxS8PAdtxmX9o%2FaIzSnIMw4IJ1a49bN30pbaHzeQe7q1sbqAwfOw8GaP9NzaVcs6mG5l%2FPTAkpYrWYa%2FmiFgRj2ZUV%2BFPHYkVZrhOBCijgcrhXFueRzCq8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a2b18f4d1da938-SYD

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v18/ 22 KB
22 KB 400ms
2ms Font
font/woff2 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.iafd.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 17:24:21 GMT
x-content-type-options: nosniff
age: 263352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 17:24:21 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 402ms
3ms Script
text/javascript 142.250.76.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 17:17:12 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4581
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 23 Dec 2023 19:17:12 GMT

GET
H2

200

main.js Show response
www.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 449C
Redirect Chain

https://www.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

8ms
8ms

Script
application/javascript

172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f7b16f4d176a82e477ea852d7f74430e8fb29b4926bffb30a3a00b053cd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODfc0szduB0YpgWE%2FhNduKgH8dLZyA9rE7PFus4JeZs117yjKF%2B0djrLGcY6ijIzeUS%2FAtaTDUjStVgWZXSBaDBg%2BxSFviakVMrz6bGJ6iVSQkz8tUD%2BNRE%2BiOWZDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83a2b1905d77a938-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 23 Dec 2023 18:33:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Av%2BiSqG20lFeg6Y2XSvA0Jp7Yp%2BAEaSmQiTflvHqB52%2BjnTL7ln24%2FVISkW%2BJaT%2FuNdy3MQBtVNnCLSNO1OEbyrtper0uol112eN8AXxwVYckHlxU9pcGbQVAhMD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83a2b1903d6ca938-SYD
alt-svc: h3=":443"; ma=86400

POST
H2 200 83a2b16a1e1aa938 Show response
www.iafd.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 449C 0
455 B 27ms
27ms XHR
text/plain 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iafd.com/cdn-cgi/challenge-platform/h/g/jsd/r/83a2b16a1e1aa938

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Dec 2023 18:33:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJOwB%2BnRHSll%2B95%2Fq%2FCDcfU2bpIel0Hu3XuZg%2B2Xd%2FaguwPDStedys4uo1BTY8BSKk76%2FHKHUaxuEUzp7gT5bji2VuhrtNBcqPKIBtPPHWFqSp%2B9b6OPn4VR9Otaow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83a2b190fd98a938-SYD
alt-svc: h3=":443"; ma=86400

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=853851125&utmhn=www.iafd.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=lara%20r...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1149126-1&cid=323130201.1703356414&jid=2146060711&_v=5.7.2&z=853851125

35 B
337 B

585ms
95ms

Image
image/gif

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1149126-1&cid=323130201.1703356414&jid=2146060711&_v=5.7.2&z=853851125

Requested by

Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 23 Dec 2023 18:33:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 18:33:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1149126-1&cid=323130201.1703356414&jid=2146060711&_v=5.7.2&z=853851125
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 494ms
94ms Ping
text/plain 142.250.66.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LGEBTJPDNN&gtm=45je3bt0v871071633&_p=1703356413386&gcd=11l1l1l1l1&dma=0&cid=423685402.1703356414&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703356414&sct=1&seg=0&dl=https%3A%2F%2Fwww.iafd.com%2Fperson.rme%2Fperfid%3Dlaracox%2Fgender%3Df%2Flara-roxx.htm&dt=lara%20roxx%20-%20iafd.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8034
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LGEBTJPDNN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s23-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 18:33:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.iafd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

main.js Show response
banman.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 9019
Redirect Chain

https://banman.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://banman.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

7ms
7ms

Script
application/javascript

172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banman.iafd.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Protocol

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f835cab07112cb01b68fd45cb6f58593c97fb4d3681a1bd19dc0472b1afdcff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfDk%2FL%2B42T7MAd256JVfCOHIS6ozCgCU03qf3MGx4XZ4pZSmRoAsRilXC%2FZk0Rwg8h%2FilVPRhMs%2BNXt9X%2B4FQHCTI9G8qVE4oPwpcLMVJieNTigUpkNvEhks2fTkl9YXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 83a2b197b80ba938-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 23 Dec 2023 18:33:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xX695aHPH8FmxxEqu7Gb7Sl2t8RedW%2FA3Xf3CrvvGXxwbBlx4PKz3OcRInW0OidKmSLMffUFVCR06GaDaqlujG3FO5suEVIBH3H1qfiHK%2BfeWteMwKo%2F0QiEsq1P%2BmZEqw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 83a2b197a809a938-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 asyncspc.php Show response
revive.iafd.com/www/delivery/ 844 B
1 KB 219ms
218ms XHR
application/json 173.236.192.105
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://revive.iafd.com/www/delivery/asyncspc.php?zones=1&prefix=revive-0-&loc=https%3A%2F%2Fwww.iafd.com%2Fperson.rme%2Fperfid%3Dlaracox%2Fgender%3Df%2Flara-roxx.htm
Requested by: Host: revive.iafd.com
URL: https://revive.iafd.com/www/delivery/asyncjs.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.192.105 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps47771.dreamhostps.com
Software: Apache /
Resource Hash: 3d1f9227fdb12ec0b8f4cf4108bc27dbea331769dd9b488071f7bdaac62ea574

