URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Submission: On January 31 via manual from IN

Summary

This website contacted 15 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 162.241.125.87, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is cxfakes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 1st 2020. Valid for: a year.
This is the only time cxfakes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
22 cxfakes.com cxfakes.com
6 fonts.gstatic.com fonts.googleapis.com
2 adsco.re c.adsco.re
2 4.adsco.re cxfakes.com
c.adsco.re
2 6.adsco.re cxfakes.com
c.adsco.re
2 c.adsco.re www.cdn4ads.com
c.adsco.re
2 www.youtube.com cxfakes.com
www.youtube.com
2 www.google-analytics.com cxfakes.com
www.google-analytics.com
2 adserver.juicyads.com cxfakes.com
adserver.juicyads.com
1 cdn4ads.com www.cdn4ads.com
1 nuqmvq4amq7m.s4.adsco.re c.adsco.re
1 nuqmvq4amq7m.n4.adsco.re c.adsco.re
1 player.vimeo.com cxfakes.com
1 www.cdn4ads.com cxfakes.com
1 fonts.googleapis.com cxfakes.com
0 nuqmvq4amq7m.l4.adsco.re Failed c.adsco.re
50 16

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
cxfakes.com
Sectigo RSA Domain Validation Secure Server CA
2020-12-01 -
2021-12-01
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.juicyads.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-20 -
2022-04-23
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
1037973644.rsc.cdn77.org
R3
2021-01-24 -
2021-04-24
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-08-07 -
2021-04-24
9 months crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA
2020-09-15 -
2021-09-26
a year crt.sh
*.n4.adsco.re
R3
2021-01-19 -
2021-04-19
3 months crt.sh
*.s4.adsco.re
R3
2021-01-19 -
2021-04-19
3 months crt.sh
cdn4ads.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-19 -
2022-07-22
2 years crt.sh

This page contains 4 frames:

Primary Page: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Frame ID: 4300C7F0C26F0A286EC67B7498DA5BCE
Requests: 48 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=531398
Frame ID: ABB4F5DC8526507A54F4E92F6BBC60C0
Requests: 1 HTTP requests in this frame

Frame: https://adserver.juicyads.com/adshow.php?adzone=531398
Frame ID: 495EE52E063099E60E261B46AE4B2D62
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 82982941EDDD2C80D43340A2CE3C29BA
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

96 %
HTTPS

50 %
IPv6

9
Domains

16
Subdomains

15
IPs

4
Countries

2190 kB
Transfer

2345 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
104 KB
105 KB
Document
General
Full URL
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PHP/7.4.14
Resource Hash
7e7cd70292cd3c17a09b1e6d060985c16fda0903320cf192cbe7c85383236923

Request headers

:method
GET
:authority
cxfakes.com
:scheme
https
:path
/pokimane-and-alinity-lesbian-porn-fakes/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Sun, 31 Jan 2021 03:22:21 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.14
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://cxfakes.com/wp-json/>; rel="https://api.w.org/"
style.min.css
cxfakes.com/wp-includes/css/dist/block-library/
53 KB
53 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 01 Dec 2020 12:58:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc63df6-d293"
content-type
text/css
accept-ranges
bytes
content-length
53907
style.css
cxfakes.com/wp-content/plugins/td-composer/td-multi-purpose/
68 KB
68 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=28832a33217c23aa6f76cdf3fc3c1388
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
6df3481e85074cf2ea4c859b46632a3f91136fcec2b6acc4edde7fa366d0e60d

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 12 May 2020 14:39:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ebab510-10e34"
content-type
text/css
accept-ranges
bytes
content-length
69172
css
fonts.googleapis.com/
13 KB
1022 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a03435ec196a6932103d548b88e4dfa35be2a431356315d58155c109ef15c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Jan 2021 02:00:37 GMT
server
ESF
date
Sun, 31 Jan 2021 03:22:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 31 Jan 2021 03:22:21 GMT
style.css
cxfakes.com/wp-content/themes/Newspaper/
152 KB
152 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-content/themes/Newspaper/style.css?ver=10.3.4
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
8e1181643a52502513ba5f10d0d7ac385b2bf5103989398a580167ca921043e1

