urlscan.io logo urlscan.io
SecurityTrails logo

proxy.open.tips Open in urlscan Pro
2606:4700:30::681b:be6e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tpb.crushus.com/xhamster.com/users/lovexg
Effective URL: https://proxy.open.tips/xhamster.com/users/lovexg
Submission: On November 25 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 15 domains to perform 34 HTTP transactions. The main IP is 2606:4700:30::681b:be6e, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is proxy.open.tips.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 7th 2018. Valid for: 6 months.
This is the only time proxy.open.tips was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
20 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 78.140.191.112 35415 (WEBZILLA)
1 188.72.213.175 35415 (WEBZILLA)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 198.134.112.242 27257 (WEBAIR-IN...)
1 198.134.112.244 27257 (WEBAIR-IN...)
1 213.196.2.2 7979 (SERVERS)
1 23.111.224.1 7979 (SERVERS)
1 2a00:1450:400... 15169 (GOOGLE)
2 213.196.5.3 7979 (SERVERS)
34 13
1    2606:4700:30::6812:3e3b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tpb.crushus.com
20    2606:4700:30::681b:be6e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
proxy.open.tips
1    2a00:1450:4001:819::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
ampcid.google.com
1    78.140.191.112 (Netherlands)

ASN35415 (WEBZILLA, NL)
go.onclasrv.com
1    188.72.213.175 (Netherlands)

ASN35415 (WEBZILLA, NL)
cobalten.com
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
1    2606:4700:10::6814:d13b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
coinhive.com
1    198.134.112.242 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
yvzgazds6d.com
1    198.134.112.244 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.modulepush.com
1    213.196.2.2 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
www.bnserving.com
1    23.111.224.1 (Phoenix, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)
r.remarketingpixel.com
1    2a00:1450:4001:815::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.de
2    213.196.5.3 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)
www.urldelivery.com
Domain Requested by
20 proxy.open.tips proxy.open.tips
ajax.cloudflare.com
2 www.urldelivery.com www.bnserving.com
2 www.google-analytics.com www.googletagmanager.com
proxy.open.tips
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 r.remarketingpixel.com www.bnserving.com
1 www.bnserving.com ajax.cloudflare.com
1 www.modulepush.com ajax.cloudflare.com
1 yvzgazds6d.com ajax.cloudflare.com
1 coinhive.com ajax.cloudflare.com
1 ajax.cloudflare.com proxy.open.tips
1 cobalten.com proxy.open.tips
1 go.onclasrv.com 1 redirects
1 www.googletagmanager.com proxy.open.tips
1 tpb.crushus.com 1 redirects
34 15

This site contains no links.

Subject Issuer Validity Valid
sni27099.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-08-07 -
2019-02-13		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
cobalten.com
RapidSSL RSA CA 2018		 2018-06-13 -
2019-06-13		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
ssl809251.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-08-15 -
2019-02-21		 6 months crt.sh
yvzgazds6d.com
Let's Encrypt Authority X3		 2018-10-13 -
2019-01-11		 3 months crt.sh
modulepush.com
Let's Encrypt Authority X3		 2018-10-13 -
2019-01-11		 3 months crt.sh
bnserving.com
Let's Encrypt Authority X3		 2018-10-04 -
2019-01-02		 3 months crt.sh
r.remarketingpixel.com
Let's Encrypt Authority X3		 2018-11-04 -
2019-02-02		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
urldelivery.com
Let's Encrypt Authority X3		 2018-10-11 -
2019-01-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://proxy.open.tips/xhamster.com/users/lovexg
Frame ID: 2E55C806A9A5CD9CDFC4F890C416BB2F
Requests: 34 HTTP requests in this frame

