urlscan.io logo urlscan.io
SecurityTrails logo

bg.ecasus.org Open in urlscan Pro
104.21.80.86  Public Scan

Go To Rescan Add Verdict Report
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 10 countries across 50 domains to perform 328 HTTP transactions. The main IP is 104.21.80.86, located in and belongs to CLOUDFLARENET, US. The main domain is bg.ecasus.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 7th 2020. Valid for: a year.
This is the only time bg.ecasus.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 104.21.80.86 13335 (CLOUDFLAR...)
1 188.166.135.13 14061 (DIGITALOC...)
1 13.225.78.64 16509 (AMAZON-02)
2 13.225.78.57 16509 (AMAZON-02)
2 213.174.135.24 39572 (ADVANCEDH...)
19 142.250.184.194 15169 (GOOGLE)
2 142.250.185.202 15169 (GOOGLE)
3 151.101.129.229 54113 (FASTLY)
6 151.101.1.195 54113 (FASTLY)
60 104.19.132.78 13335 (CLOUDFLAR...)
10 104.75.88.126 16625 (AKAMAI-AS)
12 34 93.158.134.119 13238 (YANDEX)
12 142.250.185.99 15169 (GOOGLE)
3 213.174.135.25 39572 (ADVANCEDH...)
1 2.18.235.40 16625 (AKAMAI-AS)
2 6 142.250.185.130 15169 (GOOGLE)
18 142.250.181.226 15169 (GOOGLE)
2 151.101.64.84 54113 (FASTLY)
3 216.58.212.130 15169 (GOOGLE)
1 142.250.186.129 15169 (GOOGLE)
2 178.250.2.146 44788 (ASN-CRITE...)
2 104.18.15.161 13335 (CLOUDFLAR...)
2 37.157.4.41 198622 (ADFORM)
1 147.75.38.124 54825 (PACKET)
1 8 37.252.172.249 29990 (ASN-APPNEX)
2 3 185.184.8.65 204995 (RTB-HOUSE...)
9 142.250.185.129 15169 (GOOGLE)
2 142.250.186.164 15169 (GOOGLE)
32 104.19.135.78 13335 (CLOUDFLAR...)
11 92.223.124.254 199524 (GCORE)
2 2.18.232.78 16625 (AKAMAI-AS)
5 18.232.230.29 14618 (AMAZON-AES)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 185.239.172.66 55081 (24SHELLS)
2 2 35.212.212.222 15169 (GOOGLE)
5 12 172.217.23.98 15169 (GOOGLE)
7 7 3.123.161.47 16509 (AMAZON-02)
3 3 37.157.2.238 198622 (ADFORM)
1 104.16.221.74 13335 (CLOUDFLAR...)
1 104.19.216.61 13335 (CLOUDFLAR...)
1 18.184.122.71 16509 (AMAZON-02)
2 2 76.223.111.131 16509 (AMAZON-02)
2 5 13.225.78.28 16509 (AMAZON-02)
1 184.73.102.165 14618 (AMAZON-AES)
1 69.173.144.165 26667 (RUBICONPR...)
1 1 62.149.0.72 15497 (COLOCALL ...)
1 144.76.120.254 24940 (HETZNER-AS)
1 35.186.238.232 15169 (GOOGLE)
5 142.250.186.98 15169 (GOOGLE)
6 78.140.185.32 35415 (WEBZILLA)
3 5 2.18.234.21 16625 (AKAMAI-AS)
4 142.250.186.166 15169 (GOOGLE)
1 2 46.228.164.11 56396 (AMOBEE)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 99.80.151.46 16509 (AMAZON-02)
1 1 18.210.5.212 14618 (AMAZON-AES)
1 1 185.86.138.132 201081 (SMARTADSE...)
2 142.250.74.194 15169 (GOOGLE)
2 2.18.232.130 16625 (AKAMAI-AS)
328 51
35    104.21.80.86 (None, )

ASN13335 (CLOUDFLARENET, US)
bg.ecasus.org
ecasus.org
1    188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
go4s.biz
1    13.225.78.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-64.fra2.r.cloudfront.net
cmp.optad360.io
2    13.225.78.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-57.fra2.r.cloudfront.net
get.optad360.io
2    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cst.cstwpush.com
na.nawpush.com
19    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
3    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
cdn.zx-adnet.com
60    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
10    104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
34    93.158.134.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
12    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
3    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
js.wpushsdk.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
18    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    151.101.64.84 (United States)

ASN54113 (FASTLY, US)
widgets.pinterest.com
3    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
adservice.google.com
1    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    104.18.15.161 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
9    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
2    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
32    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
11    92.223.124.254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
2    2.18.232.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-78.deploy.static.akamaitechnologies.com
player.aniview.com
5    18.232.230.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-230-29.compute-1.amazonaws.com
track1.aniview.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    185.239.172.66 (United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
12    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
7    3.123.161.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-161-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
1    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    18.184.122.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    13.225.78.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-28.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    184.73.102.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-102-165.compute-1.amazonaws.com
go1.aniview.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
1    144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro
serving.viewtraff.com
1    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
5    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
6    78.140.185.32 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro
serving.stat-rock.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
s0.2mdn.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    99.80.151.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-151-46.eu-west-1.compute.amazonaws.com
r.scoota.co
1    18.210.5.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-5-212.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    185.86.138.132 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
103 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
video-native.mgid.com
cm.mgid.com
953 KB
37 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
303 KB
35 ecasus.org
bg.ecasus.org
ecasus.org
1 MB
29 yandex.ru
mc.yandex.ru
72 KB
29 googlesyndication.com
pagead2.googlesyndication.com
717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com
tpc.googlesyndication.com
316 KB
12 gstatic.com
fonts.gstatic.com
250 KB
10 adnxs.com
ib.adnxs.com
acdn.adnxs.com
41 KB
9 addthis.com
s7.addthis.com
m.addthis.com
api-public.addthis.com
220 KB
8 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
112 KB
7 bidswitch.net
x.bidswitch.net
3 KB
6 stat-rock.com
serving.stat-rock.com
97 KB
6 zx-adnet.com
cdn.zx-adnet.com
43 KB
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 googletagservices.com
www.googletagservices.com
157 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 adform.net
adx.adform.net
c1.adform.net
2 KB
5 google.com
adservice.google.com
www.google.com
3 KB
5 yandex.com
mc.yandex.com
2 KB
4 2mdn.net
s0.2mdn.net
86 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
3 creativecdn.com
prebid-eu.creativecdn.com
creativecdn.com
862 B
3 jsdelivr.net
cdn.jsdelivr.net
10 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
227 KB
2 scoota.co
r.scoota.co
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 adsrvr.org
match.adsrvr.org
903 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
752 B
2 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
1 KB
2 4dex.io
script.4dex.io
22 KB
2 criteo.com
gum.criteo.com
621 B
2 pinterest.com
widgets.pinterest.com
509 B
2 wpadmngr.com
js.wpadmngr.com
25 KB
2 googleapis.com
fonts.googleapis.com
3 KB
1 smartadserver.com
ssbsync.smartadserver.com
457 B
1 stackadapt.com
sync.srv.stackadapt.com
725 B
1 travelaudience.com
ads.travelaudience.com
523 B
1 googleadservices.com
partner.googleadservices.com
441 B
1 viralize.tv
ads.viralize.tv
306 B
1 viewtraff.com
serving.viewtraff.com
415 B
1 sharethrough.com
match.sharethrough.com
262 B
1 lentainform.com
cm.lentainform.com
495 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 a-mo.net
prebid.a-mo.net
168 B
1 wpushsdk.com
js.wpushsdk.com
3 KB
1 addthisedge.com
v1.addthisedge.com
706 B
1 nawpush.com
na.nawpush.com
363 B
1 moatads.com
z.moatads.com
1 KB
1 cstwpush.com
cst.cstwpush.com
429 B
1 go4s.biz
go4s.biz
20 KB
0 e-volution.ai Failed
sync.e-volution.ai Failed
328 50
Domain Requested by
33 s-img.mgid.com jsc.mgid.com
32 ecasus.org bg.ecasus.org
ecasus.org
29 mc.yandex.ru 10 redirects bg.ecasus.org
27 c.mgid.com jsc.mgid.com
19 pagead2.googlesyndication.com bg.ecasus.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
17 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
cdn.zx-adnet.com
bg.ecasus.org
13 servicer.mgid.com jsc.mgid.com
cdn.mgid.com
video-native.mgid.com
12 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
bg.ecasus.org
12 fonts.gstatic.com fonts.googleapis.com
11 video-native.mgid.com cdn.mgid.com
video-native.mgid.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
8 cm.mgid.com jsc.mgid.com
s.adtelligent.com
8 ib.adnxs.com 1 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
7 x.bidswitch.net 7 redirects
7 cdn.mgid.com jsc.mgid.com
6 serving.stat-rock.com get.optad360.io
bg.ecasus.org
6 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
cdn.zx-adnet.com
googleads.g.doubleclick.net
6 cdn.zx-adnet.com bg.ecasus.org
cdn.zx-adnet.com
pagead2.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.googletagservices.com cdn.zx-adnet.com
securepubads.g.doubleclick.net
bg.ecasus.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 sb.scorecardresearch.com 2 redirects jsc.mgid.com
5 track1.aniview.com player.aniview.com
5 mc.yandex.com 2 redirects bg.ecasus.org
5 s7.addthis.com bg.ecasus.org
s7.addthis.com
4 s0.2mdn.net bg.ecasus.org
s0.2mdn.net
4 jsc.mgid.com bg.ecasus.org
jsc.mgid.com
3 c1.adform.net 3 redirects
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 api-public.addthis.com s7.addthis.com
3 cdn.jsdelivr.net bg.ecasus.org
get.optad360.io
3 bg.ecasus.org serving.stat-rock.com
2 acdn.adnxs.com get.optad360.io
2 googleads4.g.doubleclick.net bg.ecasus.org
2 r.scoota.co 2 redirects
2 match.adsrvr.org 2 redirects
2 creativecdn.com 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 player.aniview.com cdn.mgid.com
player.aniview.com
2 www.google.com tpc.googlesyndication.com
2 adx.adform.net get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 gum.criteo.com get.optad360.io
2 widgets.pinterest.com s7.addthis.com
2 js.wpadmngr.com cst.cstwpush.com
js.wpadmngr.com
2 fonts.googleapis.com bg.ecasus.org
securepubads.g.doubleclick.net
2 get.optad360.io bg.ecasus.org
get.optad360.io
1 ssbsync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 r.turn.com bg.ecasus.org
1 ad.turn.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ads.viralize.tv player.aniview.com
1 serving.viewtraff.com player.aniview.com
1 sync.adtelligent.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 go1.aniview.com player.aniview.com
1 match.sharethrough.com
1 cm.lentainform.com
1 cm.idealmedia.io
1 s.adtelligent.com cm.mgid.com
1 secure-assets.rubiconproject.com 1 redirects
1 prebid-eu.creativecdn.com get.optad360.io
1 prebid.a-mo.net get.optad360.io
1 717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js.wpushsdk.com js.wpadmngr.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 na.nawpush.com js.wpadmngr.com
1 z.moatads.com s7.addthis.com
1 cst.cstwpush.com bg.ecasus.org
1 cmp.optad360.io bg.ecasus.org
1 go4s.biz bg.ecasus.org
0 sync.e-volution.ai Failed
328 75

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-07 -
2021-11-06		 a year crt.sh
go1s.biz
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
cst.cstwpush.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
admin.musepresent.com
GTS CA 1D4		 2021-09-14 -
2021-12-13		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-27		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
js.wpadmngr.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
na.nawpush.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
js.wpushsdk.com
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.a-mo.net
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
serving.viewtraff.com
R3		 2021-09-05 -
2021-12-04		 3 months crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2019-10-21 -
2021-11-18		 2 years crt.sh
serving.stat-rock.com
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh

This page contains 23 frames:

Primary Page: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Frame ID: 9307CE021CF52FDCDBEBCC1F1AC15BA6
Requests: 259 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: A430F7A032978178223BC6EBD756751D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F2932278936FCBAACBB52D6460409757
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 4A7160F6E3231F4F99E96877CFDE3C2C
Requests: 1 HTTP requests in this frame

Frame: https://717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 35B9012F2E178F1072911E40C9F35773
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 290CC52BFE8B0B038730F52C9A233D05
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA3FF7CF3624597E33573AF23DB2EF05
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1632741601075674303809
Frame ID: 8D283D061DB0570091A51BFC498EC80C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: CF0407E2AAE9BA0AA399F52F719734FD
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: D3405C857BCBED4ACB0D9B533131E3E5
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Frame ID: 95E527B4F494262BF986317585B05DEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 43EED32AC364298B32EF8D8D2B54909F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Frame ID: AEA6A3CC0FE6BA9355DFEECFCB4054CE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Frame ID: 9AF088F6F53C94F2DDF3953C2D664A2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Frame ID: ED9D7B90EFD1E99D0E0B4D1246075259
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Frame ID: 728A8E204C409C315520765ABF5ADCF1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51784DD9C29211F7945BAB98C386ECA9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F33907A0BFD1C3886511D669BCCD3A87
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10311819/1624627736941/index.html
Frame ID: 84ECC4DE48954F6E1F50C70CED464BCD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1431FF2ECEDA7E4DBF3058DC4C7D268D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16EBED898EC10AD374F658097ABD7901
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1BB680DE27CC3B7183DAF7FE319A164B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CFCD629DCFEA335D4EAADAA9CD3F58DA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • wp-embed\.min\.js\?ver=([\d.]+)
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