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 01 Dec 2020 13:24:59 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc6442b-25eff"
content-type
text/css
accept-ranges
bytes
content-length
155391
td_legacy_main.css
cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/
364 KB
364 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=28832a33217c23aa6f76cdf3fc3c1388
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
9cf4e11347157f80aeffaf3a24d40fcdecda602aca79b9ac9bf064afd3f4bdaa

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 12 May 2020 14:39:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ebab50e-5aee2"
content-type
text/css
accept-ranges
bytes
content-length
372450
td_standard_pack_main.css
cxfakes.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/
621 KB
622 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=e06dc97a9cdcc3f12ae1599dfcd5b98f
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Wed, 06 May 2020 15:40:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5eb2da5a-9b2fc"
content-type
text/css
accept-ranges
bytes
content-length
635644
demo_style.css
cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/black/
24 KB
24 KB
Stylesheet
General
Full URL
https://cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/black/demo_style.css?ver=10.3.4
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
47a7cd4578d726b97651b4e4782c7b9a1c3be8242648f39db48f0e114dbfbcd1

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 12 May 2020 14:39:10 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ebab50e-6116"
content-type
text/css
accept-ranges
bytes
content-length
24854
jquery.js
cxfakes.com/wp-includes/js/jquery/
95 KB
95 KB
Script
General
Full URL
https://cxfakes.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Tue, 01 Dec 2020 12:58:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc63df6-17a69"
content-type
application/javascript
accept-ranges
bytes
content-length
96873
sab_bar_script.js
cxfakes.com/wp-content/plugins/sticky-ad-bar/js/
692 B
482 B
Script
General
Full URL
https://cxfakes.com/wp-content/plugins/sticky-ad-bar/js/sab_bar_script.js?ver=5.5.3
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
content-encoding
gzip
etag
"2b4-5b5786e44f408-gzip"
last-modified
Wed, 02 Dec 2020 10:08:54 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
accept-ranges
bytes
content-length
265
jquery.cookie.js
cxfakes.com/wp-content/plugins/sticky-ad-bar/js/
3 KB
3 KB
Script
General
Full URL
https://cxfakes.com/wp-content/plugins/sticky-ad-bar/js/jquery.cookie.js?ver=5.5.3
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:21 GMT
last-modified
Wed, 02 Dec 2020 10:08:54 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc767b6-c31"
content-type
application/javascript
accept-ranges
bytes
content-length
3121
wp-emoji-release.min.js
cxfakes.com/wp-includes/js/
14 KB
14 KB
Script
General
Full URL
https://cxfakes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 01 Dec 2020 12:58:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc63df6-37a6"
content-type
application/javascript
accept-ranges
bytes
content-length
14246
CXFAKES-Logo.png
cxfakes.com/wp-content/uploads/2020/06/
15 KB
15 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2020/06/CXFAKES-Logo.png
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
f810bbbdb19a3509ccace02b1d475eda8031deaf22f425a0037832a57454ddc4

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 01 Dec 2020 13:23:07 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc643bb-3a34"
content-type
image/png
accept-ranges
bytes
content-length
14900
jads.js
adserver.juicyads.com/js/
4 KB
2 KB
Script
General
Full URL
https://adserver.juicyads.com/js/jads.js
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 03:22:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Oct 2020 22:47:11 GMT
Server
nginx
ETag
W/"5f8f68ef-eb9"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
close
CXFAKES-Retina-Mobile-Logo.png
cxfakes.com/wp-content/uploads/2020/06/
15 KB
16 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2020/06/CXFAKES-Retina-Mobile-Logo.png
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
7931ab7b051a3c3c79c96808259b13c7ddda0a530c06931500cdd3b6d001d3c3

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 01 Dec 2020 13:23:07 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc643bb-3dd6"
content-type
image/png
accept-ranges
bytes
content-length
15830
Emilia-Clarke-Anal-Sex-324x160.jpg
cxfakes.com/wp-content/uploads/2020/09/
25 KB
25 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2020/09/Emilia-Clarke-Anal-Sex-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
e24dc50fc2ffa55e875f340a0dd6eb6af69e01d04fc56c4b0274830d73e8b8e8