Frame: https://www.urldelivery.com/watch.1201833811136?key=0431f3ed3379adc2b1427adeeae7b242&kw=%5B%5D&refer=https%3A%2F%2Fproxy.open.tips%2Fxhamster.com%2Fusers%2Flovexg&tz=0&dev=r&res=4.23&uuid=c2e5ee91-be0c-4a3c-ab40-cdb1941a7597%3A3%3A1
Frame ID: 72E06C7DE216DB07E0DF9160F6ED33CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tpb.crushus.com/xhamster.com/users/lovexg HTTP 301
    https://proxy.open.tips/xhamster.com/users/lovexg Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

34
Requests

100 %
HTTPS

50 %
IPv6

15
Domains

15
Subdomains

13
IPs

3
Countries

717 kB
Transfer

2346 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tpb.crushus.com/xhamster.com/users/lovexg HTTP 301
    https://proxy.open.tips/xhamster.com/users/lovexg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://go.onclasrv.com/apu.php?zoneid=1092668 HTTP 302
  • https://cobalten.com/apu.php?zoneid=1092668

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lovexg
proxy.open.tips/xhamster.com/users/
Redirect Chain
  • http://tpb.crushus.com/xhamster.com/users/lovexg
  • https://proxy.open.tips/xhamster.com/users/lovexg
76 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cda279f25db92d6ea2eca46a10a6cbf6aee4184c861a7625b7f75f11b1278f4
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
proxy.open.tips
:scheme
https
:path
/xhamster.com/users/lovexg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sun, 25 Nov 2018 14:33:02 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; expires=Mon, 25-Nov-19 14:33:02 GMT; path=/; domain=.open.tips; HttpOnly
x-xss-protection
1; mode=block
strict-transport-security
max-age=60; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-proxy-cache
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
47f4d3fc4d61c297-FRA
content-encoding
gzip

Redirect headers

Date
Sun, 25 Nov 2018 14:33:02 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 25 Nov 2018 15:33:02 GMT
Location
https://proxy.open.tips/xhamster.com/users/lovexg
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
47f4d3fb85afc2e2-FRA
2dGNmUCo43Mi0rSUw2NaPDpdtjY.js
proxy.open.tips/cdn-cgi/apps/head/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/cdn-cgi/apps/head/2dGNmUCo43Mi0rSUw2NaPDpdtjY.js
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
025873dd56b84b04a60f6958262bd431c0d752589e91dcd47aaac27f497a84a2