328
Requests

99 %
HTTPS

0 %
IPv6

50
Domains

75
Subdomains

51
IPs

10
Countries

4015 kB
Transfer

9802 kB
Size

66
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9409.8Z-ONWF1oY2SIWAkaTUUfqKaRj5zOxDYx2X5D5wLrpgpZAqldRhMRV2XjsOuE_CR._C0uaAdTZbMqZHUABhngY9-ZT3c%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9409.aozvClb0Sxk7NlPhB7bUQ9S5RpnQmAonWKYVzXk-sabPB_KZb_SlOp93AqOp3quSeRstYd5UMqiFvtx-TmBFpw%2C%2C.9lDWOChPrFg1oEUec6kfBRKLWJE%2C
Request Chain 80
  • https://mc.yandex.com/watch/69123001?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A699533049636%3Ahid%3A284895772%3Az%3A0%3Ai%3A20210927111959%3Aet%3A1632741600%3Ac%3A1%3Arn%3A383999035%3Arqn%3A1%3Au%3A1632741600358184743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632741599168%3Ads%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632741600%3At%3A%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021 HTTP 302
  • https://mc.yandex.com/watch/69123001/1?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A699533049636%3Ahid%3A284895772%3Az%3A0%3Ai%3A20210927111959%3Aet%3A1632741600%3Ac%3A1%3Arn%3A383999035%3Arqn%3A1%3Au%3A1632741600358184743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632741599168%3Ads%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632741600%3At%3A%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021
Request Chain 145
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 147
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=d9052254-f8cf-4d12-b401-11522a503e0c
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhyMG1hT2tSVGs0&muidn=l8r0maOkRTk4 HTTP 302
  • https://cm.mgid.com/google?muidn=l8r0maOkRTk4&google_ula={guid},5&google_gid=CAESEFTm8aDR0qnMK1g3T-4LzoI&google_cver=1
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1051256417513033098&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&gdpr=&gdpr_consent=&us_privacy=
Request Chain 152
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=lwZzteMtrShvqYxeePdf&pi=mgid&tc=1
Request Chain 154
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8r0maOkRTk4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8r0maOkRTk4 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 155
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=7b5503ae-865d-441a-881b-de593a2baa3e&ttl=1635333601
Request Chain 214
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
Request Chain 215
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
Request Chain 217
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=3c934d8d8fda6a18
Request Chain 229
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.619611406498128 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.619611406498128
Request Chain 231
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.26482130812999505 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.26482130812999505
Request Chain 233
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.49367357150468205 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.49367357150468205
Request Chain 235
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.9922272024434944 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.9922272024434944
Request Chain 237
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.03661470499952624 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.03661470499952624
Request Chain 239
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.17887558357957767 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.17887558357957767
Request Chain 241
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.8629936066831336 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8629936066831336
Request Chain 243
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.6245821720156401 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.6245821720156401
Request Chain 245
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.8175244617880357 HTTP 302
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8175244617880357
Request Chain 270
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM%2Fzxm_smrcp&adk=2654965827&adf=816031637&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&fwrn=3&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632741602347&bpp=10&bdt=110&idt=89&shv=r20210922&mjsv=m202109220101&ptt=5&saldr=sa&cookie=ID%3D23e85613db3e46ac%3AT%3D1632741600%3AS%3DALNI_MYZcVp8W1dvVjNFu1-x4wjmBUMdrQ&correlator=6621360745534&frm=23&ife=4&pv=2&ga_vid=1685208917.1632741602&ga_sid=1632741602&ga_hid=1821478169&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=650&ady=491&biw=1600&bih=1200&isw=300&ish=250&ifk=3261926933&scr_x=0&scr_y=0&eid=44750344%2C44747621%2C182982000%2C182982200%2C21066431%2C31062853%2C31062919&oid=2&pvsid=3414835529483069&pem=11&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.hfihb1a79mx6&fsb=1&dtd=103 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Request Chain 272
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fforexox.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XAYXOTANo3e48OEAPTkf1uH0rqSmuY5rxkweJ_Mm_Jub9bGuIjPT0BgB-hLYN6nJUb3wCZ_2Of6KI4ODSPx9Jao0OsxhVuRnQ&dt=1570522235018&bpp=34&bdt=67&fdt=96&idt=96&shv=r20191003&cbv=r20190131&saldr=sa&correlator=1371334532534&frm=23&ife=1&pv=1&ga_vid=1422227996.1570522235&ga_sid=1570522235&ga_hid=1566189119&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=13&ady=55&biw=494&bih=670&isw=469&ish=534&ifk=1932075945&scr_x=0&scr_y=0&eid=368226300%2C368226305%2C368226310&oid=3&pvsid=4411048384339216&pem=579&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C469%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-5-19&ifi=1&uci=1.97it4yxn8qow&fsb=1&p=https%3A%2F%2Fforexox.com%2F&dtd=121&0.7829151158580214 HTTP 302
  • https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&C=1
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVGo44H3nm.CPk5c9fuCKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&google_hm=2
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGYpkAYLGR4_rdVQvcMoNAI&google_cver=1
Request Chain 294
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMzc1MTI1NzQ3OTI3MTI1Ng%3D%3D
Request Chain 302
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1&google_push=AYg5qPIrD5ybgpSsH0b3Rh-IPXgsuDtXrtA7jLQzKHi_eYwhxUXzpJaEKEtvcADAmAk68WUtgMaX1VKmTn3Q2yNb5ao5k_bCcOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNDI5NzM2NjU3NzIxMDQ0NA== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1
Request Chain 303
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDt7q3yzdiHmOiSyARHQXhg&google_cver=1&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU86Akz5EuPOF4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LL_uWf73RwKPdmQE-zm_6Q2&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU86Akz5EuPOF4
Request Chain 304
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJrp81VTkOHGyCU4mbWiJa0&google_cver=1&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbAtKC3ot0Q HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ae7951f7-b430-4a0e-9346-ebccd3fa0845&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbAtKC3ot0Q&google_hm=G7O1-BZATpWDLw4PWzspEw==
Request Chain 305
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMFlnJRpx1FFWKssycln_EI&google_cver=1&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1cUYSQrmtYv-ZCV5oAQkW-O HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MTI1NjQxNzUxMzAzMzA5OA&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1cUYSQrmtYv-ZCV5oAQkW-O
Request Chain 306
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP8tHCHPCpfOt97Izv_MjQA&google_cver=1&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ1h5BKRNEp4dd2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FemVCiPnRRlJWVTqOsBUqdiDckI&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ1h5BKRNEp4dd2Q
Request Chain 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ
Request Chain 308
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGXE_OBvsmId2LloOc_IpvA&google_cver=1&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQLl4CiOCBhjHNcTsWH880Rc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQLl4CiOCBhjHNcTsWH880Rc&google_hm=ODE5OTE5NDA2MjY3MDQzMjM0OQ%3D%3D

