Submitted URL: http://imagetwist.com/2zoa47cyf07i
Effective URL: https://imagetwist.com/2zoa47cyf07i
Submission: On March 16 via manual from IL

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 40 HTTP transactions. The main IP is 2606:4700:11::6817:814d, located in United States and belongs to CLOUDFLARENET, US. The main domain is imagetwist.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 11th 2020. Valid for: 7 months.
This is the only time imagetwist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 2606:4700:11:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 95.211.212.70 60781 (LEASEWEB-...)
1 192.99.8.34 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
4 95.211.229.247 60781 (LEASEWEB-...)
40 12
Domain Requested by
23 imagetwist.com 1 redirects imagetwist.com
4 syndication.exosrv.com ads.exosrv.com
3 chaturbate.com 2 redirects imagetwist.com
2 fonts.gstatic.com imagetwist.com
2 www.google-analytics.com imagetwist.com
1 impactslam.com cdn.impactslam.com
1 ads.exoclick.com imagetwist.com
1 cdn.impactslam.com imagetwist.com
1 sstatic1.histats.com imagetwist.com
1 img102.imagetwist.com imagetwist.com
1 ads.exosrv.com imagetwist.com
1 ajax.googleapis.com imagetwist.com
1 fonts.googleapis.com imagetwist.com
0 i.t.net.ar Failed imagetwist.com
40 14

This site contains links to these domains. Also see Links.

Domain
img102.imagetwist.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-03-11 -
2020-10-09
7 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.exoclick.com
DigiCert SHA2 Secure Server CA
2017-12-12 -
2020-12-16
3 years crt.sh
*.imagetwist.com
Sectigo RSA Domain Validation Secure Server CA
2019-03-20 -
2020-03-19
a year crt.sh
histats.com
Let's Encrypt Authority X3
2019-12-27 -
2020-03-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
*.google.com
GTS CA 1O1
2020-02-25 -
2020-05-19
3 months crt.sh
ssl966599.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-19 -
2020-06-26
6 months crt.sh
chaturbate.com
DigiCert ECC Extended Validation Server CA
2018-04-11 -
2020-07-13
2 years crt.sh
exosrv.com
Let's Encrypt Authority X3
2020-01-16 -
2020-04-15
3 months crt.sh

This page contains 6 frames:

Primary Page: https://imagetwist.com/2zoa47cyf07i
Frame ID: 9B88D16EEB25B178FB3B3CCDC90FEC8A
Requests: 35 HTTP requests in this frame

Frame: https://chaturbate.com/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent
Frame ID: E10651F6374372CA69A44E26034570B1
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=1569166&type=728x90&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256587&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 691F390DC17E7E5C86F14F2EC7746032
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=1564148&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256588&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 95DEAB18EF35950BE29D9173BC8F0BCD
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=1872924&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256590&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 5F05E497ADEB4AC9CDDC42E21355FD15
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=1872924&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256591&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 2300D65902F2F282261E0A7A518D41E4
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://imagetwist.com/2zoa47cyf07i HTTP 301
    https://imagetwist.com/2zoa47cyf07i Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

98 %
HTTPS

73 %
IPv6

10
Domains

14
Subdomains

12
IPs

4
Countries

1180 kB
Transfer

1719 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://imagetwist.com/2zoa47cyf07i HTTP 301
    https://imagetwist.com/2zoa47cyf07i Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://chaturbate.com/in/?track=topF&tour=6o0b&campaign=c3mKf&disable_sound=1&embed_video_only=0&target=_parent&mobileRedirect=never& HTTP 302
  • https://chaturbate.com/topembed/female/?join_overlay=1&target=_parent&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never HTTP 302
  • https://chaturbate.com/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2zoa47cyf07i
imagetwist.com/
Redirect Chain
  • http://imagetwist.com/2zoa47cyf07i
  • https://imagetwist.com/2zoa47cyf07i
24 KB
7 KB
Document
General
Full URL
https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee84ebba4b7a4db1cb3caedfe204d7751e78ac9721d3ccc1332775a3d8ecb727

Request headers

:method
GET
:authority
imagetwist.com
:scheme
https
:path
/2zoa47cyf07i
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dd99c38cca4ccf0dd542eed64ad8a75411584369256
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 16 Mar 2020 14:34:16 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Sun, 15 Mar 2020 14:34:16 GMT
x-cache
HIT from Backend
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
574f31ab9d706383-FRA
content-encoding
gzip