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 18:33:34 GMT
server: Apache
vary: User-Agent
content-type: application/json
access-control-allow-origin: https://www.iafd.com
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 83a2b18f5d1fa938 Show response
banman.iafd.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9019 0
449 B 18ms
18ms XHR
text/plain 172.67.69.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banman.iafd.com/cdn-cgi/challenge-platform/h/g/jsd/r/83a2b18f5d1fa938

Requested by

Host: banman.iafd.com
URL: https://banman.iafd.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Dec 2023 18:33:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igXq11GJQqp%2F8SvHdofpnh09EFtQcX%2FuLwBBp3Ol2dNE8uePKAcbs483LVWWN6mCdRRQ5cD06N4%2B2IbvgLSca0OKYUmwQsGhm%2F1WTVeXu9AQbaRoxo2JJ6MeFQLeHFWLnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 83a2b198683ea938-SYD
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jads.js Show response
adserver.juicyads.com/js/ Frame 3159 4 KB
4 KB 950ms
312ms Script
application/javascript 148.113.1.194
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.juicyads.com/js/jads.js
Requested by: Host: revive.iafd.com
URL: https://revive.iafd.com/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.113.1.194 Mumbai, India, ASN16276 (OVH, FR),
Reverse DNS: ns5021500.ip-148-113-1.net
Software: nginx /
Resource Hash: 4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 18:33:35 GMT
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Server: nginx
ETag: "650b6371-eb9"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3769

GET
H2 200 lg.php
revive.iafd.com/www/delivery/ Frame 3159 43 B
198 B 224ms
224ms Image
image/gif 173.236.192.105
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revive.iafd.com/www/delivery/lg.php?bannerid=10&campaignid=6&zoneid=1&loc=https%3A%2F%2Fwww.iafd.com%2Fperson.rme%2Fperfid%3Dlaracox%2Fgender%3Df%2Flara-roxx.htm&cb=22615f99f8
Requested by: Host: www.iafd.com
URL: https://www.iafd.com/person.rme/perfid=laracox/gender=f/lara-roxx.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.236.192.105 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: vps47771.dreamhostps.com
Software: Apache /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.iafd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 18:33:35 GMT
server: Apache
vary: User-Agent
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET adshow.php
adserver.juicyads.com/ Frame AF9E 0
0

GET
H/1.1 200
OK adshow.php Show response
adserver.juicyads.com/ Frame 8F65 5 KB
3 KB 1194ms
316ms Document
text/html 148.113.1.194
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.juicyads.com/adshow.php?adzone=741262
Requested by: Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.113.1.194 Mumbai, India, ASN16276 (OVH, FR),
Reverse DNS: ns5021500.ip-148-113-1.net
Software: nginx /
Resource Hash: 483c8174739b29c8cea9ea1e2bfab8fcf444691e5054fe06b99fa2a1993fe682

Request headers

Referer: https://www.iafd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Dec 2023 18:33:36 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK 1x1.gif
ads.juicyads.me/ Frame 8F65 27 KB
27 KB 623ms
153ms Image
image/jpeg 205.185.216.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.juicyads.me/1x1.gif
Requested by: Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=741262
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://adserver.juicyads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 18:33:37 GMT
Last-Modified: Thu, 03 Nov 2016 21:36:07 GMT
ETag: "1478208967"
X-HW: 1703356417.dop204.se2.t,1703356417.cds202.se2.shn,1703356417.cds202.se2.c
Content-Type: image/jpeg
Cache-Control: max-age=16921279
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 27460

GET
H2 200 1_scene Show response
pt.wmptcd.com/avb/straight/hardcore/ Frame C5FB 10 KB
3 KB 507ms
222ms Document
text/html 93.93.51.191

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Requested by: Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=741262
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.93.51.191 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: 9d0d5742400fe64c5c8ea486f5ce3e72da2c2bf3865399d2d04ba46c95df4dc6