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Sat, 30 Jan 2021 12:48:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"6015559f-6463"
content-type
image/jpeg
accept-ranges
bytes
content-length
25699
Lexi-Rivera-Porn-Fakes-324x160.jpg
cxfakes.com/wp-content/uploads/2021/01/
23 KB
23 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2021/01/Lexi-Rivera-Porn-Fakes-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
95653ae2b8204f53d8e8c5f897ed8364f3a8859e19fb64846ec9d93dc623185e

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Sat, 30 Jan 2021 09:29:03 GMT
server
nginx
x-powered-by
PleskLin
etag
"601526df-5c98"
content-type
image/jpeg
accept-ranges
bytes
content-length
23704
Milana-Vayntrub-Pussy-Pics-324x160.jpg
cxfakes.com/wp-content/uploads/2021/01/
24 KB
24 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2021/01/Milana-Vayntrub-Pussy-Pics-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
5cc0a0184a8817ea46ecd070e3fe3c5e1e39fd38d963a1b423cdf6d32abdb00d

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Sat, 30 Jan 2021 09:00:53 GMT
server
nginx
x-powered-by
PleskLin
etag
"60152045-5e8b"
content-type
image/jpeg
accept-ranges
bytes
content-length
24203
Sydney-Sweeney-Porn-Fakes-324x160.jpg
cxfakes.com/wp-content/uploads/2021/01/
28 KB
28 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2021/01/Sydney-Sweeney-Porn-Fakes-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
95d5ad496908e0acac2985845ded13f9ba8f45c32df20d38da5c6bc0a151c61f

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Fri, 29 Jan 2021 16:29:34 GMT
server
nginx
x-powered-by
PleskLin
etag
"601437ee-6e07"
content-type
image/jpeg
accept-ranges
bytes
content-length
28167
Nina-Dobrev-Pussy-Pics-324x160.jpg
cxfakes.com/wp-content/uploads/2021/01/
23 KB
23 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2021/01/Nina-Dobrev-Pussy-Pics-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
0cef8d66dc470642d3c08c15898c8d1025973418d70d0b09cf9d3aa90d2e8ee3

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Fri, 29 Jan 2021 15:37:31 GMT
server
nginx
x-powered-by
PleskLin
etag
"60142bbb-5b7f"
content-type
image/jpeg
accept-ranges
bytes
content-length
23423
Merrell-Twins-Veronica-Vanessa-Nude-Fakes-324x160.jpg
cxfakes.com/wp-content/uploads/2020/05/
20 KB
21 KB
Image
General
Full URL
https://cxfakes.com/wp-content/uploads/2020/05/Merrell-Twins-Veronica-Vanessa-Nude-Fakes-324x160.jpg
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
3442c844d2b848d12e3b0d94b162fffe5221c31b621f3a99ecf3876edc46bfb6

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Thu, 28 Jan 2021 13:21:33 GMT
server
nginx
x-powered-by
PleskLin
etag
"6012ba5d-519f"
content-type
image/jpeg
accept-ranges
bytes
content-length
20895
tagdiv_theme.min.js
cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/js/
242 KB
242 KB
Script
General
Full URL
https://cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.4
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
9c6fc66afd580b55839062205d056620aeb745a7e6aab53fa8d4c8bc29a9a8d8

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 12 May 2020 14:39:12 GMT
server
nginx
x-powered-by
PleskLin
etag
"5ebab510-3c691"
content-type
application/javascript
accept-ranges
bytes
content-length
247441
wp-embed.min.js
cxfakes.com/wp-includes/js/
1 KB
2 KB
Script
General
Full URL
https://cxfakes.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 01 Dec 2020 12:58:30 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc63df6-59a"
content-type
application/javascript
accept-ranges
bytes
content-length
1434
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
498
date
Sun, 31 Jan 2021 03:14:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 31 Jan 2021 05:14:04 GMT
svg.pan-zoom.min.js
www.cdn4ads.com/
31 KB
9 KB
Script
General
Full URL
https://www.cdn4ads.com/svg.pan-zoom.min.js
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
345599fd2dc2be8d82c19516c7ef6e42ed07943d316a5515ff0187aaea44165d