328 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request female-masturbation-17-facts-about-the-naughty-secret-1771
bg.ecasus.org/ 		79 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f62e44e6c931b7db3695b45c082c0f934cfadc39f43fe0ee8306fe27d9eb150
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bg.ecasus.org
:scheme
https
:path
/female-masturbation-17-facts-about-the-naughty-secret-1771
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
max-age=86400
expires
Tue, 28 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
access-control-allow-origin
*
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJHwxVgT20AYbmMK2cntDX%2BapAJjsc1FavRQkget6s1Z72vrXF7kSFtJu8Cto7gZ7IC%2BEjV5ZaZZesg0eMHQgPm9ATe1RkZ5OP4tgaAz2gA%2FWWBT%2BvddVb1TKtpEc619"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
695457136db0f9d6-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
go4s.biz/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go4s.biz/?te=gi4wgnzwmy5ha3ddf4ztqmbr
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
cae8542db075fb3b27ea542cb3e1b8b5628314e74b23c5d3c3cf6e6f453032b0
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 27 Sep 2021 11:19:59 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
701e95e6-7737-482a-9dc2-06280155425a.min.js
cmp.optad360.io/items/ 		497 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/701e95e6-7737-482a-9dc2-06280155425a.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 03:38:39 GMT
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
35637
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
497
x-amz-cf-id
fCEkcLCNvCN_PxvmvCA-ff2_GqCBm84BMwDzDlwLUcYScXwSjoS2yw==
plugin.min.js
get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/ 		288 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ad367910f045ef2ee71cf0b636a7283370c81abf0bdf0d4913d1d514ed41d8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:14:23 GMT
content-encoding
gzip
last-modified
Fri, 24 Sep 2021 17:26:16 GMT
server
AmazonS3
age
337
etag
W/"e2cb4e531002a1fc00336081c48599bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xWfh6V83AouUjki9Mok6d5tBp4jxr6fWYPp2UAzOWZkkuMZBkgxsQg==
adManager.js
cst.cstwpush.com/static/ 		217 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.cstwpush.com/static/adManager.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 08:45:08 GMT
server
nginx/1.18.0
etag
W/"61308f14-d9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 27 Sep 2021 12:19:59 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
fa3347e4170323e894c13c9b3f3aa8b23d4c4d59477296a05d62a826c5306f3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49916
x-xss-protection
0
server
cafe
etag
14668228164748662171
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 11:19:59 GMT
style.css
ecasus.org/template/classic-blog/css/ 		109 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/style.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
379a70e8585366281696a53d0d2650ea529eb22946bd929b595db45d1b58d9c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1b410-5c26ee1291c27-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un7H3oBGgXfl20%2F064qBfl3cztQh2m7yelv8Ml5LWfO7ygBV7u%2BlOiM6%2FysmEGXZ%2BID18ElgLWGh8yW%2FdxjVL8hbfi8Niq8PI5Fo8cYYKaOSm2EfSHmS065sL5YP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e20f9d6-PRG
expires
Sat, 09 Oct 2021 11:32:41 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
9696f42a45b17b372aadd26e007fbbe9c1740292781ff30213876b78a26ceb6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 11:19:59 GMT
server
ESF
date
Mon, 27 Sep 2021 11:19:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 11:19:59 GMT
td_legacy_main.css
ecasus.org/template/classic-blog/css/ 		285 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/td_legacy_main.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f68a4bc802b8c4a54806703e454489979bb6b543c97bdd82dd4921a9fbb5fd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
172038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"47400-5c26ee12a4505-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeTjcy4lMwQ2eWYHXVFArzXF7jl%2FAubUNWPx1A1%2Bmwp9MC53kU86LJXySWy6dZyfWNqsrNfGE%2FOu%2BM1fwkEzpqxdYssmB6vS8HZ7lPWwVJagi1TRExlCYBtqEgQy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e22f9d6-PRG
expires
Sat, 09 Oct 2021 11:32:41 GMT
td_standard_pack_main.css
ecasus.org/template/classic-blog/css/ 		494 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/td_standard_pack_main.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb8e4cf3a207c549950c5d8d2899b23f291245ed836391866d6e40838b45851d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7b614-5c26ee12b9cc3-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igq%2FuQ0Gj1t1zkc7jBRX4wVdopDLjCI4O7CQiPSMCLx1TP8xYh1QKXiht5V4HcsFeuHz6DaHIaYoHqfpgBPE0n%2BsjTrJRN8mgg7eFIinMzPhxofop6SV00j6%2FA1U"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e21f9d6-PRG
expires
Thu, 30 Sep 2021 09:10:08 GMT
demo_style.css
ecasus.org/template/classic-blog/css/ 		41 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/demo_style.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5239a9bff8ddc0e588af27ffa74890237741b97f808b5a983cfc69ca19d3249c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
660013
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a346-5c26ee1154627-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txnXbmzJdqVEtqcb%2BKMdNYYUhe1f7W3RoOM31PQJWRf3ycF9iwQ4y1CGG6GctuOis2Qqtm0kPsthVrBGO0wBt5meaCz4f4wlOFb6fLdZEn%2FUYgV7MUDprFhHcVS1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e24f9d6-PRG
expires
Sun, 03 Oct 2021 19:59:46 GMT
tdb_less_front.css
ecasus.org/template/classic-blog/css/ 		80 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/tdb_less_front.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39a60a6bc028590db1ec256ab65215a935c7ba79ac714aba34113a31e1e06ad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
938047
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"14157-5c26ee12785e9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3G7wQOT36HwFG%2BywSmDdzGtJvMNKlxHqrZGmTVIpSk47W9gozlGBe2hzNcNkUDNxp1PDMu9B%2FIrunqOYQxMGrp78HxUjmKdKnc3DhIjn0jaG5GL7RQrhux9jtDW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e23f9d6-PRG
expires
Thu, 30 Sep 2021 14:45:52 GMT
jquery.js
ecasus.org/template/classic-blog/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/jquery.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1103118
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"17b98-5c26ee169707e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3en9Mk0tcFuWjnO6%2Bf7TW%2BRmM0Z%2FjwUxFHMhXY2%2BieBh9oIdIoryYjRt0hE6pSkjioEsdD6YNswL1r0So15DPf6SEsbCFsFXeJULZ6FrQrwBIrwTh%2Bbgc8ehEQ6F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e25f9d6-PRG
expires
Tue, 28 Sep 2021 16:54:41 GMT
jquery-migrate.min.js
ecasus.org/template/classic-blog/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/jquery-migrate.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1182909
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2748-5c26ee1673e02-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBbiVbNI4W0Z5%2F3U3CCPW8ApTsnaVAWsc8dtPFXAqghnXLdNJdGiuRD5h2mTYCa5WveHxI9RL556mrcWGitwmWahq2vEcowPFNQkiS97odisA8g6tYWe35BfkBNe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
695457141e26f9d6-PRG
expires
Mon, 27 Sep 2021 18:44:50 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28368
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
1299
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by
cache-fra19171-FRA, cache-hhn4025-HHN
x-jsd-version-type
version
date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
smrcp_19121001.js
cdn.zx-adnet.com/adx/ 		144 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Mon, 13 Sep 2021 06:21:51 GMT
x-timer
S1632741599.482582,VS0,VE2
etag
"5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by
cache-fra19144-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Mon, 27 Sep 2021 11:19:59 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19503
x-cache-hits
1
female-masturbation-17-facts-about-the-naughty-secret.webp
ecasus.org/img/dating/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/female-masturbation-17-facts-about-the-naughty-secret.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8361f4ecccad66f1efd5070c00a599ceadad45ed0c0b0d666991390a514cb7f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29612
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:34:09 GMT
server
cloudflare
etag
"73ac-5c26e57391d55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMEjURvb9A1Bi87rRz3pOL%2FCw6oeOBTKyPYFgVqBlAq5fwrTbLmtAJ1Pa8tdw03uVfxpfCpbfRkYX3uzdCBOMc85hiEziS2xHoShp5pl6wG365wK3O5w4oi7XmKi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a956f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
warbletoncouncil.org.1102315.js
jsc.mgid.com/w/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9211eb23d9445c99e9aa0b10dbf1574394cd32eb3d15ea3438affe02776682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
age
6910
last-modified
Thu, 16 Sep 2021 11:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
N5H6QGD4TY22V1N1
x-amz-id-2
pWgm7vgOG4nkfilXd3HV6Zh3rqwTzHEYs/0ZmxS6clvYmSYUb3aXgzG+KOckiC61nf/GcZjrlMQ=
cf-bgj
minify
server
cloudflare
etag
W/"1ade4d38538dd9561a6039c7e603f05b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
69545714dc064e68-FRA
expires
Mon, 27 Sep 2021 14:19:59 GMT
warbletoncouncil.org.1101801.js
jsc.mgid.com/w/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8fc9a46666858fef80891b943c4ce7c4286d358fa97f0325fdce1d40fe4b8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
age
17
last-modified
Thu, 16 Sep 2021 11:10:08 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
2QRCANKJX8PTK5JB
x-amz-id-2
WalbtVF4Gfl+7M51M5JQLK2Jvkl6v94OCfveuESeW1bCcbLNFq4UjsqF4xRakh1vbNF4HBuxxo4=
cf-bgj
minify
server
cloudflare
etag
W/"0f5968d7268dcdde43f904f8776d4aba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
69545714dc094e68-FRA
expires
Mon, 27 Sep 2021 14:19:59 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 27 Sep 2021 11:19:59 GMT
x-host
s7.addthis.com
content-length
116325
top-10-worst-mistakes-couples-make-in-a-relationship.webp
ecasus.org/img/dating/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/top-10-worst-mistakes-couples-make-in-a-relationship.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
083007b3ce2a39567dfa256c6bad0918723b5036d01dc3942936a8d88d26cba3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28056
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:36:08 GMT
server
cloudflare
etag
"6d98-5c26e5e5dddb9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RLstrfaeQ7Ci0lqRC4F9ry%2FGSdZ6GCo8D29XkzXdsWnreLxcdq%2B8i8bq%2B41fJt%2B9SMPmCOoL9VbM%2BMQ6UWonaYwZZDmD3pKJfswzFhqCLwGBFDm6KmqijMaxCup"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a958f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
6-reasons-love-crumbles-at-3-years-and-ways-to-fix-it.webp
ecasus.org/img/dating/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/6-reasons-love-crumbles-at-3-years-and-ways-to-fix-it.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e773370c6c96981ac5eb8f0088c94271b6a07e4589040c0062c5a9f44cb76d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51048
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:33:35 GMT
server
cloudflare
etag
"c768-5c26e55336d54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScB3lmm3rOKM89MgxMOWfxcBlbzdNO%2FipKHdweJFmB%2BuQpZjnYLjB4M9e2iDwdh1pLY2SkdLuNx4%2Br4bOEAY%2BTAo47P0fXKwwqLuwEdEbJEC5zFGfSEtnjQjG0l4"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a959f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
a-letter-to-the-man-who-wasnt-ready-for-my-love.webp
ecasus.org/img/love/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/love/a-letter-to-the-man-who-wasnt-ready-for-my-love.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744a60d2c0eacc6341e092aef2810127db48a13d969109df4fcec39f1162a2c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15008
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:49:54 GMT
server
cloudflare
etag
"3aa0-5c26e8f99ecd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6%2FteP5nf6McQUwsxltShIfewZhznWBWZDxis1Oh%2FYXvTYsM19FPxbuaDqDtkoFYM6Rplwjv9H5gQ4NPiRWbR4Z2%2BVZfUu6qaUjP67rsTkd8f3jU9aM%2BteDzEObV"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a95af9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
something-is-off-in-your-relationship-how-to-read-the-right-signs.webp
ecasus.org/img/dating/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/something-is-off-in-your-relationship-how-to-read-the-right-signs.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af468e8cd644877f48ad260e1711a3103629fc5a0f9527d9a8524ef88a27fc90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40950
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:35:53 GMT
server
cloudflare
etag
"9ff6-5c26e5d6f77f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOzi9h5MT7uKvJ97E95ONn3rmDrmns4hoosJqHKIyrZlaijeCtHbpkth3fu%2BqelLZmFG4bPf%2BovP0OV5snR6YVhw2mfhrwJLA%2B4SZWzHK7MupGbf50Hp9jK3lF0H"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a95bf9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
freaky-porn-the-top-porn-searches-and-the-crazy-things-we-watch.webp
ecasus.org/img/dating/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/freaky-porn-the-top-porn-searches-and-the-crazy-things-we-watch.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d8e0da70a7a3c000ce3662c0c33129cd7f2db1f332189472755bf83039d068e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27490
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:34:11 GMT
server
cloudflare
etag
"6b62-5c26e57573445"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqZ8XIOLdEgFhwzgdO1AImgd2tQ9VUxLw%2BPynWgcCalH05RSDGQ4hlYpg1ZgKSyyWfksTljaLjq7Kt9IsCRedyn3RQhPP0SVFZOliStR7mil2yg8zaAXqHnEayVu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a95cf9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
10-signs-you-have-a-love-addiction-and-arent-actually-in-love.webp
ecasus.org/img/dating/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/10-signs-you-have-a-love-addiction-and-arent-actually-in-love.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e9b7cebe096da278aff227bd4290a919259d59024e4b3fec8965cad694b196
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36294
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:32:46 GMT
server
cloudflare
etag
"8dc6-5c26e5249d700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TP%2BqKEazzgj2RUSDuSbOJLxYpv0c2yaWVgJOKqEza%2FVQHWIsn5tBEENlR46V5xFwXeEgO1yhAJE7mxx1TcHqmb4A3Wu%2BE6cBF3Yx7tPtrKWqvXlR8Pa64KEiTSin"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a95ef9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
12-foolproof-ways-to-stop-thinking-of-your-ex.webp
ecasus.org/img/dating/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/12-foolproof-ways-to-stop-thinking-of-your-ex.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
044b59dc39b3365bb7d051708f1773e7db552e52e2ef2fc7ef38d038f9de52b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29108
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:32:54 GMT
server
cloudflare
etag
"71b4-5c26e52bf3524"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rjIICTzY34Laph%2Bb%2FwObOz1yKSqgEZ7vgkyL%2FUshddIfFuo3yc01YYGgLky79WOQKjLmAqV%2FSZnvUiUzvM%2FPxQjUXSptE6Wtt%2FkFJLUjg4ttRfe%2BHRkXCjGI%2BcS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a95ff9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
how-to-recognize-the-signs-your-ex-is-pretending-to-be-over-you.webp
ecasus.org/img/dating/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/how-to-recognize-the-signs-your-ex-is-pretending-to-be-over-you.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d4f84548e74b1ea84c0e518befe96efa13cc5fabda1f13a408360479e85ca0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31916
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:35:03 GMT
server
cloudflare
etag
"7cac-5c26e5a7e2154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5onRUUJTIRxnkr3u46M%2BQin8y%2FKGqgVSUGwj0XNe2Ln8JQ9UN4IQmWY6WcgSAM4L5VkGVa9Sdak4ZFtAkUq4N4Hgrt0RYCpQBfyby27z1bI7iEvkI71ppruFYvy7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a960f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
what-does-a-third-date-mean-for-guys-a-guide-to-read-his-mind.webp
ecasus.org/img/dating/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/what-does-a-third-date-mean-for-guys-a-guide-to-read-his-mind.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f247b465fa59a0897b4a14a79df64e7d6994fb9c40a27e17a9f6ca673e4cb961
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
61690
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:36:14 GMT
server
cloudflare
etag
"f0fa-5c26e5eadd1f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LykRt95beStts53r%2FsIjP4L54Unq4FTYHPloqF9szJYiGOBXiSFYYb1PeMpm3MQoHCZefPCjgis9O2FykLGshr09H8tDD9H38RAmrHanGDlMZVBuwBcfxtpUKq7Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a961f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
wooing-the-girl-of-your-dreams.webp
ecasus.org/img/dating/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/wooing-the-girl-of-your-dreams.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc84249222109c97552fb70837366a2425141a92626b2eaabae43a49a22ac44
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
65216
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:36:32 GMT
server
cloudflare
etag
"fec0-5c26e5fc20efb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWloNNOHBgXHLN3pPh2jKnlJvtwXSm4qXp1tgsx%2F%2F%2FH01ucsTGcnECnnVc4SKJrdQlLRXcHE%2FvfIjohwxfSBhNC%2Bq3eV%2FoiDOlu7Jgmcs%2BqYCtcAb4r99tshVph7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a962f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
romantic-sex-15-ways-to-go-from-ordinary-sex-to-romantic-fantasy.webp
ecasus.org/img/dating/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/romantic-sex-15-ways-to-go-from-ordinary-sex-to-romantic-fantasy.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
139acda9e3a57f34716543ceb657485a6e1aa5070db8de9193857fd294d9f4cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39810
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:35:43 GMT
server
cloudflare
etag
"9b82-5c26e5cdf3f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhy7In5q6F%2BZD89sEaqkj8oPtlpDtEheK473GEZhuhVGnjo0H9%2BS4xqhK2SAUim2lmlbpQvx3fBgqmDvLwauPiuwC9aNPNI1LFcL83u0B1PnehVjdL1H6hfnd2Nl"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a963f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
8-long-distance-relationship-problems-and-how-to-make-it-work.webp
ecasus.org/img/relationship/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/relationship/8-long-distance-relationship-problems-and-how-to-make-it-work.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1753b9f4dc54ff33299cb92f28b5437c8c39d6998b53615d6ae0ac59aba3e60c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16868
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:02:30 GMT
server
cloudflare
etag
"41e4-5c26ebca447d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhnNJ5ah9inPct%2FxBIHHAYQ2c%2BmtqzZ1d%2BPYZBAWwLCzj8TCE4kQXR9YGazxo%2FXfdqM3obq2RUuQlQfAuH6DqweYukcrEuTItat5j8Jt4KAXF7b1FKO91Cpmj7uC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
69545714a964f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Mon, 27 Sep 2021 12:19:59 GMT
underscore.min.js
ecasus.org/template/classic-blog/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/underscore.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
665240
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"401a-5c26ee1705613-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RInNQW1pZy7amukaq0alraowp9Gqf8kZZhB3mwdnmLyHLAGuITxkfhvVJ9Scgoy1vv1lLJxEM5g%2FGXV5xWHCGvQQFZfpv14b0%2BZfJ0aSB1YXEAoNVztDHp0UOD4d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714a94df9de-PRG
expires
Sun, 03 Oct 2021 18:32:39 GMT
js_posts_autoload.min.js
ecasus.org/template/classic-blog/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/js_posts_autoload.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b03341a2867bf1ebb28ffa17c2495bab11d119c0b0ed36884cfe620b217cb6f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1101923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"13c2-5c26ee16d48d8-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E7wGjt48Dw3jOjWok28xUg%2Bmtn48oEyxo53cvjy58IpbXcud3sNciKA0Ml8I%2FpDTDGj4f1kqgMOj4bnc9e7FT3cYwLfyIqIokrr0sTziwNTSUHjqW46NRqtsUcA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714a950f9de-PRG
expires
Tue, 28 Sep 2021 17:14:36 GMT
tagdiv_theme.min.js
ecasus.org/template/classic-blog/js/ 		224 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/tagdiv_theme.min.js?ver=10_d2
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af5c891e746f5ccc60c2aad543eef0fd5e0f7404da5714eaffc0d81c172c3ef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
938044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"37e34-5c26ee172b76f-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw8K7KfcoO%2F%2FT10uf7VQTOljxpX%2FZ2fkvVQjnHtZYFEdoA%2Bjj6ILnMWMdtWACPl2aN3HTn62whyxH1c8pdYvlQ%2BrPCQ52dTKwPbyYhDJEJq%2FCMsOo%2BWC%2Fh3R4pid"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714a952f9de-PRG
expires
Thu, 30 Sep 2021 14:45:54 GMT
js_files_for_front.min.js
ecasus.org/template/classic-blog/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/js_files_for_front.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fd359287a75a0475a99d7776414120569605ba2b6e8a082f2d375d092d3b52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1128541
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"346a-5c26ee178e185-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Gqn8P2BMVSZG2vxceBiaFaG3QUn9F7z4RoHZsClIY4eoFbQ1kobS8Q4Fo8Tm2fYftuW8sziCsyQESbRmZcLgVNPOJg7mnHlRqLOEGe7Yu7fFqF7%2FZIlYL0p0vv3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714a954f9de-PRG
expires
Tue, 28 Sep 2021 09:50:58 GMT
wp-embed.min.js
ecasus.org/template/classic-blog/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/js/wp-embed.min.js?ver=4.9.8
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
938044
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:47 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"576-5c26ee16be17a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaa0O4%2BfIHu08dTIXqTRtEGhu5WZtkXywXNyUbYib%2BqyDmSjnVo6DA3o6dc%2BYkImMUH%2BKWMbQcEdvduT%2Bt9H9fcP0ahmrKn6eUTimIXZ8WGDYtb0HliRYhDmF5OT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714a955f9de-PRG
expires
Thu, 30 Sep 2021 14:45:55 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28368
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
6756
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
x-served-by
cache-fra19153-FRA, cache-hhn4025-HHN
x-jsd-version-type
version
date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
blog-menu-bg2.jpg
ecasus.org/template/classic-blog/css/newspaper_classic_blog/wp-content/uploads/2016/05/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/template/classic-blog/css/newspaper_classic_blog/wp-content/uploads/2016/05/blog-menu-bg2.jpg
Requested by
Host: ecasus.org
URL: https://ecasus.org/template/classic-blog/css/demo_style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ecasus.org/template/classic-blog/css/demo_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
ecasus.org/template/classic-blog/css/ 		121 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ecasus.org/template/classic-blog/css/newspaper.woff?17
Requested by
Host: ecasus.org
URL: https://ecasus.org/template/classic-blog/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ecasus.org/template/classic-blog/css/style.css
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492950
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:12:43 GMT
server
cloudflare
etag
W/"1e260-5c26ee1267c4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FfijzYluAVnsscRSSH1OGEaa1BzjU%2FBy4Y%2BNpxWY5alWLSfiUmrOAiFdCTth%2B%2BFV%2FsTJ%2BQYHxF5MBszsjDC5PYIlUBvll8hkHB6cRewz9hHFSs%2BmI%2FjlJwaskWJ"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
69545714dcaf278c-PRG
expires
Tue, 28 Sep 2021 18:24:09 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
324928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:04:31 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
e167af37f1fd882edf7bcf15a703c25607ae273a016e9e892be7b2526b3717bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:08:17 GMT
x-content-type-options
nosniff
age
324702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24780
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:04 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:08:17 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDTbtPY_Q.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDTbtPY_Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
193bdf6c4a5fbbb3fa5c0bf95c10d868da4857a3971b7fcd2da8d386c89ad4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:53:48 GMT
x-content-type-options
nosniff
age
23171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16388
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 04:53:48 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 17:06:14 GMT
x-content-type-options
nosniff
age
324825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 23 Sep 2022 17:06:14 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 22:06:16 GMT
x-content-type-options
nosniff
age
393223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28568
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:30:38 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 22:06:16 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
413299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:40:33 GMT
x-content-type-options
nosniff
age
412766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:40:33 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:38:41 GMT
x-content-type-options
nosniff
age
412878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:38:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
413296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
warbletoncouncil.org.1101801.es6.js
jsc.mgid.com/w/a/ 		234 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
373d80436599df05b3a76f7808839be76e83b5a63cfd4fc41ec25e1512aff3dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Sep 2021 11:10:08 GMT
server
cloudflare
x-amz-request-id
NC60HR8M8RSWAZHE
etag
W/"c548c67f94697327cb160ef681d050e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6954571548d14eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
uz1EdnLnU2c5hBc2irAZGbncLNNKtixracLIJABSJreF4K7DqahBlpt+XdHTI/6ch+K4f76H9FM=
expires
Mon, 27 Sep 2021 14:19:59 GMT
warbletoncouncil.org.1102315.es6.js
jsc.mgid.com/w/a/ 		233 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47dfb0c50adcc7e2a60e215010b6ace3fcc83eb8ceb13871ecd80c4598679bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
br
cf-cache-status
HIT
age
6896
last-modified
Thu, 16 Sep 2021 11:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
N5H8E16CCMDZPS10
x-amz-id-2
DfWamlF4wyuHtMPD/U8TkS9gBKqy4QGoxhwGmuQbL9y7zT/ffZI1sCDoH/83p3dXmAldYENimLk=
cf-bgj
minify
server
cloudflare
etag
W/"7e7bb69e5982602a6b98dd3bb41078ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6954571548cd4eaf-FRA
expires
Mon, 27 Sep 2021 14:19:59 GMT
abs.js
cdn.zx-adnet.com/adx/ 		200 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/abs.js?
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Mon, 13 Sep 2021 06:21:51 GMT
x-timer
S1632741600.562569,VS0,VE2
etag
"437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by
cache-fra19144-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Mon, 27 Sep 2021 11:19:59 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
118
x-cache-hits
1
adManager.m.js
js.wpadmngr.com/static/ 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: cst.cstwpush.com
URL: https://cst.cstwpush.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fc2d7e2e227883c1ad3ab84d15f45e22d8a0bb7760ff0b9867e94bf7a3cb640f