Request headers

Referer: https://adserver.juicyads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 18:33:37 GMT
server: unknown
vary: Accept-Encoding
x-cache-status: R-MISS
x-ud-id: M0TKn/Vd2

GET
H2 200 di.min-v243339.js Show response
pt-static1.ptwmstcnt.com/npe/_common/script/incognito/ Frame C5FB 3 KB
2 KB 421ms
134ms Script
application/javascript 93.93.51.200

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.ptwmstcnt.com/npe/_common/script/incognito/di.min-v243339.js
Requested by: Host: pt.wmptcd.com
URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pt.wmptcd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn-node: uslax
date: Sat, 23 Dec 2023 18:33:37 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 07:15:34 GMT
server: unknown
etag: W/"65829496-d47"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 06 Jan 2024 18:33:37 GMT

GET
H2 200 advertisement-v243339.js Show response
pt-static2.ptwmstcnt.com/npe/_common/script/adblock/ Frame C5FB 21 B
277 B 419ms
135ms Script
application/javascript 93.93.51.200

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static2.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v243339.js
Requested by: Host: pt.wmptcd.com
URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pt.wmptcd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn-node: uslax
date: Sat, 23 Dec 2023 18:33:37 GMT
last-modified: Wed, 20 Dec 2023 07:15:34 GMT
server: unknown
etag: "65829496-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sat, 06 Jan 2024 18:33:37 GMT

GET
H2 200 avb-no-animation-v243339.css
pt-static3.ptwmstcnt.com/npe/ba/avb/css/ Frame C5FB 348 B
596 B 420ms
134ms Stylesheet
text/css 93.93.51.200

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.ptwmstcnt.com/npe/ba/avb/css/avb-no-animation-v243339.css
Requested by: Host: pt.wmptcd.com
URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: 60a961f25e646b7f9e5d17e65fd792aaa939eb99619351c324255ef718c979c9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pt.wmptcd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn-node: uslax
date: Sat, 23 Dec 2023 18:33:37 GMT
last-modified: Wed, 20 Dec 2023 07:15:34 GMT
server: unknown
etag: "65829496-15c"
x-cache-status: R-HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 348
expires: Sat, 06 Jan 2024 18:33:37 GMT

GET
H2 200 avb-main-v243339.js Show response
pt-static1.ptwmstcnt.com/npe/ba/avb/script/ Frame C5FB 48 KB
18 KB 553ms
268ms Script
application/javascript 93.93.51.200

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static1.ptwmstcnt.com/npe/ba/avb/script/avb-main-v243339.js
Requested by: Host: pt.wmptcd.com
URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.93.51.200 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: c4eae37dbbae4ce47ccee628ab5ee26fc5311664f9544301dbdd1ebfeee1c86a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pt.wmptcd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cdn-node: uslax
date: Sat, 23 Dec 2023 18:33:37 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 07:15:34 GMT
server: unknown
etag: W/"65829496-c056"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 06 Jan 2024 18:33:37 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ Frame C5FB 145 KB
0 108ms
106ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.wmptcd.com
URL: https://pt.wmptcd.com/avb/straight/hardcore/1_scene?targetCategory=girl&landingTarget=randomchat&width=728&height=120&psid=hotlink&tags=amateur&filters=&banner=04&pstool=501_101&site=jasmin&cobrandId=&psprogram=revs&campaign_id=122190&subAffId={SUBAFFID}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pt.wmptcd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:33:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78683
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Dec 2023 18:33:38 GMT

GET 431e49b4ff9d4d44d09023d7b26cc5fe.mp4
galleryn2.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a13/ Frame C5FB 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver.juicyads.com
URL: https://adserver.juicyads.com/adshow.php?adzone=741262

Domain: galleryn2.vcmdiawe.com
URL: https://galleryn2.vcmdiawe.com/f8d2e11bd6c43618af00d6f28c91232a13/431e49b4ff9d4d44d09023d7b26cc5fe.mp4?pstool=501_101&psid=hotlink