Redirect headers

Date
Mon, 16 Mar 2020 14:34:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dd99c38cca4ccf0dd542eed64ad8a75411584369256; expires=Wed, 15-Apr-20 14:34:16 GMT; path=/; domain=.imagetwist.com; HttpOnly; SameSite=Lax
Location
https://imagetwist.com/2zoa47cyf07i
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
574f31ab1812d6bd-FRA
main.css
imagetwist.com/
10 KB
3 KB
Stylesheet
General
Full URL
https://imagetwist.com/main.css?x=1
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced035b8c3cfb767800248597bb704d31eb209f4ca1b88b0d636f4488a8bbde3

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
162
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
574f31acce4b6383-FRA
xupload.js
imagetwist.com/
12 KB
4 KB
Script
General
Full URL
https://imagetwist.com/xupload.js?x=1
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b042366a78c5d83d3db1efd2f7d1a0cf15cb5e5af93888dc9acc6fd1dd16c1f

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:24:54 GMT
server
cloudflare
age
94
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce4c6383-FRA
jquery-1.12.4.min.js
imagetwist.com/
95 KB
33 KB
Script
General
Full URL
https://imagetwist.com/jquery-1.12.4.min.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
94
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce536383-FRA
bootstrap.min.css
imagetwist.com/css/
118 KB
19 KB
Stylesheet
General
Full URL
https://imagetwist.com/css/bootstrap.min.css
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
194
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
574f31acce4d6383-FRA
bootstrap-theme.min.css
imagetwist.com/css/
23 KB
3 KB
Stylesheet
General
Full URL
https://imagetwist.com/css/bootstrap-theme.min.css
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
194
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
574f31acce4e6383-FRA
bootstrap.min.js
imagetwist.com/
36 KB
10 KB
Script
General
Full URL
https://imagetwist.com/bootstrap.min.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
109
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce556383-FRA
new_style.css
imagetwist.com/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://imagetwist.com/css/new_style.css
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
491669a43a0f9e654cb26c64da416af8c0f33b05e9019979d79a6113c9fbb68e

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 03 Jan 2020 10:51:04 GMT
server
cloudflare
age
139
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
574f31acce4f6383-FRA
imagetwist-icons.css
imagetwist.com/fonts/
2 KB
582 B
Stylesheet
General
Full URL
https://imagetwist.com/fonts/imagetwist-icons.css
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faac9f24a5e7720622e51368a8f3e5767bece0fc36ff4973a0fca22106e4cdac

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
198
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
574f31acce516383-FRA
css
fonts.googleapis.com/
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,latin-ext
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57b8336d132c933f414330faa45a394cb8ec064f7bae567fbe57bea1f70bc460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 14:34:16 GMT
server
ESF
date
Mon, 16 Mar 2020 14:34:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Mar 2020 14:34:16 GMT
jquery.easing.1.3.js
imagetwist.com/
8 KB
2 KB
Script
General
Full URL
https://imagetwist.com/jquery.easing.1.3.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
111
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce586383-FRA
jquery.cycle.all.min.js
imagetwist.com/
27 KB
7 KB
Script
General
Full URL
https://imagetwist.com/jquery.cycle.all.min.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41d5c68a3fef5650df1f67b98fa607dc6f67d80b69e476f71496d0631023254f

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
111
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce596383-FRA
actions.js
imagetwist.com/js/
1 KB
395 B
Script
General
Full URL
https://imagetwist.com/js/actions.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bedab8efb1f860d3e84387f08b2b17c25c8c92b8144315ec4f88ae2572e414

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Jan 2018 18:38:14 GMT
server
cloudflare
age
96
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31acce5a6383-FRA
cerrar.png
i.t.net.ar/images/
0
0

site_ads.js
imagetwist.com/
18 B
82 B
Script
General
Full URL
https://imagetwist.com/site_ads.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215c8da4a91ecf7d26b64fa4d67ff1e0c48c113f24d75b18d795cb8a22852aed

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
60
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
574f31acfe7d6383-FRA
content-length
18
b9ng.js
imagetwist.com/
19 KB
5 KB
Script
General
Full URL
https://imagetwist.com/b9ng.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3648d7314c1a12ecb373f9f81bc0d2db2ea6bb9667842494c23f456d0b3b85c1