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 20:32:39 GMT
server
nginx/1.18.0
etag
W/"614ce467-fd96"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 27 Sep 2021 12:19:59 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=57718
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame A430 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 27 Sep 2021 05:09:11 GMT
expires
Mon, 11 Oct 2021 05:09:11 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
22248
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:39:18 GMT
x-content-type-options
nosniff
age
412841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:39:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700&display=swap&ver=10_d2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
413296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
smrcp_19121001.js
cdn.zx-adnet.com/adx/ 		144 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Mon, 13 Sep 2021 06:21:51 GMT
x-timer
S1632741600.725385,VS0,VE0
etag
"5b3dfee603f4fa43f768bcdb3f5f4a2cdce1c019b73ecbe79f7cb0d0ca77d787-br"
x-served-by
cache-fra19144-FRA
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600,public
date
Mon, 27 Sep 2021 11:19:59 GMT
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive
content-length
19503
x-cache-hits
2
checkabuse
cdn.zx-adnet.com/ 		56 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/checkabuse?surl=https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
x-powered-by
Express
x-cache
MISS
content-length
65
x-served-by
cache-fra19144-FRA
server
Google Frontend
x-timer
S1632741600.741832,VS0,VE232
etag
W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary
cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type
text/html; charset=utf-8
x-cloud-trace-context
00f5839f1b769872742ba1c9edb3c83c
cache-control
max-age=3600,public
function-execution-id
wy3947f71z6s
accept-ranges
bytes
x-orig-accept-language
de-DE,de;q=0.9
x-country-code
DE
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
17c5903cb63980173f74669213b34aa508c3ee28725aa317f4af1208afb6b679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 269 of 1000 / last-modified: 1632732756"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 11:19:59 GMT
prebid4.39.0.js
get.optad360.io/sf/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid4.39.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 13:58:24 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 10:44:35 GMT
server
AmazonS3
age
7939296
etag
W/"e020700f5effdce1f4be56434553da72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
MoFMR_DzRHtWxzCUQhSjt5bJk8nu4kVnzYjhIysLFmho5s4FxuwRHg==
boxers-or-briefs-what-girls-like-how-to-know-what-works-for-you.webp
ecasus.org/img/dating/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/boxers-or-briefs-what-girls-like-how-to-know-what-works-for-you.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b62430c67162c02dfae06a1a502af1f2ea87ffc702fb6d5445a6e19641f98c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49628
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:33:52 GMT
server
cloudflare
etag
"c1dc-5c26e5639a0af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvDgdAyveP5T5JyBT%2BkXkRsy9Oix4RYO4gEd9Bs7YTDUId95zFvtWP31NyZKOegExf21NOeDF5xvz82L3MG9BdvLFIjJ0Q6ay2A5GOht3Eg5Ycnzv2lCLQNAdLEO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
695457169b08f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
im-begging-you-please-leave-me.webp
ecasus.org/img/love/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/love/im-begging-you-please-leave-me.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b465dfcd8aebb72e225ac9d729cda97473cdc1550011250f417c3242ff5b71
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
58428
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:52:17 GMT
server
cloudflare
etag
"e43c-5c26e9813f9f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsPlkBB7rdBpPS2qbJfVaoIBB%2BmS2NR4eU3UB%2FILLTS2Q15cuIj0diWxpGwA5160JpJhB9%2F8YhtbomWmr2Cg%2BY6J1Bz9p9QqW%2Fof%2B37KWK3Zsc4Itc48azB0GTVC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
695457169b09f9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
how-to-ask-someone-if-they-like-you-without-embarrassing-yourself.webp
ecasus.org/img/dating/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/dating/how-to-ask-someone-if-they-like-you-without-embarrassing-yourself.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8a1147897e0fc7fc337a0b46e57999a3582c8fde88934dff9e9dff6eea0f56
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
51896
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 08:34:21 GMT
server
cloudflare
etag
"cab8-5c26e57f1506d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJXZT9J2oI4Itpkh0PiFBCmRPWf5FUD74%2FJoxbzpKGZkuWRE5Zk1QhGZHVfUudZwFeBYHe0BMblmuXgqBVcHX0hhH4PHoaTGUTHIzHOciF7aHYS2QGwXOgLuWRKT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
695457169b0af9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
6-reasons-you-shouldnt-let-your-ex-crawl-back-into-your-life.webp
ecasus.org/img/relationship/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/relationship/6-reasons-you-shouldnt-let-your-ex-crawl-back-into-your-life.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5f70c5fb0cda9df50d1ea168efa19f63b1fa125c5cf20b6c91476a3c2c2120
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19980
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:00:50 GMT
server
cloudflare
etag
"4e0c-5c26eb6a8753e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5rXxt%2BpGIlk6FmqS4xCyNCk3BmdtLLIWKYdZkH6bReujRedN%2B%2Bxh%2BUE6No%2Fe48ahKTfwh7HuW2QtaXVsq6X%2B0MGvO0RHjJbV4j4KF0cSYLT%2F8goIWykFeaHk9nE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
695457169b0bf9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
6-flirting-moves-no-man-can-resist.webp
ecasus.org/img/relationship/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecasus.org/img/relationship/6-flirting-moves-no-man-can-resist.webp
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a949da5686480021bb9c1d1ff6fafc8ca8a03c846a7d81cb0d90e9eb7f5eac
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49546
x-xss-protection
1; mode=block
last-modified
Sun, 16 May 2021 09:00:44 GMT
server
cloudflare
etag
"c18a-5c26eb65350e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiikyprzuWr7c5KmeyLj8yCKsNaYIcvaAGRiBjTCbQT1BrBelhktQpnSud3CGYlG1iIlTs441dEKpRhfb7DObOZeUBE4s3C4ET8QZdiuuq4PwBHxUbF7foW2IEMg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
695457169b0cf9de-PRG
expires
Mon, 04 Oct 2021 11:19:59 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9409.8Z-ONWF1oY2SIWAkaTUUfqKaRj5zOxDYx2X5D5wLrpgpZAqldRhMRV2XjsOuE_CR._C0uaAdTZbMqZHUABhngY9-ZT3c%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9409.aozvClb0Sxk7NlPhB7bUQ9S5RpnQmAonWKYVzXk-sabPB_KZb_SlOp93AqOp3quSeRstYd5UMqiFvtx-TmBFpw%2C%2C.9lDWOChPrFg1oEUec6kfBRKLWJE%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9409.aozvClb0Sxk7NlPhB7bUQ9S5RpnQmAonWKYVzXk-sabPB_KZb_SlOp93AqOp3quSeRstYd5UMqiFvtx-TmBFpw%2C%2C.9lDWOChPrFg1oEUec6kfBRKLWJE%2C
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9409.aozvClb0Sxk7NlPhB7bUQ9S5RpnQmAonWKYVzXk-sabPB_KZb_SlOp93AqOp3quSeRstYd5UMqiFvtx-TmBFpw%2C%2C.9lDWOChPrFg1oEUec6kfBRKLWJE%2C
date
Mon, 27 Sep 2021 11:19:59 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1788
na.nawpush.com/tags/ 		241 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/1788
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
850ebe5afa86a299ed655f0dd371f0bb4c80e38b73d855edf5139c3475f0d7f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 27 Sep 2021 11:19:59 GMT
cache-control
max-age=300, public
content-type
text/plain; charset=utf-8
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 27 Sep 2021 12:19:59 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 27 Sep 2021 12:19:59 GMT
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-60ffe60bcf8f5055/ 		1 KB
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-60ffe60bcf8f5055/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4c5c0a8f2d1b93748b0979fc9faf4024442686b59854d14224a0027869cfa93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
etag
-1106550053--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=36, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
529
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6151a8df247164ee&bkl=0&bl=1&pdt=180&sid=6151a8df247164ee&pub=ra-60ffe60bcf8f5055&rev=v8.28.8-wp&ln=bg&pc=men&cb=0&ab=-&dp=bg.ecasus.org&fp=female-masturbation-17-facts-about-the-naughty-secret-1771&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1632741599851&jsl=1&uvs=6151a8df8f3018ca000&skipb=1&callback=addthis.cbs.jsonp__76860643361358470
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c80361a43b0c373f76dd7543443b36f5a281fa434c91f286f1ceb05e59dacfc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F293 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 4A71 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
client.bg.min.json
s7.addthis.com/l10n/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.bg.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
49ed008d8772c6163ba08acf4eea413aba84650f2a4185e7b2166b87036e25e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-145f"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
date
Mon, 27 Sep 2021 11:19:59 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1999
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210927
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
28254
x-jsd-version
1.0.1112
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
content-length
953
etag
W/"695-HwbnefgGmL4f3mqH04jBDIcX10Q"
x-served-by
cache-fra19147-FRA, cache-hhn4036-HHN
x-jsd-version-type
version
date
Mon, 27 Sep 2021 11:19:59 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pubads_impl_2021092101.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120556
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 08:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 11:20:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		32 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.ecasus.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e51e1f0de62cdf7350ba101a575ab33d06ff8c01efd2376c055f9d59cf5386e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48
x-xss-protection
0
expires
Mon, 27 Sep 2021 11:20:00 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 27 Sep 2021 11:20:00 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
1
mc.yandex.com/watch/69123001/
Redirect Chain
  • https://mc.yandex.com/watch/69123001?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2...
  • https://mc.yandex.com/watch/69123001/1?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/69123001/1?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A699533049636%3Ahid%3A284895772%3Az%3A0%3Ai%3A20210927111959%3Aet%3A1632741600%3Ac%3A1%3Arn%3A383999035%3Arqn%3A1%3Au%3A1632741600358184743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632741599168%3Ads%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632741600%3At%3A%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
5dc853e31e63192ddad176308d87564ac24d9e39c2042e2afaadcd38806c9284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 27-Sep-2021 11:20:00 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
last-modified
Mon, 27-Sep-2021 11:20:00 GMT
location
/watch/69123001/1?wmode=7&page-url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A345%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A699533049636%3Ahid%3A284895772%3Az%3A0%3Ai%3A20210927111959%3Aet%3A1632741600%3Ac%3A1%3Arn%3A383999035%3Arqn%3A1%3Au%3A1632741600358184743%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632741599168%3Ads%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A50%2C37%2C70%2C17%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632741600%3At%3A%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021
strict-transport-security
max-age=31536000
access-control-allow-origin
https://bg.ecasus.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:00 GMT
csub.js
js.wpushsdk.com/npc/sdk/wpu/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 06:06:24 GMT
server
nginx/1.18.0
etag
W/"61233ae0-1e8b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 27 Sep 2021 12:20:00 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
14.2dfb61b890959f78272d.js
s7.addthis.com/static/ 		397 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/14.2dfb61b890959f78272d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-18d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 27 Sep 2021 11:20:00 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
304
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
last-modified
Mon, 27 Sep 2021 11:00:00 GMT
server
nginx/1.15.8
date
Mon, 27 Sep 2021 11:20:00 GMT
content-type
application/json
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
count.json
widgets.pinterest.com/v1/urls/ 		127 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&callback=window._ate.cbs.rcb_itsd0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17f63aef9f754cf0f4a0f141c4c266ea0f15799499f02d40145083a7ca990bae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
2669749202028304
expires
Mon, 27 Sep 2021 11:35:00 GMT
shares.json
api-public.addthis.com/url/ 		32 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&callback=_ate.cbs.rcb_do80
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
0b4764f64d863521a29c559ba9384821844d5445d0273921f7b28fc11d74e738
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
last-modified
Mon, 27 Sep 2021 11:20:00 GMT
server
nginx/1.15.8
date
Mon, 27 Sep 2021 11:20:00 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
52
count.json
widgets.pinterest.com/v1/urls/ 		126 B
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&callback=window._ate.cbs.rcb_85hl0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4eb2ed04438c11c4ff98d8d9527ccabfc078b873d0882da321c5e54063aad007
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
must-revalidate, max-age=887
x-envoy-upstream-service-time
3
accept-ranges
none
x-pinterest-rid
1822264223196806
expires
Mon, 27 Sep 2021 11:35:00 GMT
shares.json
api-public.addthis.com/url/ 		33 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&callback=_ate.cbs.rcb_ah8g0
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-126.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
0bea19b0b73e8fba31a9ea570bc51f269db4f39f0db97ff38165cf7a45d84c56
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
last-modified
Mon, 27 Sep 2021 11:20:00 GMT
server
nginx/1.15.8
date
Mon, 27 Sep 2021 11:20:00 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
53
truncated
/ 		443 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.ecasus.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		447 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=121764058%2Cncmhcso.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1632741600&dt=1632741600194&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=3446582650&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1664&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2b83c5bd7aedc59df4c2235b31d8080f41c11d95de1f20279f23870ff77feeed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 35B9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 27 Sep 2021 11:20:00 GMT
expires
Tue, 27 Sep 2022 11:20:00 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1632741600372304078778&uniqId=1291a&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&lu=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&sessionId=6151a8e0-00397&pageView=1&pvid=17c26fbac7488d4a7c4&site=692293&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571a7e434e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.ecasus.org%2F&domain=bg.ecasus.org&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://bg.ecasus.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://bg.ecasus.org
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1745
date
Mon, 27 Sep 2021 11:19:59 GMT
content-encoding
gzip
vary
Accept-Encoding
localstore.js
script.4dex.io/ 		483 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Sep 2021 13:44:43 GMT
server
cloudflare
age
6
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6954571a9c525c62-FRA
x-amz-request-id
2T3ADNM0NA6XVJTY
x-amz-id-2
jfJxyshidfcTxFueSvcRLpZDL5svkJH7V5xVWWKPLBAqwrRRvGkDD6FTjU7Ytu9bd2Xme4HjNt4=
expires
Mon, 27 Sep 2021 11:50:00 GMT
json
gum.criteo.com/sid/ 		347 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.ecasus.org%2F&domain=bg.ecasus.org&cw=1&lsw=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ed7e359585cf38547edc775fd34423c798d8ed5161e9bf0eba0dc9ae21da586e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 27 Sep 2021 11:20:00 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4437
expires
0
/
adx.adform.net/adx/ 		5 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkyMDQzMCZ0cmFuc2FjdGlvbklkPWJhOGJlNWZiLWZjY2QtNGFmMS04MzhkLTdiZDNhNDFlYTg0MyZyY3VyPVBMTg%3D%3D&pt=gross&stid=729e1c93-277b-4007-9865-c0356f9b4d39&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
c
prebid.a-mo.net/a/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Mon, 27 Sep 2021 11:19:59 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
adb0b01662616029cfeac72688ac4dd649c0bfe1569b0e52481133a7112e24a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:00 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
954c577d-5051-4ebb-8410-8441d7e1c9f7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.ecasus.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:00 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c7f2d2c3a152c4dca3d245964a1b3510541d7d0d7eac8f8f8a14c6479e6121dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8373
x-xss-protection
0
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
3447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571aced04e68-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
5299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571aced14e68-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.15.161 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
219849
x-amz-request-id
94JC2EVKT966RKT2
x-amz-id-2
/XLvP+FOz9w0FKPYyDhjFG9D9bD1+SHyayqaN/TghMRC0E9crmAVrr5lG0ZVb3t2nxP4MGg7rdI=
last-modified
Fri, 24 Sep 2021 13:44:41 GMT
server
cloudflare
etag
W/"6cbe4a566109f9ab6c378764f4c5ba22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
6954571acfc54e07-FRA
expires
Mon, 27 Sep 2021 11:50:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 27 Sep 2021 11:20:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 290C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 27 Sep 2021 11:03:56 GMT
expires
Tue, 27 Sep 2022 11:03:56 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BA3F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
7d5f8049626b933508a81f5fb0dbc139b2257bbb18acb16be0bcb47b1397824b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lhZAXTZfRXh8gG4rfJoJzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Sep 2021 11:20:00 GMT
date
Mon, 27 Sep 2021 11:20:00 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-lhZAXTZfRXh8gG4rfJoJzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
pagead2.googlesyndication.com/bg/ Frame 290C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
161417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 25 Sep 2022 14:29:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BA3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092101&jk=13410599762511&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
1
servicer.mgid.com/1102315/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?pv=5&cbuster=1632741600720377626270&uniqId=1291a&niet=4g&nisd=false&jsv=es6&w=696&h=220&p1_w=696&p1_h=197&maxw_1=300&maxh_1=250&cols=1&ref=&cxurl=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&lu=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&sessionId=6151a8e0-00397&pageView=1&pvid=17c26fbac7488d4a7c4&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bdc77cba9d8dcf09308eace7aa833cc9acd99bd76660b44f8d7649a457cddf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571caa624e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1102315/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?w=696&h=220&p1_w=696&p1_h=197&maxw_1=300&maxh_1=250&cols=1&pv=5&cbuster=1632741600721505070630&uniqId=12936&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&lu=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&sessionId=6151a8e0-00397&pageView=0&pvid=17c26fbac7488d4a7c4&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baaf31c1741e457fb1a7c35d9405d6d36d8a387f6a1e9c85a4ebaa701535f1d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571caa614e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1102315/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/1?w=696&h=220&p1_w=696&p1_h=197&maxw_1=300&maxh_1=250&cols=1&pv=5&cbuster=1632741600721134577593&uniqId=069f7&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&lu=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&sessionId=6151a8e0-00397&pageView=0&pvid=17c26fbac7488d4a7c4&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b2b009ef6524229f6d9892f90fc89e8c0bd1b07ff40868f56aff745105f590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571caa5e4e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1101801/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1101801/1?w=696&h=2926&p6_w=300&p6_h=250&maxw_6=300&maxh_6=250&cols=1&pv=5&cbuster=1632741600730687517283&uniqId=09a6f&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&lu=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&sessionId=6151a8e0-00397&pageView=0&pvid=17c26fbac7488d4a7c4&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32122fbd7783d5e29c2ce860c92ec42445cd6e0e4c060966cdaeccd19508573c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571caa604e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092101&jk=13410599762511&bg=!YmGlYSXNAAZNQyuQTUM7ACkAdvg8Wkj3uQa-s0oF_Y5eG0VbMd2jIDfA4gXXfjVWudCk49Raeyqg1AIAAACDUgAAAAtoAQeZAp4uye2T7hNk6Tu9MAcU4w46YkymxMEwWSXYnynVq2npyOENK2trwoWH2A57oW-ricVIFTQ1gEUPs7VyeLx5OzJJsOzxJRu3dLAs3vrE_5d1u7f6mW85uFZn_sGtBllhPpvKOCMSsthyRyQPctGsBrD2WZ0arsxZ-UrVKD3FZo7j1XhZ24AOXe1us2UojKDhDwXHCsxIK-2z34TDrNTnbz8K1QS-5DgmxFnW1uv0jmINSucHcsMCXkRsU7l1NVb57WgcIVt0AA7SPQ8ad6bmC4lse5t4Uj9iMADEjU_ti7KyD_k6A5luCTR-leb0fjTjLj4-5ZkmQA-i_vdfyGoR2gfCs-Hfe9moKn5QpwHXOvf8ov1menSQtZOcVX9hrSoRAr8Qm52LzlEd7lmzyXqZB5w_NDHgPhG1qGLlWxR3YxFRRrFisJ0JpIoRx5VCzLrVHLw98OdGNfGQW9wXwcbxgTCNPETdkncqOrEzGjSoTGHnFjX-H4ox_Cg6Zb4Js-RQOZhfsKVCr7HEioYjen96O6hRN_Z4gn1nOcxzeOvc8TOgit3raDA-01fKClTLv5N0L12GAVhepEwZ5c64pK_-zHlnOE24gg-lM_0x9zLs--NWARZIhU5fX-R8IXe1tqmIpo05MHwu0gS6oLRzKb7tGNNeDlsIQTwUhKFxKxCQdqWcaRx-EAH8_LG-yD-1VhrNA0Sdk3Wyz8cbsTFLys9KmhPyCdc5IhjBkxvbWTu9rFujOoNWjpdDxmFLScNaZBdZEUavwE1aa5bYjtIabLWeKu3suHwXmVnMX5571tLp52_kDSofDig3jq9CzHYoTrhOQItmnpproeuOFKc1sejtfSzBbRbPhPiIWj8WVVqIRy-XBsOVarLvdNT2x4yloW28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
3447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571d1f164eaf-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
5299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571d1f174eaf-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
mgWidget_1.11.46.js
cdn.mgid.com/js/wglibs/ 		337 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b54b5b7f651d58212686f18bb72a0142cf95881cbf4967a32b1d86a5c6e5cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
909
last-modified
Tue, 21 Sep 2021 15:03:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
P00D3FYWPQDAGGVC
x-amz-id-2
SumwMSrY8mmrOrBz6o49bmwCrz9/QyGIVq5fjjlYaHEWqAIC2ePhaUHKC1sri3r2DuRLMp9bXAc=
cf-bgj
minify
server
cloudflare
etag
W/"c94116c793f729ec728bcd61baed202a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6954571d3f3a4eaf-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1632741600-D8Jd40UDzjD5jGeHoPouwnpiQ6oQbpiquExK1ZlJsXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834bcb70b8df1fa7df6d4b308cbad725cd6d85b6d5b719f75b5497b6d2587433