Request headers

Origin
https://cxfakes.com
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt
AcO1rzUe9/nvkDsIAA==
date
Sun, 31 Jan 2021 03:22:22 GMT
content-encoding
br
server
CDN77-Turbo
link
<https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray
AeFh/I0876k=
x-77-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
x-77-pop
frankfurtDE
x-cache
HIT
x-age
539536
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
expires
Sun, 31 Jan 2021 21:30:06 GMT
newspaper.woff
cxfakes.com/wp-content/themes/Newspaper/images/icons/
121 KB
121 KB
Font
General
Full URL
https://cxfakes.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?17
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/wp-content/themes/Newspaper/style.css?ver=10.3.4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.125.87 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-125-87.unifiedlayer.com
Software
nginx / PleskLin
Resource Hash
e2712024c5f7c5b3d7a4b63d748d6646e45fc973e3f8d2068f51dcd7df232875

Request headers

Origin
https://cxfakes.com
Referer
https://cxfakes.com/wp-content/themes/Newspaper/style.css?ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
last-modified
Tue, 01 Dec 2020 13:24:59 GMT
server
nginx
x-powered-by
PleskLin
etag
"5fc6442b-1e2d4"
content-type
font/woff
accept-ranges
bytes
content-length
123604
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 05:56:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
336372
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 27 Jan 2022 05:56:10 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 19:56:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
113147
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 29 Jan 2022 19:56:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 09:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
237850
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 28 Jan 2022 09:18:12 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 15:38:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
301455
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Thu, 27 Jan 2022 15:38:07 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 18:44:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
290250
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Thu, 27 Jan 2022 18:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cxfakes.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 18:44:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
290262
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Thu, 27 Jan 2022 18:44:40 GMT
player.js
player.vimeo.com/api/
19 KB
7 KB
Script
General
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1569
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-3
Content-Length
5898
X-Xss-Protection
1; mode=block
X-Served-By
cache-fra19154-FRA
X-Player-Backend
p
Expires
Sun, 31 Jan 2021 03:26:13 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1612063343.739859,VS0,VE0
Date
Sun, 31 Jan 2021 03:22:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
218
iframe_api
www.youtube.com/
810 B
746 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d6de80de5e0ae52ef1ad216786b952b781b7c95f4297675dd2a81d70985bedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 31 Jan 2021 03:22:22 GMT
adshow.php
adserver.juicyads.com/ Frame ABB4
0
0

Cookie set adshow.php
adserver.juicyads.com/ Frame 495E
0
0
Document
General
Full URL
https://adserver.juicyads.com/adshow.php?adzone=531398
Requested by
Host: adserver.juicyads.com
URL: https://adserver.juicyads.com/js/jads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash

Request headers

Host
adserver.juicyads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/

Response headers

Server
nginx
Date
Sun, 31 Jan 2021 03:22:22 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.6.40
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie
surferid=e38f3e7b401960334a8fe9e34215cf14; expires=Mon, 31-Jan-2022 03:22:22 GMT; Max-Age=31536000; path=/; domain=.juicyads.com juicy_data_1=YTowOnt9; expires=Wed, 03-Feb-2021 03:22:22 GMT; Max-Age=259200; domain=juicyads.com juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Wed, 03-Feb-2021 03:22:22 GMT; Max-Age=259200; domain=juicyads.com
Content-Encoding
gzip
collect
www.google-analytics.com/j/
2 B
385 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1527761354&t=pageview&_s=1&dl=https%3A%2F%2Fcxfakes.com%2Fpokimane-and-alinity-lesbian-porn-fakes%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20CXFAKES&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=117144389&gjid=1044541895&cid=1335562286.1612063343&tid=UA-56567633-1&_gid=1910183266.1612063343&_r=1&_slc=1&z=272678783
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Jan 2021 03:22:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cxfakes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/7bc032d0/www-widgetapi.vflset/
103 KB
38 KB
Script
General
Full URL
https://www.youtube.com/s/player/7bc032d0/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71792b5773205a4c4bd25309ddc60397218c2f94f989686cba479df1195d3421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 Jan 2021 15:15:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 01:22:36 GMT
server
sffe
age
43604
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38038
x-xss-protection
0
expires
Sun, 30 Jan 2022 15:15:38 GMT
/
c.adsco.re/
36 KB
12 KB
Script
General
Full URL
https://c.adsco.re/
Requested by
Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/svg.pan-zoom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
97057
etag
W/"i3T2LXGRCAaVCQTagVXOkw=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=2678400
cf-ray
61a04ed4bae9175e-FRA
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cf-request-id
07f80f98f50000175ec5880000000001
expires
Wed, 03 Mar 2021 03:22:22 GMT
/
6.adsco.re/
0
152 B
Other
General
Full URL
https://6.adsco.re/
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://cxfakes.com
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://cxfakes.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
61a04ed4d97b4a67-FRA
access-control-allow-headers
Content-Type
cf-request-id
07f80f990600004a67f895c000000001
/
4.adsco.re/
0
458 B
Other
General
Full URL
https://4.adsco.re/
Requested by
Host: cxfakes.com
URL: https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://cxfakes.com
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 03:22:22 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://cxfakes.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
p
adsco.re/
0
413 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 31 Jan 2021 03:22:22 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK
Access-Control-Allow-Origin
https://cxfakes.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/
46 B
458 B
XHR
General
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
7bce36180c66e68d9b9c5140aa9f582a6b4af212c5ef777db0e7cfaf5c965ca3