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
7191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31ad2e986383-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/
93 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 09 Mar 2020 09:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
621589
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Mar 2021 09:54:27 GMT
ads.js
ads.exosrv.com/
3 KB
1 KB
Script
General
Full URL
https://ads.exosrv.com/ads.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
234f42906768c402a9229459148fea2446ab214fe65e5ac75c8fbd11ac969325

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 11:58:06 GMT
server
ECS (fcn/40E2)
age
9370
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
content-length
1041
expires
Mon, 16 Mar 2020 17:34:16 GMT
jt5hwoae.3qt_s.jpg
img102.imagetwist.com/i/05294/2zoa47cyf07i.jpg/
929 KB
930 KB
Image
General
Full URL
https://img102.imagetwist.com/i/05294/2zoa47cyf07i.jpg/jt5hwoae.3qt_s.jpg
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.212.70 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
lighttpd/1.4.45 /
Resource Hash
665d74b042b26fb23777b9c1b68cf16fca3ae20563d7e498aa42fe54a6b1bce5

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 16 Mar 2020 14:34:16 GMT
Last-Modified
Mon, 10 Feb 2014 08:10:45 GMT
Server
lighttpd/1.4.45
ETag
"10734924"
Content-Type
image/jpeg
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
951684
ZeroClipboard.js
imagetwist.com/
10 KB
3 KB
Script
General
Full URL
https://imagetwist.com/ZeroClipboard.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f151cda58761791970ab87132de5ce588a377fb8a4b21aa6d1f25ad04b42b257

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
161
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31ad2e9a6383-FRA
adblock_detector2.js
imagetwist.com/
1 KB
579 B
Script
General
Full URL
https://imagetwist.com/adblock_detector2.js?v=2
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31e73ab7bd68c40a2ca2bdf6336e01b6259bbf967601c76a674e98c636c2021

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
7191
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
574f31ad2e9b6383-FRA
grey_logo.svg
imagetwist.com/imgs/
14 KB
4 KB
Image
General
Full URL
https://imagetwist.com/imgs/grey_logo.svg
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c911772b5d8be4599432fe7efae92350e47a59931b98bfb48a7273835af50a5

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
168
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
574f31ad2e9c6383-FRA
0.gif
sstatic1.histats.com/
43 B
300 B
Image
General
Full URL
https://sstatic1.histats.com/0.gif?2329323&101
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 16 Mar 2020 14:34:16 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6941
date
Mon, 16 Mar 2020 12:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 16 Mar 2020 14:38:35 GMT
colored_logo.svg
imagetwist.com/imgs/
14 KB
4 KB
Image
General
Full URL
https://imagetwist.com/imgs/colored_logo.svg
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c59ccedfa6c1c06ea6c0958c3cf573249a1ef97570618ee531a8ef8baaaec82

Request headers

Referer
https://imagetwist.com/css/new_style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
168
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
574f31ad3ea76383-FRA
bulb_grey.svg
imagetwist.com/imgs/
1 KB
733 B
Image
General
Full URL
https://imagetwist.com/imgs/bulb_grey.svg
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d0e8f8d546da120784f8fa281b28b708db97c4ed67436d9c784c0aa2e8e2ef

Request headers

Referer
https://imagetwist.com/css/new_style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
171
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
574f31ad3eaa6383-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,latin-ext
Origin
https://imagetwist.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1792818
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Tue, 23 Feb 2021 20:33:58 GMT
imagetwist-icons.woff
imagetwist.com/fonts/fonts/
3 KB
3 KB
Font
General
Full URL
https://imagetwist.com/fonts/fonts/imagetwist-icons.woff
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2e18548c2e8322da0db2161a54b518082d17773b0f1a9c8622c912fc91f344

Request headers

Referer
https://imagetwist.com/fonts/imagetwist-icons.css
Origin
https://imagetwist.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
cf-cache-status
HIT
last-modified
Tue, 31 Jul 2018 14:15:28 GMT
server
cloudflare
age
6806
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
font/woff
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
574f31ad2ea16383-FRA
content-length
3476
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,700,700italic&subset=latin,cyrillic-ext,cyrillic,latin-ext
Origin
https://imagetwist.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
509608
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
infinity.js.aspx
cdn.impactslam.com/Scripts/
170 KB
60 KB
Script
General
Full URL
https://cdn.impactslam.com/Scripts/infinity.js.aspx?guid=fdeeabe0-54ec-4b88-bce7-011502c468cd
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9c5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
971c08ef566887c0783bd38918d12c6b431f3601bb2c51dcfbd532b79a3ddce3