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:36:04 GMT
x-mg-request-uuid
cabfb443-c3fe-4957-92c8-0c0dc3816e57
age
830960
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6daa691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15746
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x277/0x39x564x376/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164899/492x277/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1632741600-Aeoh0l7qkchY9R5uwE_CiALMFwDyQiCEgnidmApHUGY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b55e5004a364de7ff52d1ff57a793495bff57162f59c5b08d29d79619ac3d16

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:20:52 GMT
x-mg-request-uuid
e637b9a0-5a90-492f-97cc-14b05a29ec09
age
17661
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6daf691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26384
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1632741600-sHTArImHqYvVq4ljuegCotmjlGWaIdUz3BL-lkT2xL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:40 GMT
x-mg-request-uuid
549b2336-7a72-41b5-9af5-d185343213c7
age
152547
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6db2691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18944
server
cloudflare
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
3447
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571d5f754eaf-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
br
cf-cache-status
HIT
age
5299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6954571d5f764eaf-FRA
expires
Tue, 28 Sep 2021 11:20:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp
s-img.mgid.com/g/8193513/492x277/0x143x540x360/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193513/492x277/0x143x540x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp?v=1632741600-lxsuZs-IXUqd5h3Tl2pbFPgJnyoyFYzg8WykhqmFLhM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f98e426a18500efb9d67d520788bb94ee7dcf42296bf6436a7a2f8bc2c15e4

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:25:19 GMT
x-mg-request-uuid
5d950420-a655-40df-bb91-da03f15e38b5
age
17666
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6db7691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41926
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp
s-img.mgid.com/g/8193529/492x277/0x12x597x398/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193529/492x277/0x12x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1632741600-bcbIxOB1b_r3a7FViumyLzFr0avTat_53cHEpGGVR2o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90abe4b302dde990692db3d6311e5e4362032a0e58b03c00848deca7b33e1fd