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 03:22:22 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://cxfakes.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/
53 B
129 B
XHR
General
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://cxfakes.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
61a04ed4e9864a67-FRA
access-control-allow-headers
Content-Type
cf-request-id
07f80f990d00004a67df867000000001
/
nuqmvq4amq7m.l4.adsco.re/
0
0

/
nuqmvq4amq7m.n4.adsco.re/
0
464 B
Other
General
Full URL
https://nuqmvq4amq7m.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 31 Jan 2021 03:22:23 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
nuqmvq4amq7m.s4.adsco.re/
0
464 B
Other
General
Full URL
https://nuqmvq4amq7m.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 31 Jan 2021 03:22:23 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 8298
0
0
Document
General
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
c.adsco.re
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/

Response headers

date
Sun, 31 Jan 2021 03:22:22 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Wed, 03 Mar 2021 03:22:22 GMT
etag
W/"i3T2LXGRCAaVCQTagVXOkw=="
cf-cache-status
HIT
age
97057
cf-request-id
07f80f99120000175efd186000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
61a04ed4eb10175e-FRA
content-encoding
br
p
adsco.re/
364 B
855 B
XHR
General
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
ebed63f6b8598a963086c9429c5c47527ef11f08d389637d5bb847f718cdbfab

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G
OK
Date
Sun, 31 Jan 2021 03:22:23 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
https://cxfakes.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
YuA.html
cdn4ads.com/
0
123 B
Script
General
Full URL
https://cdn4ads.com/YuA.html?_=BAoAYBYibwFgFiJvgAGBAsAAIKl9Oz6OYElX-tP4DjCH9aVByQZtTdJp4ffXxYUP2NlpwQBIMEYCIQD6zXv58Gq8GsgjoEoQRdpDq1E8d0eOXGmEwwcWYb8BDAIhAO2LayrrxOt-X4J3WRVA-LS6BKDT6MVV_fbxQ2KztQi7wgAgKEhgZOgpXQ2U5NDjbwusfVClejdmP3NuD5BMLsG66gTEABAqAQT4ASETGgAAAAAAAAACxQAQxeJFtSDBF_Pak4y5XuacqMMARzBFAiEA6X5qHHiFUkeWOZoPxDUYG_-hldGl8VAGYs-BVf0fcD8CIApoYrhMorzegwKIoY73H_J3EhqWKJbQEFfhxaVAXosi&v=4&QWOcGzdN=3550556&minBid=&tblKHunU=0,0&HjbSXZGO=&JYtAvCzL=&s=1600,1200,1,1600,1200,0
Requested by
Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/svg.pan-zoom.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.59.63.128 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-59-63-128.customer.totaluptime.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cxfakes.com/pokimane-and-alinity-lesbian-porn-fakes/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 03:22:23 GMT
asf
9
access-control-allow-origin
*
content-type
application/javascript
popads-ec
ASB
cache-control
public, max-age=604800
content-length
0
expires
Sun, 07 Feb 2021 03:22:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserver.juicyads.com
URL
https://adserver.juicyads.com/adshow.php?adzone=531398
Domain
nuqmvq4amq7m.l4.adsco.re
URL
https://nuqmvq4amq7m.l4.adsco.re/