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.iafd.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSUQASASC Value: MOABCEEDJBEHGEBOIOBPADKF
www.iafd.com/	1970-01-20 17:09:45	Name: fpi-152 Value: %7B%22last%22%3A%22/person.rme/perfid%3Dlaracox/gender%3Df/lara-roxx.htm%22%2C%22fired%22%3Afalse%7D
.iafd.com/	1970-01-21 02:45:16	Name: __utma Value: 23600418.323130201.1703356414.1703356414.1703356414.1
.iafd.com/	1969-12-31 23:59:59	Name: __utmc Value: 23600418
.iafd.com/	1970-01-20 21:32:04	Name: __utmz Value: 23600418.1703356414.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.iafd.com/	1970-01-20 17:09:17	Name: __utmt Value: 1
.iafd.com/	1970-01-20 17:09:18	Name: __utmb Value: 23600418.1.10.1703356414
.iafd.com/	1970-01-21 02:45:16	Name: _ga_LGEBTJPDNN Value: GS1.1.1703356414.1.0.1703356414.0.0.0
.iafd.com/	1970-01-21 02:45:16	Name: _ga Value: GA1.1.423685402.1703356414
.iafd.com/	1970-01-21 01:54:52	Name: cf_clearance Value: 7_s_b9XAFKArh5LKVxm2GFXdu9e_Nk2w0L10TBO27uI-1703356414-0-2-822e0c6f.f48753ca.d52f538f-0.2.1703356414
revive.iafd.com/	1970-01-21 01:54:52	Name: OAID Value: ce18bd1ee029f90002e09201cad32fca
.juicyads.com/	1970-01-21 01:54:52	Name: surferid Value: 8fb95c030f99d4eeb09b7815b1a61314
.juicyads.com/	1970-01-20 17:13:35	Name: juicy_data_1 Value: YTowOnt9
.juicyads.com/	1970-01-20 17:13:35	Name: juicy_data Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.juicyads.me
adserver.juicyads.com
banman.iafd.com
cdn.datatables.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
galleryn2.vcmdiawe.com
iafd.com
pt-static1.ptwmstcnt.com
pt-static2.ptwmstcnt.com
pt-static3.ptwmstcnt.com
pt.wmptcd.com
revive.iafd.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.iafd.com
adserver.juicyads.com
galleryn2.vcmdiawe.com
104.17.25.14
104.22.51.93
142.250.204.3
142.250.66.206
142.250.66.234
142.250.76.104
142.251.221.72
148.113.1.194
151.101.2.137
172.67.69.12
173.236.192.105
205.185.216.10
64.233.170.156
93.93.51.191
93.93.51.200
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
31f7b16f4d176a82e477ea852d7f74430e8fb29b4926bffb30a3a00b053cd846
32f6d67c9a8e41e28d895e4c323dc59c37a6a5fde100e4fb4114b60a89e86b91
3d1f9227fdb12ec0b8f4cf4108bc27dbea331769dd9b488071f7bdaac62ea574
3d4610a2ab69d08e54685d0d3cfcf03ec663bacff8cc89a1e0a2904a7769e641
40d78b2b2a4a04e31b4dcb8b488f163306c8b8e6f91b84bf3b5351fba3882f5e
41e1eb2d69cb3b6034fc2cdfccf1843876309d9a684d06303963fee43045dfee
483c8174739b29c8cea9ea1e2bfab8fcf444691e5054fe06b99fa2a1993fe682
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
4b334da116d89aedebea3867724c98c8718f2b15e90caa08d3588bcfe4923821
4c4af32e83c073a728f5d76272bb27e4768d3849622737e38743c183f412a939
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
552bbd0c3eaf26eaeb697823c5026ff41bb379d19f266ed71203d041e84a065c
574812c14f532fd0bc80d2bf93c399e5114346e8869b3a48e1fb08d05ea2e9ac
57ad8b2b02411df72831e38b185e6ed6d045e42b57e566d9494ca311db622b20
60a961f25e646b7f9e5d17e65fd792aaa939eb99619351c324255ef718c979c9
6101164feded9063152574d712b39850c57d7b53f32b60e5c13b9e058a68e051
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9372a8ac111ff1f9973218bd7d41d32edb18f749cab1c187b9829d31fc8c266f
9d0d5742400fe64c5c8ea486f5ce3e72da2c2bf3865399d2d04ba46c95df4dc6
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c4eae37dbbae4ce47ccee628ab5ee26fc5311664f9544301dbdd1ebfeee1c86a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4069999496de799aa6c069fdb2cb1083c3f045ca6dd6c4003e3d0da7ca88313
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
ec00dc75132d719ae219e5a6defeda125e2a3e23344f6af48bd416b536102bbe
f2ef9738cb227c051739ecbdee3b5d3f7de73db80f043406dfbcafdebef4a18b
f835cab07112cb01b68fd45cb6f58593c97fb4d3681a1bd19dc0472b1afdcff5
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.iafd.com Open in urlscan Pro 172.67.69.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

85 %HTTPS

0 %IPv6

14 Domains

20 Subdomains

16 IPs

3 Countries

363 kBTransfer

1066 kBSize

14 Cookies

14 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.iafd.com Open in urlscan Pro
172.67.69.12 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

85 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

16
IPs

3
Countries

363 kB
Transfer

1066 kB
Size

14
Cookies

40 HTTP transactions
0 data transactions