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
HIT
content-type
application/x-javascript; charset=utf-8
server
cloudflare
age
185
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
status
200
cache-control
public, no-transform, max-age=900
access-control-allow-origin
*
cf-ray
574f31ad3c31975a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
chaturbate.com/embed/omagadomagad/ Frame E106
Redirect Chain
  • https://chaturbate.com/in/?track=topF&tour=6o0b&campaign=c3mKf&disable_sound=1&embed_video_only=0&target=_parent&mobileRedirect=never&
  • https://chaturbate.com/topembed/female/?join_overlay=1&target=_parent&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never
  • https://chaturbate.com/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent
0
0
Document
General
Full URL
https://chaturbate.com/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:5a1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://bam.nr-data.net https://chaturbateapps.disqus.com https://*.disquscdn.com https://disqus.com https://certify-js.alexametrics.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://*.disquscdn.com ; img-src 'self' data: https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://bam.nr-data.net https://*.disquscdn.com https://links.services.disqus.com https://referrer.disqus.com https://certify.alexametrics.com ; font-src 'self' data: https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://bam.nr-data.net https://*.chaturbate.com https://chaturbate.com wss://recommend.chaturbate.com:8443 https://www.google-analytics.com https://links.services.disqus.com sentry.io https://cbvideoupload.s3-accelerate.amazonaws.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.highwebmedia.com https://download.macromedia.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://disqus.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.highwebmedia.com ; report-uri https://report-uri.highwebmedia.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

:method
GET
:authority
chaturbate.com
:scheme
https
:path
/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://imagetwist.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
affkey="eJwdjFEKgCAQRK8S+x1pJgkeoJ9OYaIlIYouREV3j/Vv3sxjXsBygu4AU16g78B4T3jIkotzSFWmQowUS9sQc9WMhWh2h1eoONgUmXiSkcrenqtALpI7J74R2Nhe7BRXD98P0O0hiA=="; u_6o0b=1; mobile_redirect_source=affiliate; sbr="sec:sbr9a36d0ea-922b-44b8-9c54-c223673a3d35:1jDqoq:sHnJFXLUsg6GzgiTP0_ilYI8-u0"; fromaffiliate=1; mobile_redirect=never; noads=1; us_6o0b=1; __cf_bm=d22fd7aff67ffdf2816066add9e8a11312b84416-1584369256-1800-AatAB7noctzTmgbL/W4tWCe+tswQVNiRLm8R9IpFn1e5FGogQPiNVv+WP2+GrrpSECWbY1k8kaf4l4lqQ+M9Yac=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://imagetwist.com/

Response headers

status
200
date
Mon, 16 Mar 2020 14:34:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dc3107453c8954315c167228e414f2d4a1584369257; expires=Wed, 15-Apr-20 14:34:17 GMT; path=/; domain=.chaturbate.com; HttpOnly; SameSite=Lax csrftoken=JD0WG37qG3QIvkOe7B8HAeYcrMLLezp3AR0HTXi43Qi3RegE3CxLymopuoQIjWtE; expires=Mon, 15-Mar-2021 14:34:17 GMT; Max-Age=31449600; Path=/; secure tbu_omagadomagad=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
cf-ray
574f31b09bdbd715-FRA
cache-control
no-cache
content-language
en
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie, Accept-Language
cf-cache-status
DYNAMIC
cf-ctrl
Z
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://bam.nr-data.net https://chaturbateapps.disqus.com https://*.disquscdn.com https://disqus.com https://certify-js.alexametrics.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://*.disquscdn.com ; img-src 'self' data: https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://bam.nr-data.net https://*.disquscdn.com https://links.services.disqus.com https://referrer.disqus.com https://certify.alexametrics.com ; font-src 'self' data: https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://bam.nr-data.net https://*.chaturbate.com https://chaturbate.com wss://recommend.chaturbate.com:8443 https://www.google-analytics.com https://links.services.disqus.com sentry.io https://cbvideoupload.s3-accelerate.amazonaws.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.highwebmedia.com https://download.macromedia.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://disqus.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.highwebmedia.com ; report-uri https://report-uri.highwebmedia.com/r/t/csp/enforce;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.highwebmedia.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
server
cloudflare
content-encoding
br