Request headers

:path
/cdn-cgi/apps/head/2dGNmUCo43Mi0rSUw2NaPDpdtjY.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
68825072CA22D078
cf-ray
47f4d3fe5c5dc297-FRA
status
200
content-length
22052
x-amz-id-2
PxYm84GBBCA/8v4O8ecobiYOJasZ5xZWDpQfe+77ETD2Rp2D1dwlhrjj0xElJp7KE/mwMAalCxE=
last-modified
Wed, 07 Feb 2018 07:36:14 GMT
server
cloudflare
etag
"96a7c87d4125eea26d3fd04c15a1e65d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
RKvys5wkiLD8g1GR_bzDFddcUFKN7aiR
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Mon, 25 Nov 2019 14:33:02 GMT
ee4c779f.critical-user-single.css
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ 		364 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb7145b0c023323825a7656547369c6fe044ae2ce6eaef892f4dcf5fbdbb447
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=372877
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
47f4d3fe7ca7c297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
css
proxy.open.tips/fonts.googleapis.com/ 		876 B
318 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0efd21a18ccf787c9fabf0298b33b03cbc67f4625192223d29defdbff11e20fd
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/fonts.googleapis.com/css?family=Roboto:300,400,500,700
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
text/css
status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
strict-transport-security
max-age=60; includeSubDomains
cf-ray
47f4d3fe7ca8c297-FRA
x-xss-protection
1; mode=block
x-proxy-cache
HIT
logo.svg
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/logo.svg
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed313750ad486516bdc6ec3a338acd43ae6241b7353b3ab5a366ca644481614
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/images/logo.svg
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
47f4d3fe7ca9c297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
rta.png
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/rta.png
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b69e59c05a6cf4cbb92fc24d35499484556cab52d1e55f5a2e94e8bb5626272c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/images/rta.png
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
content-length
1929
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
47f4d3fe7caac297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
js
www.googletagmanager.com/gtag/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74375366-4
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/cdn-cgi/apps/head/2dGNmUCo43Mi0rSUw2NaPDpdtjY.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
019c81bc467e16e002ad5bfac3fe23edf7c15b8b085a5fb6f63f2c08a6826924
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
32167
x-xss-protection
1; mode=block
expires
Sun, 25 Nov 2018 14:33:02 GMT
truncated
/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5078b9fae90628fa3ce66e9da5302dc185f1a30b542f8995db67c346f186a9b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
text/css;charset=utf-8
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74375366-4
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
2302
date
Sun, 25 Nov 2018 13:54:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Sun, 25 Nov 2018 15:54:40 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=284975302&t=pageview&_s=1&dl=https%3A%2F%2Fproxy.open.tips%2Fxhamster.com%2Fusers%2Flovexg&ul=en-us&de=UTF-8&dt=lovexg%27s%20profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=416331622&gjid=914196899&cid=2022038656.1543156383&tid=UA-74375366-4&_gid=744063569.1543156383&_r=1&gtm=2oubc0&z=1520963309
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Nov 2018 14:33:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
f3a16d64.user-single.css
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/f3a16d64.user-single.css
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49983b73af26a2e9e55bee97125a9035da1fd7a0f912cf5269e84fde4e7e76a0
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/css/f3a16d64.user-single.css
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=76319
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
text/css
cache-control
public, max-age=315360000
cf-ray
47f4d40008e8c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:02 GMT
flags_2.png
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/flags_2.png
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7833f67a346713597fc07794aaaf0373d78b1b09e0fbc2184218c5ac9be6fd
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/images/flags_2.png
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
:scheme
https
:method
GET
Referer
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
content-length
46718
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
image/png
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
47f4d400ebe8c297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
search.svg
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/ 		855 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/images/search.svg
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06e3719b5ee189eac15eb1aad5f370b751fd940b9e5164390a63e49739a17c6
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/images/search.svg
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
:scheme
https
:method
GET
Referer
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ee4c779f.critical-user-single.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=315360000
cf-ray
47f4d400ebedc297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
proxy.open.tips/fonts.gstatic.com/s/roboto/v18/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
origin
https://proxy.open.tips
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/fonts.googleapis.com/css?family=Roboto:300,400,500,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://proxy.open.tips

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
font/ttf
cache-control
public, max-age=315360000
cf-ray
47f4d400ebeec297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
proxy.open.tips/fonts.gstatic.com/s/roboto/v18/ 		34 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
origin
https://proxy.open.tips
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/fonts.googleapis.com/css?family=Roboto:300,400,500,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/fonts.googleapis.com/css?family=Roboto:300,400,500,700
Origin
https://proxy.open.tips