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:56 GMT
x-mg-request-uuid
2c6b4ebc-0530-410a-91fe-97e61c6d74fb
age
52254
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6db4691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8394
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.mgid.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1632741600-qrKR_e3_EArHbc8N2SrrUsrCaisegcmgO-58e_ajsN4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:29:43 GMT
x-mg-request-uuid
444e681f-d10d-4ef1-9c94-b97070d869ea
age
770616
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6db3691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5990
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp
s-img.mgid.com/g/8164841/492x277/14x0x549x366/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164841/492x277/14x0x549x366/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp?v=1632741600-phh2ZR23JN_RVy3t0axI0vkrIFsReuDhsE1dJ6Hviqg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e3595aca60ab2a3b796be9c9b81a050649eb305f36a1d9ddd7e639aa43910

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
MISS
last-modified
Tue, 11 May 2021 10:43:21 GMT
x-mg-request-uuid
19f15534-5c17-403e-86b0-868e4cbdf444
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6dba691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12712
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x277/0x0x492x328/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164883/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1632741600-Y1yluuQCNFyarI6NeYkvfhoVyGaXpD7k1CDHUMH7lsw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:36:41 GMT
x-mg-request-uuid
c223acae-ece6-4ad6-957a-9c98dcc9789b
age
830960
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d6dbb691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10766
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x277/88x0x631x420/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193504/492x277/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1632741600-WVv7XItB88eeM6qQpWwol6BfLJAGSN2hGrpp0lLVPPw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525b6cee4be1d68b23c08fd4aec7a3c784c97a3dce731c618e439f419937c63e

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:41:20 GMT
x-mg-request-uuid
35326ae4-80f5-470e-820d-268bfb1e1e7d
age
265349
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dc8691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12756
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1632741600-Ou0GTLWyqSJnpVzY8_sBlqaevpcmsTndodh9Xl5TYoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:20:30 GMT
x-mg-request-uuid
6fc95a78-76d2-42c0-832f-4e83cd23ef2e
age
235737
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dcb691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42384
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1632741600-C7PZpPfiP9GKskFzg39ROU-7RJiep1XTXgNdbyK0sjI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
x-mg-request-uuid
5015da91-8744-4fd7-ae1a-5dbbe5459f75
age
310016
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28540
last-modified
Tue, 11 May 2021 11:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dcc691c-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp
s-img.mgid.com/g/8193527/492x277/0x0x492x328/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193527/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp?v=1632741600-q82SCiy-4V4gt4Sl5cssIGRL88WMkAAK9wClW6O5QN8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3ec68a0fce79c80c06f06e9feb232b4b2be319a3723b8c325e8f00583ce588

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:43:12 GMT
x-mg-request-uuid
646b4029-586b-4cfe-9cb6-99f8ae4b444c
age
172431
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dce691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8600
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x277/125x507x492x328/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193499/492x277/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1632741600-g6YdeZnhhAd3PvzzwHpzSd1bBSpHlW650_u-uYTCuPw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35da21eea6062de85141e49d3d23e38f2ead16f8bbbfb4648033d95ec1028586

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:07 GMT
x-mg-request-uuid
b46af40b-64df-446b-9a4c-88db38491fd5
age
104180
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dd3691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30792
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1632741600-GwTt8APiLbtwQ2abtQsz1KyToUj8nb7U_ODP5ryaN10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c2515b0e271ce91f648abc571dcf21efffc99612ccd11f09d5741649fc1973

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:37:58 GMT
x-mg-request-uuid
5d05c159-d157-4024-acb5-600127aaf4a3
age
265349
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dd6691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11382
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x277/0x0x1083x722/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164845/492x277/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1632741600-QmeyeRFY5iIEVjdOSGIMEdWasPHiTMnLKM7eNVNOaJ4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9ae90ebf7ca6d069d13c4b3779ca21b8ff61cedbe2cabe1edd0b69187c0c38

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:25:18 GMT
x-mg-request-uuid
14161ee5-2df8-4534-a65a-7a92a1944ecd
age
235739
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dd7691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20708
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/492x277/16x0x492x328/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193501/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1632741600-gETEBxGjefqBGH5scEAOMlYrb04KxZjFdaRhBA-vBtk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e6dc322efdbcb1dd558f99027ea33976253f0986ae538c6db660040847adef

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:00 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:23:16 GMT
x-mg-request-uuid
351ff6b9-ee6b-4a2b-ba49-d71ab3a6584b
age
26703
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6954571d7dd8691c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8212
server
cloudflare
outstream.css
video-native.mgid.com/mgPlayer/css/1.11/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/outstream.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 15:08:40 GMT
server
nginx
etag
"4885-5cc0a12ca1c8c-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-15T15:09:15+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
2617
expires
Thu, 15 Sep 2022 15:09:15 GMT
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:00 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 11:03:51 GMT
server
nginx
etag
"9ff4-5c777e47117fe-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-17T10:22:56+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6890
expires
Sat, 17 Sep 2022 10:22:56 GMT
i.js
cm.mgid.com/ 		2 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=163274160098289942143
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eca9a487584197a09a6bcfc5e302b132507a3608da2d341f287b79f503d3723

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
1b8ce6fa-9157-43ef-877e-91b55ff19e3d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6954571e3d654e68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
adSrcNoUi.js
video-native.mgid.com/scripts/ 		1 KB
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/adSrcNoUi.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
last-modified
Mon, 28 Sep 2020 12:35:01 GMT
server
nginx
etag
"56d-5b05ee52e311c-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-17T10:22:56+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
481
expires
Sat, 17 Sep 2022 10:22:56 GMT
1102315
servicer.mgid.com/vpaid/ 		849 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vpaid/1102315
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac817f582ee4fd11da33dc1215e8db64c319e92e3ea18238e308f4b7ab094e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571e99d84eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1102315
servicer.mgid.com/vpaid/ 		849 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vpaid/1102315
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
677bb80256477340c7ab35de7dbe915d1fcb70b56c34e8be33913998d9f1f244

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571e99db4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1102315
servicer.mgid.com/vpaid/ 		849 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vpaid/1102315
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad98f4634ec34239ff0c7bf2c2773bc1bd6d5e17852208304954f84215b462c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571eba0b4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aniview.js
player.aniview.com/script/6.1/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-78.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
55313d954e6450db67ad97d784427c56cb04b1cf27b58ff3add75308ec975849

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduWJWLIaWDozSLBthefJ6JPtWcgMrNQhdBsk9wKZeGxIdllJBWIpYy30dUwwWsczLTcBpJraYyPc4n6EVtgBIk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9353
last-modified
Wed, 22 Sep 2021 06:55:30 GMT
server
UploadServer
etag
"b4ec9e4b4b6f022d6f09c3dee02b801f"
vary
Accept-Encoding
x-goog-hash
crc32c=aqUJFA==, md5=tOyeS0tvAi1vCcPe4CuAHw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1632293729913788
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9353
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 27 Sep 2021 11:25:01 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5ac2203f073ef46a6856c7b0&cid=60ad238b92aa2272e1594459&e=playerLoaded&cb=1632741601070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
i-noref.js
cm.mgid.com/ Frame 8D28 		19 B
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1632741601075674303809
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
2f35775f-bb23-4b7d-be43-4e8578e7f4e0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6954571eba284eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
usync.html
eus.rubiconproject.com/ Frame CF04
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=163274160098289942143
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bg.ecasus.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Sep 2021 11:20:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Mon, 27 Sep 2021 11:20:01 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync.html
s.adtelligent.com/ Frame D340 		1 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=163274160098289942143
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bg.ecasus.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

Server
VertaMedia 1.0
Date
Mon, 27 Sep 2021 11:20:01 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://bg.ecasus.org
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=d9052254-f8cf-4d12-b401-11522a503e0c
43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=d9052254-f8cf-4d12-b401-11522a503e0c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
9993648f-94f5-4b69-9951-5d736441495a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
695457233b554eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=d9052254-f8cf-4d12-b401-11522a503e0c
date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 		0
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhyMG1hT2tSVGs0&muidn=l8r0maOkRTk4
  • https://cm.mgid.com/google?muidn=l8r0maOkRTk4&google_ula={guid},5&google_gid=CAESEFTm8aDR0qnMK1g3T-4LzoI&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l8r0maOkRTk4&google_ula={guid},5&google_gid=CAESEFTm8aDR0qnMK1g3T-4LzoI&google_cver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6954571f6b794eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l8r0maOkRTk4&google_ula={guid},5&google_gid=CAESEFTm8aDR0qnMK1g3T-4LzoI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=1051256417513033098&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&gdpr=&gdpr_consent=&us_privacy=
43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
86074020-f829-4f1a-a68f-6adf266db2d4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
695457210f084eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l8r0maOkRTk4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954571f1b9c2c19-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=lwZzteMtrShvqYxeePdf&pi=mgid&tc=1
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=lwZzteMtrShvqYxeePdf&pi=mgid&tc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
b8c799db-79c8-4fac-9520-b04eb60c68df
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6954571fbc3c4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=lwZzteMtrShvqYxeePdf&pi=mgid&tc=1
pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT, Mon, 27 Sep 2021 11:20:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l8r0maOkRTk4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954571f08176993-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l8r0maOkRTk4
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8r0maOkRTk4
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.122.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-122-71.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
content-length
68
content-type
image/png

Redirect headers

location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=1bb3b5f8-1640-4e95-832f-0e0f5b3b2913&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=7b5503ae-865d-441a-881b-de593a2baa3e&ttl=1635333601
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=7b5503ae-865d-441a-881b-de593a2baa3e&ttl=1635333601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
ae0bd8f8-3739-4329-98f8-407d536543a1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
695457203d524eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=7b5503ae-865d-441a-881b-de593a2baa3e&ttl=1635333601
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
mgPlayer_v2.css
video-native.mgid.com/mgPlayer/css/ 		22 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 12:46:16 GMT
server
nginx
etag
"5842-5ac0ca416b9a5-gzip"
vary
Accept-Encoding
x-cached-since
2021-07-28T08:10:10+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
3244
expires
Thu, 28 Jul 2022 08:10:09 GMT
XHcEUCFl-720.jpg
video-native.mgid.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/XHcEUCFl-720.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
last-modified
Tue, 02 Apr 2019 14:58:39 GMT
server
nginx
etag
"202c-5858d5f4d012f"
x-cached-since
2021-07-23T00:05:12+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
8236
expires
Sat, 23 Jul 2022 00:05:12 GMT
XHcEUCFl-26327326.mp4
video-native.mgid.com/ 		18 KB
19 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/XHcEUCFl-26327326.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06

Request headers

Referer
https://bg.ecasus.org/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
last-modified
Tue, 02 Apr 2019 14:58:45 GMT
server
nginx
access-control-allow-origin
*
etag
"4959-5858d5fa3b555"
x-cached-since
2021-09-19T07:56:37+00:00
content-type
video/mp4
Content-Range
bytes 0-18776/18777
cache-control
max-age=290304000, public
cache
HIT
Content-Length
18777
expires
Mon, 19 Sep 2022 07:56:37 GMT
mgvpaid.umd.js
video-native.mgid.com/scripts/ 		132 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/scripts/mgvpaid.umd.js
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 13:49:49 GMT
server
nginx
etag
"21165-5bdcfdf7e6872-gzip"
vary
Accept-Encoding
x-cached-since
2021-07-27T10:57:40+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
30661
expires
Wed, 27 Jul 2022 10:57:40 GMT
material.ttf
video-native.mgid.com/mgPlayer/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/fonts/material.ttf
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599

Request headers

Referer
https://video-native.mgid.com/mgPlayer/css/mgPlayer_v2.css
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 27 Sep 2021 11:20:01 GMT
last-modified
Thu, 12 Sep 2019 12:54:14 GMT
server
nginx
etag
"1248-5925aa28273f8"
x-cached-since
2021-07-09T00:39:17+00:00
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
4680
expires
Sat, 09 Jul 2022 00:39:17 GMT
XHcEUCFl-720.jpg
video-native.mgid.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/XHcEUCFl-720.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
last-modified
Tue, 02 Apr 2019 14:58:39 GMT
server
nginx
etag
"202c-5858d5f4d012f"
x-cached-since
2021-07-23T00:05:12+00:00
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
8236
expires
Sat, 23 Jul 2022 00:05:12 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 95E5 		355 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.232.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-78.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
fcfe5110ac9c49cc22d5eac8f5d53c480f48c0830b006769b0beb021a36d1010