Redirect headers

status
302
date
Mon, 16 Mar 2020 14:34:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da12c8b709a8d40e0532eccd193580b181584369256; expires=Wed, 15-Apr-20 14:34:16 GMT; path=/; domain=.chaturbate.com; HttpOnly; SameSite=Lax
location
/embed/omagadomagad/?join_overlay=1&campaign=c3mKf&embed_video_only=0&disable_sound=1&tour=6o0b&mobileRedirect=never&target=_parent
cf-ray
574f31aeff42d715-FRA
cache-control
no-cache
content-language
en
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Language, Accept-Encoding
cf-cache-status
DYNAMIC
cf-ctrl
Z
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://bam.nr-data.net https://chaturbateapps.disqus.com https://*.disquscdn.com https://disqus.com https://certify-js.alexametrics.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://*.disquscdn.com ; img-src 'self' data: https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://bam.nr-data.net https://*.disquscdn.com https://links.services.disqus.com https://referrer.disqus.com https://certify.alexametrics.com ; font-src 'self' data: https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://bam.nr-data.net https://*.chaturbate.com https://chaturbate.com wss://recommend.chaturbate.com:8443 https://www.google-analytics.com https://links.services.disqus.com sentry.io https://cbvideoupload.s3-accelerate.amazonaws.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.highwebmedia.com https://download.macromedia.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://disqus.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.highwebmedia.com ; report-uri https://report-uri.highwebmedia.com/r/t/csp/enforce;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.highwebmedia.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
server
cloudflare
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=686780285&t=pageview&_s=1&dl=https%3A%2F%2Fimagetwist.com%2F2zoa47cyf07i&ul=en-us&de=UTF-8&dt=jt5hwoae.3qt_s.jpg%20-%20ImageTwist&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=980254633&gjid=1582082969&cid=1580682974.1584369257&tid=UA-5836056-9&_gid=1209713290.1584369257&_r=1&z=1425890276
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 16 Mar 2020 14:34:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 691F
0
0
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=1569166&type=728x90&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256587&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://imagetwist.com/2zoa47cyf07i
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://imagetwist.com/2zoa47cyf07i

Response headers

Server
nginx
Date
Mon, 16 Mar 2020 14:34:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225e6f8e689871e1.580948884020497258%22%3B%7D; expires=Wed, 16 Mar 2022 14:34:16 GMT; path=; domain=.exosrv.com;
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 95DE
0
0
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=1564148&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256588&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://imagetwist.com/2zoa47cyf07i
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://imagetwist.com/2zoa47cyf07i

Response headers

Server
nginx
Date
Mon, 16 Mar 2020 14:34:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225e6f8e6898ea61.094707102702975886%22%3B%7D; expires=Wed, 16 Mar 2022 14:34:16 GMT; path=; domain=.exosrv.com;
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 5F05
0
0
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=1872924&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256590&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://imagetwist.com/2zoa47cyf07i
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://imagetwist.com/2zoa47cyf07i

Response headers

Server
nginx
Date
Mon, 16 Mar 2020 14:34:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225e6f8e689926a6.64339824290101607%22%3B%7D; expires=Wed, 16 Mar 2022 14:34:16 GMT; path=; domain=.exosrv.com;
Content-Encoding
gzip
Cookie set ads-iframe-display.php
syndication.exosrv.com/ Frame 2300
0
0
Document
General
Full URL
https://syndication.exosrv.com/ads-iframe-display.php?idzone=1872924&type=300x250&p=https%3A//imagetwist.com/2zoa47cyf07i&dt=1584369256591&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exosrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://imagetwist.com/2zoa47cyf07i
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://imagetwist.com/2zoa47cyf07i

Response headers

Server
nginx
Date
Mon, 16 Mar 2020 14:34:16 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225e6f8e6898d035.41451332599875315%22%3B%7D; expires=Wed, 16 Mar 2022 14:34:16 GMT; path=; domain=.exosrv.com;
Content-Encoding
gzip
ads.js
ads.exoclick.com/
3 KB
1 KB
Script
General
Full URL
https://ads.exoclick.com/ads.js
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/b9ng.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:1f1f:1754:1fef:718:1223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
5757a0cb74885086431384d44cff5b736b132fa91050657a3a54215eeb26131e