Response headers

date
Sun, 25 Nov 2018 14:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
font/ttf
cache-control
public, max-age=315360000
cf-ray
47f4d400ebefc297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:02 GMT
apu.php
cobalten.com/
Redirect Chain
  • https://go.onclasrv.com/apu.php?zoneid=1092668
  • https://cobalten.com/apu.php?zoneid=1092668
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cobalten.com/apu.php?zoneid=1092668
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.213.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Nov 2018 14:33:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 25 Nov 2018 14:33:04 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
https://cobalten.com/apu.php?zoneid=1092668
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 19 Nov 2018 16:43:27 GMT
server
cloudflare
etag
W/"5bf2e82f-2ba8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
47f4d4091b25c2d3-FRA
expires
Tue, 27 Nov 2018 14:33:04 GMT
e24ae5a2.user-single.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/ 		580 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/e24ae5a2.user-single.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb8b73edd7452bb92c9f3eeb7e2df86cf3d0fe05e0394dbe4453029c43881c5
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/e24ae5a2.user-single.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e93c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:04 GMT
f9c5c5c0.user-single.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/f9c5c5c0.user-single.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a1cc157c3204905fc632be591500843a8ba8f754afbf02179a40830cd15286c
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/locales/en/f9c5c5c0.user-single.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e96c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:04 GMT
a0831c1f.header.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/a0831c1f.header.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e9aae9fc74867d9326b562f0fbe4de8886aca466f41969cb9be6a65bf21382
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/a0831c1f.header.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e97c297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:04 GMT
d1c2a9b0.header.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/ 		335 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/d1c2a9b0.header.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
baee1a767c81b113445ab65fa29d92981edf42b44cfce3ac5431bbd2ce616416
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/locales/en/d1c2a9b0.header.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e99c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:04 GMT
db04241d.jquery.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/db04241d.jquery.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9ea315791a2280ed86f7999e797ebf37e91cbd0245559686b7cdb90fd7ed0
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/db04241d.jquery.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e9ac297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:04 GMT
898f61a0.common.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/ 		316 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/898f61a0.common.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdc0fe7df022b89af9bc2ef4fb6c611d5798620d6dd4453dace3d843e571843
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/898f61a0.common.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094e9fc297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:04 GMT
607b552e.common.js
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/ 		1 KB
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/js/locales/en/607b552e.common.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2207d12d445b901e87940b4500f1d3868299646b585d406509fd269ee091ce5
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/js/locales/en/607b552e.common.js
pragma
no-cache
cookie
__cfduid=d242c35660a4bb808de266dc7e312462a1543156382; _ga=GA1.2.2022038656.1543156383; _gid=GA1.2.744063569.1543156383; _gat_gtag_UA_74375366_4=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
cf-ray
47f4d4094ea2c297-FRA
x-proxy-cache
HIT
expires
Wed, 22 Nov 2028 14:33:04 GMT
coinhive.min.js
coinhive.com/lib/ 		265 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coinhive.com/lib/coinhive.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6814:d13b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:04 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 15 Oct 2018 11:58:24 GMT
server
cloudflare
status
200
etag
W/"5bc480e0-423b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=28800
cf-ray
47f4d4094e1796d0-FRA
expires
Sun, 25 Nov 2018 22:33:04 GMT
2497b33a9b4d65137a8950d2b41c267c.js
yvzgazds6d.com/24/97/b3/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yvzgazds6d.com/24/97/b3/2497b33a9b4d65137a8950d2b41c267c.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.242 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Nov 2018 14:33:04 GMT
Server
nginx/1.15.1
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.modulepush.com/2b7c8abc9a1b4c9a413e6845db201275/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.modulepush.com/2b7c8abc9a1b4c9a413e6845db201275/invoke.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.112.244 Garden City, United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 25 Nov 2018 14:33:05 GMT
Server
nginx/1.15.1
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
invoke.js
www.bnserving.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bnserving.com/invoke.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.196.2.2 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 25 Nov 2018 14:33:05 GMT
Content-Encoding
gzip
Server
nginx/1.15.1
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
r.remarketingpixel.com/ 		40 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.remarketingpixel.com/stats
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.224.1 Phoenix, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash
9d95a8dd666a8c83b4edd0e3c1a0827faf82e30eca8d06563d332d59e65a4e9c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Origin
https://proxy.open.tips

Response headers

Date
Sun, 25 Nov 2018 14:33:05 GMT
Server
nginx/1.15.1
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://proxy.open.tips
Cache-Control
max-age=0, : no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
40
Expires
Sun, 25 Nov 2018 14:33:05 GMT
xh-icons.ttf
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/fonts/ 		118 KB
119 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/fonts/xh-icons.ttf?2018112514
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcb947e988ca29ddc69233d659b16e2ffa96dcfca465162dbec3d76ef4d2e6eb
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/fonts/xh-icons.ttf?2018112514
pragma
no-cache
origin
https://proxy.open.tips
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Origin
https://proxy.open.tips