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvTayF7ZYBvR-fAEQVkUDIOs3CeFHekNDtxPeXyBUMEGBpVHD85KEPvRiFmz9atu9dZgybH0KIqoX9AKo9ehFocezQxHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101720
last-modified
Thu, 23 Sep 2021 12:42:07 GMT
server
UploadServer
etag
"891a8b46a3af77201c37b70dc26e1f64"
vary
Accept-Encoding
x-goog-hash
crc32c=rC86JQ==, md5=iRqLRqOvdyAcN7cNwm4fZA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1632400927531319
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101720
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 27 Sep 2021 11:25:01 GMT
mgvpaid.css
video-native.mgid.com/mgPlayer/css/ 		945 B
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/mgvpaid.css
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
last-modified
Mon, 12 Oct 2020 11:17:31 GMT
server
nginx
etag
"3b1-5b17771cc0f4c-gzip"
vary
Accept-Encoding
x-cached-since
2021-09-02T09:01:07+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
389
expires
Fri, 02 Sep 2022 09:01:07 GMT
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=initad&c=34971&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954571fcc504eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=initad&c=9067&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954571fcc614eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=initad&c=22981&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954571fcc654eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 05:46:44 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
19999
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
dQYygz8Hk2rLx1oYk9gR7FIam269oUxn82R_KT3BG95vUhqQTnE2wQ==
/
servicer.mgid.com/1102315/ 		65 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/?vast=1&w=640&h=480&pl=1&page=https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200cc34eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1102315
servicer.mgid.com/vast/ 		27 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vast/1102315
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mg-reason
empty list of teasers
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200cc44eaf-FRA
content-type
text/xml
pragma
no-cache
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=0&c=36486&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457200cc74eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
servicer.mgid.com/1102315/ 		65 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/?vast=1&w=640&h=480&pl=1&page=https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200ccc4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1102315
servicer.mgid.com/vast/ 		27 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vast/1102315
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mg-reason
empty list of teasers
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200ccf4eaf-FRA
content-type
text/xml
pragma
no-cache
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=0&c=93848&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457200cd14eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
servicer.mgid.com/1102315/ 		65 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1102315/?vast=1&w=640&h=480&pl=1&page=https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
content-type
text/xml; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200cda4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1102315
servicer.mgid.com/vast/ 		27 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/vast/1102315
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/scripts/mgvpaid.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-mg-reason
empty list of teasers
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://bg.ecasus.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
695457200cdd4eaf-FRA
content-type
text/xml
pragma
no-cache
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=0&c=41799&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457200ce04eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1632741600-C7PZpPfiP9GKskFzg39ROU-7RJiep1XTXgNdbyK0sjI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
x-mg-request-uuid
b8b27e00-5d00-4bf0-9efa-bfbb71597ff9
age
325435
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28540
last-modified
Tue, 11 May 2021 11:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
695457201cff4eaf-FRA
cf-bgj
imgq:85,h2pri
usync.js
eus.rubiconproject.com/ Frame CF04 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8151be9a0a1ffee7f424832cd1fae0be070493c007895b0e9d8478da1a1e6869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 27 Sep 2021 11:20:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Sep 2021 16:02:32 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=65596
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9354
Expires
Tue, 28 Sep 2021 05:33:17 GMT
d59808cffa45424a2e86558ae89340d1_360.mp4
video-native.mgid.com/provided_video/2018-07-02/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/provided_video/2018-07-02/d59808cffa45424a2e86558ae89340d1_360.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://bg.ecasus.org/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc28
date
Mon, 27 Sep 2021 11:20:01 GMT
last-modified
Mon, 08 Apr 2019 10:38:21 GMT
server
nginx
access-control-allow-origin
*
etag
"5f99fa-586026f76831a"
x-cached-since
2021-09-18T08:12:33+00:00
content-type
video/mp4
Content-Range
bytes 0-6265337/6265338
cache-control
max-age=290304000, public
cache
HIT
Content-Length
6265338
expires
Sun, 18 Sep 2022 08:12:33 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=bg.ecasus.org&sn=&cd1=desktop&cd2=0&cd3=native&cd4=1101801&cd5=dabf3795-1f84-11ec-b560-d094662c1c35&cd6=11&ic=0&tgt=0&app=&wi=679&he=382&test=&apppkg=&fv=3&proto=https&pid=5ac2203f073ef46a6856c7b0&cid=60ad238b92aa2272e1594459&stagid=&stplid=&e=inventory&vi=0&cb=1632741601335
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=0&c=65796&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457208dfa4eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=0&c=42877&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2F1102315%2F%3Fvast%3D1%26w%3D640%26h%3D480%26pl%3D1%26page%3Dhttps%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457208dfd4eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=0&c=31643&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457208e004eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=0&c=23281&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2F1102315%2F%3Fvast%3D1%26w%3D640%26h%3D480%26pl%3D1%26page%3Dhttps%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457208e034eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
go1.aniview.com/api/adserver/tag/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=desktop&AV_CUSTOM1=l8r0maOkRTk4&AV_CDIM2=0&AV_CDIM3=native&AV_CDIM4=1101801&AV_CDIM5=dabf3795-1f84-11ec-b560-d094662c1c35&AV_CDIM6=11&AV_CUSTOM2=0&AV_CUSTOM3=Dota2%20Gaming%20Teams%20Will%20Have%20To%20Fight%20Against%20Bots%20At%20OpenAI%20&AV_CUSTOM4=0&AV_CUSTOM5=7&AV_CUSTOM6=3&AV_CUSTOM7=0&AV_CUSTOM8=0&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&AV_CHANNELID=60ad238b92aa2272e1594459&format=json&tgt=0&AV_SUBID=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=bg.ecasus.org&AV_DADPOS=3&v=6.1.1.243&avtoken=601334&AV_WIDTH=679&AV_HEIGHT=382&AV_DNT=0&cb=1632741601369
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.102.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-102-165.compute-1.amazonaws.com
Software
/
Resource Hash
d013529b21ad0533477049ca5b350ef0983814b617d0b8b3daae4253b3b09cd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 15 Sep 2021 21:33:21 GMT
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=1&c=13083&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457209e1d4eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=1&c=50963&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457209e214eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=1&c=97732&o=%7B%22uuid%22%3A%22daef61d6-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2Fvast%2F1102315%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457209e224eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=0&c=11168&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457209e244eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=0&c=97336&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A0%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2F1102315%2F%3Fvast%3D1%26w%3D640%26h%3D480%26pl%3D1%26page%3Dhttps%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
695457209e254eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=604&iid=1101801&e=adinventory&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22dabf3795-1f84-11ec-b560-d094662c1c35%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=44243&h=Iam9UHoWDU3a8keOV2NifqLG-0qkS11AQDfKwaEL4PepRf0wgsQZNEaeEuG9iSnI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720ae314eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp
s-img.mgid.com/g/8193513/492x277/0x143x540x360/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193513/492x277/0x143x540x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA3LzEwMTkyNC84ZTAxZTBmM2QzZDNkZWRhMTRhYzVlYzAzZDRkNmVlNC5qcGc.webp?v=1632741600-lxsuZs-IXUqd5h3Tl2pbFPgJnyoyFYzg8WykhqmFLhM
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f98e426a18500efb9d67d520788bb94ee7dcf42296bf6436a7a2f8bc2c15e4

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:25:19 GMT
x-mg-request-uuid
5d950420-a655-40df-bb91-da03f15e38b5
age
17667
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9744e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41926
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp
s-img.mgid.com/g/8193529/492x277/0x12x597x398/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193529/492x277/0x12x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1632741600-bcbIxOB1b_r3a7FViumyLzFr0avTat_53cHEpGGVR2o
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90abe4b302dde990692db3d6311e5e4362032a0e58b03c00848deca7b33e1fd

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:56 GMT
x-mg-request-uuid
2c6b4ebc-0530-410a-91fe-97e61c6d74fb
age
52255
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9684e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8394
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.mgid.com/g/8164911/492x277/32x5x928x618/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164911/492x277/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1632741600-qrKR_e3_EArHbc8N2SrrUsrCaisegcmgO-58e_ajsN4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:29:43 GMT
x-mg-request-uuid
444e681f-d10d-4ef1-9c94-b97070d869ea
age
770617
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9644e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5990
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp
s-img.mgid.com/g/8164841/492x277/14x0x549x366/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164841/492x277/14x0x549x366/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp?v=1632741600-phh2ZR23JN_RVy3t0axI0vkrIFsReuDhsE1dJ6Hviqg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e3595aca60ab2a3b796be9c9b81a050649eb305f36a1d9ddd7e639aa43910

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:43:21 GMT
x-mg-request-uuid
19f15534-5c17-403e-86b0-868e4cbdf444
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9664e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12712
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x277/0x0x492x328/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164883/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1632741600-Y1yluuQCNFyarI6NeYkvfhoVyGaXpD7k1CDHUMH7lsw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:36:41 GMT
x-mg-request-uuid
c223acae-ece6-4ad6-957a-9c98dcc9789b
age
830961
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d95f4e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10766
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x277/88x0x631x420/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193504/492x277/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1632741600-WVv7XItB88eeM6qQpWwol6BfLJAGSN2hGrpp0lLVPPw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525b6cee4be1d68b23c08fd4aec7a3c784c97a3dce731c618e439f419937c63e

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:41:20 GMT
x-mg-request-uuid
35326ae4-80f5-470e-820d-268bfb1e1e7d
age
265350
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9794e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12756
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x277/0x168x510x340/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193537/492x277/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1632741600-Ou0GTLWyqSJnpVzY8_sBlqaevpcmsTndodh9Xl5TYoA
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:20:30 GMT
x-mg-request-uuid
6fc95a78-76d2-42c0-832f-4e83cd23ef2e
age
235738
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d97c4e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42384
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.jpg?v=1632741600-C7PZpPfiP9GKskFzg39ROU-7RJiep1XTXgNdbyK0sjI
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
x-mg-request-uuid
5015da91-8744-4fd7-ae1a-5dbbe5459f75
age
310017
cf-polished
qual=85, origFmt=jpeg, origSize=35326
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzY5ZDllZTg0LmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
28540
last-modified
Tue, 11 May 2021 11:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9844e5b-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp
s-img.mgid.com/g/8193527/492x277/0x0x492x328/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193527/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMTQvMTAxOTI0LzcwYzliNzA5ODI5ZWMxMmYwZDNmYzY2NzRlMWU3ZTE4LmpwZz90PTE0ODk1Mjc0NDIwOTk.webp?v=1632741600-q82SCiy-4V4gt4Sl5cssIGRL88WMkAAK9wClW6O5QN8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3ec68a0fce79c80c06f06e9feb232b4b2be319a3723b8c325e8f00583ce588

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:43:12 GMT
x-mg-request-uuid
646b4029-586b-4cfe-9cb6-99f8ae4b444c
age
172432
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d98a4e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8600
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x277/0x0x1001x667/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164884/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1632741600-sHTArImHqYvVq4ljuegCotmjlGWaIdUz3BL-lkT2xL0
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:40 GMT
x-mg-request-uuid
549b2336-7a72-41b5-9af5-d185343213c7
age
152548
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d98d4e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18944
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x277/125x507x492x328/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193499/492x277/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1632741600-g6YdeZnhhAd3PvzzwHpzSd1bBSpHlW650_u-uYTCuPw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35da21eea6062de85141e49d3d23e38f2ead16f8bbbfb4648033d95ec1028586

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:38:07 GMT
x-mg-request-uuid
b46af40b-64df-446b-9a4c-88db38491fd5
age
104181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9774e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30792
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x277/0x0x1081x720/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x277/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1632741600-GwTt8APiLbtwQ2abtQsz1KyToUj8nb7U_ODP5ryaN10
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c2515b0e271ce91f648abc571dcf21efffc99612ccd11f09d5741649fc1973

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:37:58 GMT
x-mg-request-uuid
5d05c159-d157-4024-acb5-600127aaf4a3
age
265350
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9824e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11382
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x277/0x26x798x532/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193526/492x277/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1632741600-D8Jd40UDzjD5jGeHoPouwnpiQ6oQbpiquExK1ZlJsXE
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
834bcb70b8df1fa7df6d4b308cbad725cd6d85b6d5b719f75b5497b6d2587433

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 10:36:04 GMT
x-mg-request-uuid
cabfb443-c3fe-4957-92c8-0c0dc3816e57
age
830961
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d97e4e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15746
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x277/0x0x1083x722/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164845/492x277/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1632741600-QmeyeRFY5iIEVjdOSGIMEdWasPHiTMnLKM7eNVNOaJ4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9ae90ebf7ca6d069d13c4b3779ca21b8ff61cedbe2cabe1edd0b69187c0c38

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:25:18 GMT
x-mg-request-uuid
14161ee5-2df8-4534-a65a-7a92a1944ecd
age
235740
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9954e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20708
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/492x277/16x0x492x328/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193501/492x277/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1632741600-gETEBxGjefqBGH5scEAOMlYrb04KxZjFdaRhBA-vBtk
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1101801.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e6dc322efdbcb1dd558f99027ea33976253f0986ae538c6db660040847adef

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:23:16 GMT
x-mg-request-uuid
351ff6b9-ee6b-4a2b-ba49-d71ab3a6584b
age
26704
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9974e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8212
server
cloudflare
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=1&c=87839&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720be574eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=1&c=98903&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720be5a4eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=1&c=18704&o=%7B%22uuid%22%3A%22daf0100d-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2Fvast%2F1102315%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720be5c4eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
khaos.jpg
token.rubiconproject.com/ Frame CF04 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=requestad&cin=1&c=34993&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720ce854eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=adbidempty&cin=1&c=95257&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720ce884eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?iid=1102315&e=aderror&cin=1&c=39716&o=%7B%22uuid%22%3A%22daf1814f-1f84-11ec-b560-d094662c1c35%22%2C%22index%22%3A1%2C%22rHash%22%3A%222227557176690718%22%2C%22errMsg%22%3A%22VPAID%20ERROR%3A%20adbidempty.%20%5Bhttps%3A%2F%2Fservicer.mgid.com%2Fvast%2F1102315%5D%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720ce894eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
SOoFMZsZiUcyDHQ9N3z5CA0QthmOqnWReLRBF-AHAW2_BHe4EXeuPg==

Redirect headers

date
Mon, 27 Sep 2021 11:20:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601415&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
content-length
560
x-amz-cf-id
c-4zwgQ_d12XvzN4zKyrFA6Cv81ejrz0qcPEyNGEy6b9qJpb1YkKXw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-28.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
NYCGI_qa-vu3uT_6aPmS5kcJsfY-AxPUPjlYvQkEAnIhwjKJKK0pVw==

Redirect headers

date
Mon, 27 Sep 2021 11:20:01 GMT
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1632741601416&ns_c=UTF-8&cv=3.5&c8=%D0%96%D0%95%D0%9D%D0%A1%D0%9A%D0%90%20%D0%9C%D0%90%D0%A1%D0%A2%D0%A3%D0%A0%D0%91%D0%90%D0%A6%D0%98%D0%AF%3A%2017%20%D0%A4%D0%90%D0%9A%D0%A2%D0%90%20%D0%97%D0%90%20%D0%9F%D0%90%D0%9B%D0%90%D0%92%D0%90%D0%A2%D0%90%20%D0%A2%D0%90%D0%99%D0%9D%D0%90%20%22%20-%20%D0%97%D0%90%D0%9F%D0%9E%D0%97%D0%9D%D0%90%D0%9D%D0%A1%D0%A2%D0%92%D0%90%20-%202021&c7=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&c9=
content-length
560
x-amz-cf-id
_zSiZbZLQa2rt44thYmAPruHH2cUE3NYpLSDrmj2GjQjTxP_ndJZKA==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x277/0x39x564x376/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164899/492x277/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1632741600-Aeoh0l7qkchY9R5uwE_CiALMFwDyQiCEgnidmApHUGY
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b55e5004a364de7ff52d1ff57a793495bff57162f59c5b08d29d79619ac3d16