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga object| tdwGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| _pop object| adsbyjuicy object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| jQuery1124048715009938789766 function| $f function| onYouTubeIframeAPIReady object| wp function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge number| a string| x number| mhz object| detectZoom object| AdservingModule object| iframe object| where object| win object| _pao object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twemoji string| scriptUrl object| YT object| YTConfig function| onYTReady object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey function| AdscoreInit string| txt function| ed number| t string| property number| r number| g number| b string| bt string| fss

4 Cookies

Domain/Path Name / Value
cxfakes.com/ Name: a
Value: XcN6PcnwHgBs0ZrzfsErXaZFssxWU6F3
.cxfakes.com/ Name: _gat
Value: 1
.cxfakes.com/ Name: _gid
Value: GA1.2.1910183266.1612063343
.cxfakes.com/ Name: _ga
Value: GA1.2.1335562286.1612063343

2 Console Messages

Source Level URL
Text
console-api log URL: https://c.adsco.re/(Line 14)
Message:
console-api debug URL: https://c.adsco.re/(Line 15)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
adsco.re
adserver.juicyads.com
c.adsco.re
cdn4ads.com
cxfakes.com
fonts.googleapis.com
fonts.gstatic.com
nuqmvq4amq7m.l4.adsco.re
nuqmvq4amq7m.n4.adsco.re
nuqmvq4amq7m.s4.adsco.re
player.vimeo.com
www.cdn4ads.com
www.google-analytics.com
www.youtube.com
adserver.juicyads.com
nuqmvq4amq7m.l4.adsco.re
151.101.12.217
162.241.125.87
162.252.214.5
185.200.116.90
185.94.236.244
216.59.63.128
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:812::200e
2a00:1450:4001:821::200e
2a02:6ea0:c700::4
38.132.109.186
0cef8d66dc470642d3c08c15898c8d1025973418d70d0b09cf9d3aa90d2e8ee3
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
3442c844d2b848d12e3b0d94b162fffe5221c31b621f3a99ecf3876edc46bfb6
345599fd2dc2be8d82c19516c7ef6e42ed07943d316a5515ff0187aaea44165d
3d6de80de5e0ae52ef1ad216786b952b781b7c95f4297675dd2a81d70985bedf
47a7cd4578d726b97651b4e4782c7b9a1c3be8242648f39db48f0e114dbfbcd1
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5cc0a0184a8817ea46ecd070e3fe3c5e1e39fd38d963a1b423cdf6d32abdb00d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6df3481e85074cf2ea4c859b46632a3f91136fcec2b6acc4edde7fa366d0e60d
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71792b5773205a4c4bd25309ddc60397218c2f94f989686cba479df1195d3421
7931ab7b051a3c3c79c96808259b13c7ddda0a530c06931500cdd3b6d001d3c3
7bce36180c66e68d9b9c5140aa9f582a6b4af212c5ef777db0e7cfaf5c965ca3
7e7cd70292cd3c17a09b1e6d060985c16fda0903320cf192cbe7c85383236923
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
82daca67f98ff065aa7278d8e15dbab73f3af089d8fa6418fa3af7d87963c1c9
86ab4c2b16af92602679b9ddf7aaf92e0d9ddc5111b8d869690474a7c453aefd
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8e1181643a52502513ba5f10d0d7ac385b2bf5103989398a580167ca921043e1
9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96
95653ae2b8204f53d8e8c5f897ed8364f3a8859e19fb64846ec9d93dc623185e
95d5ad496908e0acac2985845ded13f9ba8f45c32df20d38da5c6bc0a151c61f
9a03435ec196a6932103d548b88e4dfa35be2a431356315d58155c109ef15c0e
9c6fc66afd580b55839062205d056620aeb745a7e6aab53fa8d4c8bc29a9a8d8
9cf4e11347157f80aeffaf3a24d40fcdecda602aca79b9ac9bf064afd3f4bdaa
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
e24dc50fc2ffa55e875f340a0dd6eb6af69e01d04fc56c4b0274830d73e8b8e8
e2712024c5f7c5b3d7a4b63d748d6646e45fc973e3f8d2068f51dcd7df232875
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebed63f6b8598a963086c9429c5c47527ef11f08d389637d5bb847f718cdbfab
f810bbbdb19a3509ccace02b1d475eda8031deaf22f425a0037832a57454ddc4