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 11:58:06 GMT
server
ECS (fcn/40E2)
age
9370
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript;charset=UTF-8
status
200
cache-control
max-age=10800
content-length
1043
expires
Mon, 16 Mar 2020 17:34:16 GMT
textlink-ads.jpg
imagetwist.com/adimages/
849 B
849 B
Image
General
Full URL
https://imagetwist.com/adimages/textlink-ads.jpg
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a6043a28d47ab7adfdf145846e460dee00a3f34269b8d72c51589dc7b91267

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 02 Apr 2014 20:10:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
status
404
cf-ray
574f31adcf036383-FRA
Tag.engine
impactslam.com/
2 KB
3 KB
Script
General
Full URL
https://impactslam.com/Tag.engine?time=-60&id=fdeeabe0-54ec-4b88-bce7-011502c468cd&rand=67647&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=60&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fimagetwist.com%2F2zoa47cyf07i&kw=images%2Cphotos%2Cphoto%20hosting%2Cimage%20hosting%2Cimage%20upload%2Cphoto%20uploading%2Cphoto%20sharing%2Cfree%20image%20hosting%2Cphoto%20image%20hosting%20site%2Cfree%20photo%20gallery%2Cimage%20gallery
Requested by
Host: cdn.impactslam.com
URL: https://cdn.impactslam.com/Scripts/infinity.js.aspx?guid=fdeeabe0-54ec-4b88-bce7-011502c468cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9c5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c6e1317cd8bf8d71afb176eb0f287f5bf806a97f5bcf8ea5057b405a9a14acdc

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-origin
*
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR IND"
status
200
cache-control
private, no-transform
cf-ray
574f31adece0975a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
imagetwist.com/
19 B
72 B
Script
General
Full URL
https://imagetwist.com/?op=download1&id=2zoa47cyf07i&jsec=0622wwlv&referer=
Requested by
Host: imagetwist.com
URL: https://imagetwist.com/2zoa47cyf07i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:11::6817:814d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Referer
https://imagetwist.com/2zoa47cyf07i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 16 Mar 2020 14:34:16 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT from Backend
content-type
text/html ; charset=ISO-8859-1
status
200
cf-ray
574f31ae6f8b6383-FRA
expires
Sun, 15 Mar 2020 14:34:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.t.net.ar
URL
https://i.t.net.ar/images/cerrar.png

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| show_fname_chars string| upload_type undefined| form_action function| $$ function| openStatusWindow function| StartUpload function| checkExt function| fixLength function| MultiSelector function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| countDown function| changeUploadType function| jah function| submitCommentsForm function| scaleImg function| OpenWin function| $ function| jQuery object| jQuery1124033640805453924183 string| GoogleAnalyticsObject function| ga function| changestl boolean| __ads function| closeOverlay function| setCookie function| getCookie object| ExoDetector object| ExoLoader string| ad_idzone string| ad_width string| ad_height object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| exoParams string| exoDocumentProtocol object| ZeroClipboard function| init function| afterCopy function| checkForm number| adbok function| _status string| _abdStatusFnc object| g367CB268B1094004A3689751E7AC568F boolean| infinityInitialized function| infinityInit function| UAParser object| clip object| list string| clip_curr

16 Cookies

Domain/Path Name / Value
.exosrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225e6f8e6898ea61.094707102702975886%22%3B%7D
.chaturbate.com/ Name: __cf_bm
Value: d22fd7aff67ffdf2816066add9e8a11312b84416-1584369256-1800-AatAB7noctzTmgbL/W4tWCe+tswQVNiRLm8R9IpFn1e5FGogQPiNVv+WP2+GrrpSECWbY1k8kaf4l4lqQ+M9Yac=
chaturbate.com/ Name: csrftoken
Value: JD0WG37qG3QIvkOe7B8HAeYcrMLLezp3AR0HTXi43Qi3RegE3CxLymopuoQIjWtE
chaturbate.com/ Name: us_6o0b
Value: 1
chaturbate.com/ Name: noads
Value: 1
.chaturbate.com/ Name: mobile_redirect
Value: never
chaturbate.com/ Name: sbr
Value: "sec:sbr9a36d0ea-922b-44b8-9c54-c223673a3d35:1jDqoq:sHnJFXLUsg6GzgiTP0_ilYI8-u0"
imagetwist.com/ Name: g36FastPopSessionRequestNumber
Value: 1
chaturbate.com/ Name: u_6o0b
Value: 1
.chaturbate.com/ Name: mobile_redirect_source
Value: affiliate
chaturbate.com/ Name: fromaffiliate
Value: 1
.imagetwist.com/ Name: _gat
Value: 1
.imagetwist.com/ Name: _gid
Value: GA1.2.1209713290.1584369257
.imagetwist.com/ Name: _ga
Value: GA1.2.1580682974.1584369257
.chaturbate.com/ Name: affkey
Value: "eJwdjFEKgCAQRK8S+x1pJgkeoJ9OYaIlIYouREV3j/Vv3sxjXsBygu4AU16g78B4T3jIkotzSFWmQowUS9sQc9WMhWh2h1eoONgUmXiSkcrenqtALpI7J74R2Nhe7BRXD98P0O0hiA=="
.imagetwist.com/ Name: __cfduid
Value: dd99c38cca4ccf0dd542eed64ad8a75411584369256