Response headers

date
Sun, 25 Nov 2018 14:33:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Accept-Encoding
content-length
121104
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=60; includeSubDomains
content-type
application/octet-stream
cache-control
public, max-age=315360000
set-cookie
__cfduid=d2663578df8291b230608b6cdef0a0b5f1543156385; expires=Mon, 25-Nov-19 14:33:05 GMT; path=/; domain=.open.tips; HttpOnly
accept-ranges
bytes
cf-ray
47f4d4135e70c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:06 GMT
f3a16d64.user-single.css
proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://proxy.open.tips/static-cl.xhcdn.com/xh-tpl3/css/f3a16d64.user-single.css
Requested by
Host: proxy.open.tips
URL: https://proxy.open.tips/xhamster.com/users/lovexg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681b:be6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49983b73af26a2e9e55bee97125a9035da1fd7a0f912cf5269e84fde4e7e76a0
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/static-cl.xhcdn.com/xh-tpl3/css/f3a16d64.user-single.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
proxy.open.tips
referer
https://proxy.open.tips/xhamster.com/users/lovexg
:scheme
https
:method
GET
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 25 Nov 2018 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=76319
status
200
strict-transport-security
max-age=60; includeSubDomains
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=315360000
set-cookie
__cfduid=d2663578df8291b230608b6cdef0a0b5f1543156385; expires=Mon, 25-Nov-19 14:33:05 GMT; path=/; domain=.open.tips; HttpOnly
cf-ray
47f4d4135e71c297-FRA
x-proxy-cache
MISS
expires
Wed, 22 Nov 2028 14:33:05 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Origin
https://proxy.open.tips
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Nov 2018 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://proxy.open.tips
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
1; mode=block
publisher:getClientId
ampcid.google.de/v1/ 		3 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Origin
https://proxy.open.tips
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 25 Nov 2018 14:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://proxy.open.tips
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
1; mode=block
watch.1201833811136.js
www.urldelivery.com/ 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.urldelivery.com/watch.1201833811136.js?key=0431f3ed3379adc2b1427adeeae7b242&kw=%5B%5D&refer=https%3A%2F%2Fproxy.open.tips%2Fxhamster.com%2Fusers%2Flovexg&tz=0&dev=r&res=4.23&uuid=c2e5ee91-be0c-4a3c-ab40-cdb1941a7597%3A3%3A1
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.196.5.3 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Origin
https://proxy.open.tips

Response headers
watch.1201833811136
www.urldelivery.com/ Frame 72E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.urldelivery.com/watch.1201833811136?key=0431f3ed3379adc2b1427adeeae7b242&kw=%5B%5D&refer=https%3A%2F%2Fproxy.open.tips%2Fxhamster.com%2Fusers%2Flovexg&tz=0&dev=r&res=4.23&uuid=c2e5ee91-be0c-4a3c-ab40-cdb1941a7597%3A3%3A1
Requested by
Host: www.bnserving.com
URL: https://www.bnserving.com/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.196.5.3 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Host
www.urldelivery.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://proxy.open.tips/xhamster.com/users/lovexg
Accept-Encoding
gzip, deflate
Cookie
u_pl=14142203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://proxy.open.tips/xhamster.com/users/lovexg

Response headers

Server
nginx/1.15.1
Date
Sun, 25 Nov 2018 14:33:06 GMT
Content-Type
text/html
Content-Length
103
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubdomains

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pJS function| hexToRgb function| clamp function| isInArray object| Eager object| CloudflareApps function| tinycolor function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| dataLayer object| Pace object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| H2y24 string| l84 string| v24 string| B24 object| L5M function| l04 string| zfgaabversion function| _vrewn function| _sspfy object| __cfQR boolean| zfgloadedpopup object| LieDetector object| atAsyncContainers object| CoinHive object| html object| icons undefined| link object| dataBanner object| initials object| dataPopUnder object| ncc number| nccl string| a string| xhLocaleName object| xhLocale function| xhInit function| setImmediate function| clearImmediate object| __core-js_shared__ function| StripchatPlayer function| $ function| jQuery function| showSignupDialog