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.exoclick.com
ads.exosrv.com
ajax.googleapis.com
cdn.impactslam.com
chaturbate.com
fonts.googleapis.com
fonts.gstatic.com
i.t.net.ar
imagetwist.com
img102.imagetwist.com
impactslam.com
sstatic1.histats.com
syndication.exosrv.com
www.google-analytics.com
i.t.net.ar
192.99.8.34
2606:2800:234:1f1f:1754:1fef:718:1223
2606:4700:11::6817:814d
2606:4700::6812:5a1f
2606:4700::6813:9c5c
2a00:1450:4001:808::200a
2a00:1450:4001:818::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
95.211.212.70
95.211.229.247
05d0e8f8d546da120784f8fa281b28b708db97c4ed67436d9c784c0aa2e8e2ef
215c8da4a91ecf7d26b64fa4d67ff1e0c48c113f24d75b18d795cb8a22852aed
234f42906768c402a9229459148fea2446ab214fe65e5ac75c8fbd11ac969325
27bedab8efb1f860d3e84387f08b2b17c25c8c92b8144315ec4f88ae2572e414
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2c59ccedfa6c1c06ea6c0958c3cf573249a1ef97570618ee531a8ef8baaaec82
3648d7314c1a12ecb373f9f81bc0d2db2ea6bb9667842494c23f456d0b3b85c1
39a6043a28d47ab7adfdf145846e460dee00a3f34269b8d72c51589dc7b91267
41d5c68a3fef5650df1f67b98fa607dc6f67d80b69e476f71496d0631023254f
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
491669a43a0f9e654cb26c64da416af8c0f33b05e9019979d79a6113c9fbb68e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5757a0cb74885086431384d44cff5b736b132fa91050657a3a54215eeb26131e
57b8336d132c933f414330faa45a394cb8ec064f7bae567fbe57bea1f70bc460
665d74b042b26fb23777b9c1b68cf16fca3ae20563d7e498aa42fe54a6b1bce5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7b042366a78c5d83d3db1efd2f7d1a0cf15cb5e5af93888dc9acc6fd1dd16c1f
7c911772b5d8be4599432fe7efae92350e47a59931b98bfb48a7273835af50a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f2e18548c2e8322da0db2161a54b518082d17773b0f1a9c8622c912fc91f344
971c08ef566887c0783bd38918d12c6b431f3601bb2c51dcfbd532b79a3ddce3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3c6ccd19e5c16faefbef429d042458b82c80af040f450b1ee208dba88d5b0df
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b31e73ab7bd68c40a2ca2bdf6336e01b6259bbf967601c76a674e98c636c2021
c6e1317cd8bf8d71afb176eb0f287f5bf806a97f5bcf8ea5057b405a9a14acdc
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
ced035b8c3cfb767800248597bb704d31eb209f4ca1b88b0d636f4488a8bbde3
e4273399cc0bc22e58b35f9f79fdf2705a39ddf4ad918ce852f2624e271d8248
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee84ebba4b7a4db1cb3caedfe204d7751e78ac9721d3ccc1332775a3d8ecb727
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f151cda58761791970ab87132de5ce588a377fb8a4b21aa6d1f25ad04b42b257
faac9f24a5e7720622e51368a8f3e5767bece0fc36ff4973a0fca22106e4cdac