4 Cookies

Domain/Path Name / Value
.open.tips/ Name: _gid
Value: GA1.2.744063569.1543156383
.open.tips/ Name: _ga
Value: GA1.2.2022038656.1543156383
.open.tips/ Name: _gat_gtag_UA_74375366_4
Value: 1
.open.tips/ Name: __cfduid
Value: d242c35660a4bb808de266dc7e312462a1543156382

5 Console Messages

Source Level URL
Text
console-api log URL: https://cobalten.com/apu.php?zoneid=1092668(Line 1)
Message:
70000
console-api log URL: https://www.bnserving.com/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://www.bnserving.com/invoke.js(Line 1)
Message:
console.clear
console-api log URL: https://www.bnserving.com/invoke.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://www.bnserving.com/invoke.js(Line 1)
Message:
console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ampcid.google.com
ampcid.google.de
cobalten.com
coinhive.com
go.onclasrv.com
proxy.open.tips
r.remarketingpixel.com
tpb.crushus.com
www.bnserving.com
www.google-analytics.com
www.googletagmanager.com
www.modulepush.com
www.urldelivery.com
yvzgazds6d.com
188.72.213.175
198.134.112.242
198.134.112.244
213.196.2.2
213.196.5.3
23.111.224.1
2606:4700:10::6814:d13b
2606:4700:30::6812:3e3b
2606:4700:30::681b:be6e
2606:4700::6813:c697
2a00:1450:4001:815::200e
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
78.140.191.112
019c81bc467e16e002ad5bfac3fe23edf7c15b8b085a5fb6f63f2c08a6826924
025873dd56b84b04a60f6958262bd431c0d752589e91dcd47aaac27f497a84a2
0cdc0fe7df022b89af9bc2ef4fb6c611d5798620d6dd4453dace3d843e571843
0efd21a18ccf787c9fabf0298b33b03cbc67f4625192223d29defdbff11e20fd
24e9aae9fc74867d9326b562f0fbe4de8886aca466f41969cb9be6a65bf21382
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
41b9ea315791a2280ed86f7999e797ebf37e91cbd0245559686b7cdb90fd7ed0
466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f
49983b73af26a2e9e55bee97125a9035da1fd7a0f912cf5269e84fde4e7e76a0
4eb7145b0c023323825a7656547369c6fe044ae2ce6eaef892f4dcf5fbdbb447
70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8
7a14e2c32c6a42c292a80640d77b95254b03b08756fff2f2602b7396f9203679
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a1cc157c3204905fc632be591500843a8ba8f754afbf02179a40830cd15286c
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9cda279f25db92d6ea2eca46a10a6cbf6aee4184c861a7625b7f75f11b1278f4
9d95a8dd666a8c83b4edd0e3c1a0827faf82e30eca8d06563d332d59e65a4e9c
aeb8b73edd7452bb92c9f3eeb7e2df86cf3d0fe05e0394dbe4453029c43881c5
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b69e59c05a6cf4cbb92fc24d35499484556cab52d1e55f5a2e94e8bb5626272c
baee1a767c81b113445ab65fa29d92981edf42b44cfce3ac5431bbd2ce616416
bcb947e988ca29ddc69233d659b16e2ffa96dcfca465162dbec3d76ef4d2e6eb
bd7833f67a346713597fc07794aaaf0373d78b1b09e0fbc2184218c5ac9be6fd
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e2207d12d445b901e87940b4500f1d3868299646b585d406509fd269ee091ce5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a9bdb4f8cff06f1f195018a63e4ae1ed73968c8c170df51ed665700e9bd847
eed313750ad486516bdc6ec3a338acd43ae6241b7353b3ab5a366ca644481614
f06e3719b5ee189eac15eb1aad5f370b751fd940b9e5164390a63e49739a17c6
f5078b9fae90628fa3ce66e9da5302dc185f1a30b542f8995db67c346f186a9b