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
HIT
last-modified
Tue, 11 May 2021 11:20:52 GMT
x-mg-request-uuid
e637b9a0-5a90-492f-97cc-14b05a29ec09
age
17662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
69545720d9984e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26384
server
cloudflare
m
cm.mgid.com/ Frame D340
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=3c934d8d8fda6a18
43 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=3c934d8d8fda6a18
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
133e105c-462a-4c00-bad5-65a203d22f1f
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
695457229a414eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=3c934d8d8fda6a18
Date
Mon, 27 Sep 2021 11:20:00 GMT
Server
VertaMedia 1.0
Content-Length
43
Content-Type
image/gif
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=604&iid=1101801&e=vr_load&h=Iam9UHoWDU3a8keOV2NifqLG-0qkS11AQDfKwaEL4PepRf0wgsQZNEaeEuG9iSnI&o=%7B%22vrViewable%22%3A0%2C%22sticky%22%3A0%2C%22playlistSeq%22%3A0%2C%22uuid%22%3A%22dabf3795-1f84-11ec-b560-d094662c1c35%22%2C%22tt%22%3A%22Direct%22%2C%22timeOffset%22%3A0%7D&t=0&c=45405
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69545720fee54eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1102315&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22dac0286a-1f84-11ec-a3c7-d0946675f626%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=34651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954572249704eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1102315&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22dabeeb57-1f84-11ec-a3c7-d0946675f626%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=11655
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954572259924eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
c.mgid.com/vs/ 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=0&iid=1102315&e=error&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%22dabed6e3-1f84-11ec-a3c7-d0946675f626%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%2C%22errorMessage%22%3A%22null%22%7D&t=0&c=47905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6954572269f34eaf-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
serving.viewtraff.com/v1/placements/J2op30f7Jk5B/code/vpaid/ 		155 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serving.viewtraff.com/v1/placements/J2op30f7Jk5B/code/vpaid/1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
e3e247478fc561a82e78bee7449288e91a808ece811f6aac5842df15b0963755

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
server
nginx
srvb
127.0.0.1:8082
access-control-allow-methods
OPTIONS, GET
content-type
application/xml;charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
155
srvf
144.76.120.254
/
ads.viralize.tv/vast/ 		71 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADqeagKps_2jM40&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cs=&gdpr=1&cbb=2741601750
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:01 GMT
content-encoding
gzip
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bg.ecasus.org&rs=bg.ecasus.org&sid=27005&t=1632741601&cip=216.131.114.66&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1632741601671-918721588423-005858-000-007275&cha=0.7&stagid=&stplid=&cb=20700224411&cd3=native&cd4=1101801&cd5=dabf3795-1f84-11ec-b560-d094662c1c35&cd6=11&cd1=desktop&cd2=0&d9=1000&AV_WIDTH=679&AV_HEIGHT=382&nid=5ac2203f073ef46a6856c7b0&ncid=60ad238b92aa2272e1594459&e=request&cb=1632741601751&asid=60ae36aecd9acb73fe1a1867%2C60ae36ab1af4fe0b906a70a9%2C60ae3776eb9dd019f533d628%2C60ad2564af4e6d580351ce36%2C60a4dc5bdabbf34a5360f365%2C5f6da35a57c64938c212257f%2C60ae3778d8e0b33df20060c4&ofpr=%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bg.ecasus.org&rs=bg.ecasus.org&sid=27005&t=1632741601&cip=216.131.114.66&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1632741601671-918721588423-005858-000-007275&cha=0.7&stagid=&stplid=&cb=20700224411&cd3=native&cd4=1101801&cd5=dabf3795-1f84-11ec-b560-d094662c1c35&cd6=11&cd1=desktop&cd2=0&d9=1000&AV_WIDTH=679&AV_HEIGHT=382&nid=5ac2203f073ef46a6856c7b0&ncid=60ad238b92aa2272e1594459&e=bid&cb=1632741601831&asid=60ae36aecd9acb73fe1a1867%2C60ae36ab1af4fe0b906a70a9%2C60ae3776eb9dd019f533d628%2C60ad2564af4e6d580351ce36%2C60ae3778d8e0b33df20060c4&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
af68b91794e822e56116948c52ea84a2c8483e3ba1d800551b680b40e1cf076c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 230 of 1000 / last-modified: 1632732756"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 11:20:02 GMT
gpt.js
www.googletagservices.com/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js?zx
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
4012b60b50fc1eba6890f9744fc7ed75e12f2d3f9ae421670e200468e1785b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"999 / 580 of 1000 / last-modified: 1632732756"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.015970002010982753
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.6196114...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.619611406498128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.619611406498128
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.34350475562612104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.2648213...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.26482130812999505
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.26482130812999505
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.0984032863267712
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.4936735...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.49367357150468205
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.49367357150468205
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.6382380020366962
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.9922272...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.9922272024434944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.9922272024434944
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.06154012574807943
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.0366147...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.03661470499952624
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.03661470499952624
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.31170483438766405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.1788755...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.17887558357957767
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.17887558357957767
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.21381577950851027
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.8629936...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8629936066831336
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8629936066831336
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.8557160083537898
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.6245821...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.6245821720156401
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.6245821720156401
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
/
mc.yandex.ru/watch/56614870/SMRCP/ 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/56614870/SMRCP/?r=0.8687472616602836
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
1
mc.yandex.ru/watch/53428543/
Redirect Chain
  • https://mc.yandex.ru/watch/53428543?wmode=7&site-info={%22SMRCP%22:{%22bg.ecasus.org%22:{%22https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771%22:%22%22}}}&r=0.8175244...
  • https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8175244617880357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
last-modified
Mon, 27-Sep-2021 11:20:02 GMT
strict-transport-security
max-age=31536000
location
/watch/53428543/1?wmode=7&site-info=%7B%22SMRCP%22%3A%7B%22bg.ecasus.org%22%3A%7B%22https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771%22%3A%22%22%7D%7D%7D&r=0.8175244617880357
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Mon, 27-Sep-2021 11:20:02 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.ecasus.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ad_format%3Dinterstitial&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602067&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adks=2127426777&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1026&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3caa2ad516420bae3dee5d9fa14d09ceca1393384721edbd793a5ba14e94cdef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11491
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308194688
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2021092101.js
securepubads.g.doubleclick.net/gpt/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021092101.js?cb=31062914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
9fd2af92afd0ae90c0e88a3d73c8a71aefd3ee2e9c101829d87e93a2c757093f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14171
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 08:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 27 Sep 2021 11:20:02 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602068&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1515&adys=476&adks=192367483&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1068x-1&msz=1068x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
af035efca25535d751759333b5060a73cd91098cd85ec95ebe738515da0feed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8497
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308219592
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=580x400&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602069&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1524&adys=2157&adks=3264243033&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x-1&msz=696x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b425d81b412c43c491f30e517bc9a2d4a5d7384b7948ba77e4b3a6e08642427f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8191
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308194766
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=580x400&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602072&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1524&adys=3245&adks=387271199&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x-1&msz=696x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b2738296095466160370dced4f9219866a7988d575d94f012278fa81ed634c3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8171
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308194154
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=580x400&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602073&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1524&adys=4229&adks=1186558521&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x-1&msz=696x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ab8f653041d4088682b61db083b52b17b647e0f5e901560997e3e4065268c992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8193
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308608549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=580x400&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602075&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1524&adys=5896&adks=3577971900&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=696x-1&msz=696x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
83c4998d954026bfc94868f3adde48a64c13b39a170e6efad19ebd41e54b78c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8186
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308219610
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		459 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxntmng%2Czxntmng_optr%2Czxntmng_optr_smrcp&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602076&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=2222&adys=784&adks=2821416460&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x-1&msz=324x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
32c7bf73cc1c01f4410c0a23837c1ac484ae8892b3697d841708be64f77257e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602078&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=2222&adys=2490&adks=2853322502&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x-1&msz=324x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8c8b2f99b98589360ad971a7d028965a469996eea18833ba43208a30a5d6955d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8184
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308194637
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxnt_smrcp%2Czxnt_smrcp_id3&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602080&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=2222&adys=3637&adks=77978807&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x-1&msz=324x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f8d545ba1b46f0fc875c342080254d3051fb46bb25b8593ae101c7d591c4fd02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8185
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308219883
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=13410599762511&correlator=1581605732973917&output=ldjh&impl=fif&eid=31062914%2C31060032%2C31062931&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=41117126%2CZXNT%2Czxntmx%2Czxntmx_smrcp&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x250&cust_params=site_domen%3Dbg.ecasus.org%26site_topdomen%3Decasus.org%26site_referrer%3D%26site_hash%3D%26keywords%3D%25D0%2596%25D0%2595%25D0%259D%25D0%25A1%25D0%259A%25D0%2590%2520%25D0%259C%25D0%2590%25D0%25A1%25D0%25A2%25D0%25A3%25D0%25A0%25D0%2591%25D0%2590%25D0%25A6%25D0%2598%25D0%25AF%252017%2520%25D0%25A4%25D0%2590%25D0%259A%25D0%25A2%25D0%2590%2520%25D0%2597%25D0%2590%2520%25D0%259F%25D0%2590%25D0%259B%25D0%2590%25D0%2592%25D0%2590%25D0%25A2%25D0%2590%2520%25D0%25A2%25D0%2590%25D0%2599%25D0%259D%25D0%2590%2520%25D0%2597%25D0%2590%25D0%259F%25D0%259E%25D0%2597%25D0%259D%25D0%2590%25D0%259D%25D0%25A1%25D0%25A2%25D0%2592%25D0%2590%25202021%2520%25D0%25A2%25D0%25B5%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B0%2520%25D0%25B5%2520%25D1%2582%25D0%25B0%25D0%25B1%25D1%2583%2520%25D0%25BD%25D0%25BE%2520%25D0%25BD%25D0%25B5%2520%25D0%25BC%25D0%25B8%25D1%2581%25D0%25BB%25D0%25B5%25D1%2582%25D0%25B5%2520%26seg_id%3D21120200%26site_url%3Dhttps%253A%252F%252Fbg.ecasus.org%252Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&cookie=ID%3D23e85613db3e46ac-22dfca8461c9008f%3AT%3D1632741600%3AS%3DALNI_MYsrxlDQxv36hrPtci9iiXhFf6H_g&bc=31&abxe=1&lmt=1632741602&dt=1632741602082&dlt=1632741599329&idt=845&frm=20&biw=1600&bih=1200&oid=3&adxs=1515&adys=10227&adks=3985529550&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1068x-1&msz=1068x-1&ga_vid=1569556729.1632741600&ga_sid=1632741600&ga_hid=965969045&ga_fc=false&fws=1028&ohw=4000&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4a0a075d96835119600c4b2ed9768f51a889cc18aa9a0b0b1e099b8bf7d0bb52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8467
x-xss-protection
0
google-lineitem-id
5343082272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308219595
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=bg.ecasus.org&rs=bg.ecasus.org&sid=27005&t=1632741601&cip=216.131.114.66&sn=&tgt=0&osv=10&bv=93.0&brn=Chrome&wi=679&he=382&app=&AV_PUBLISHERID=5ac2203f073ef46a6856c7b0&test=&aafaid=&proto=https&uid=1632741601671-918721588423-005858-000-007275&cha=0.7&stagid=&stplid=&cb=20700224411&cd3=native&cd4=1101801&cd5=dabf3795-1f84-11ec-b560-d094662c1c35&cd6=11&cd1=desktop&cd2=0&d9=1000&AV_WIDTH=679&AV_HEIGHT=382
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5ac2203f073ef46a6856c7b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.230.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-230-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 27 Sep 2021 11:20:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
css2
fonts.googleapis.com/ 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 11:14:39 GMT
server
ESF
date
Mon, 27 Sep 2021 11:20:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Sep 2021 11:20:02 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 27 Sep 2021 11:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1082
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7680
x-xss-protection
0
server
cafe
etag
7151105853351230339
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:02:00 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632310961004595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 27 Sep 2021 11:20:02 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 43EE 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ad6274033c6bc74d7f476e303b6bcd7703922404e08d7c4fe477e200582a0e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39488
x-xss-protection
0
server
cafe
etag
820918808445740365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 11:20:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43EE 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39662
x-xss-protection
0
server
sffe
etag
"1632310973010379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 27 Sep 2021 11:20:02 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
413302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43EE 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstANILa-sQ1j4kPmXX07jAM_Pm-ZNyuya1cvbR_XWs6l7cwLk_UitHvecg3amAIj0YiEUQN1kg9Cy_W4jJoYt-L_ClSv_ylbE6DlqeTUAm0_DLbkaUXxeSbdrc_SwqtDv4LzDNJ_jEvJPBXgS9poIPkeT_jpWu7mfWNWt22PDzRV7YRXfT8vHKw9uw3JdaQNFD18f3NBvucjFVyps-vLJsgo9c2KYTTYGPvGcfkicdmWQHM7W7iKEEDu3AasT5_KV7OjhhTYo0oHTLqwj-xtx50CJihwSK79lLy6VoauYlBNcEyoEwdvw02H4_6ME2sOnsM&sig=Cg0ArKJSzJ2OJbvfXfZ9EAE&urlfix=1&adurl=
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ Frame 43EE 		255 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96603
x-xss-protection
0
server
cafe
etag
5043874018115547463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 11:20:02 GMT
truncated
/ Frame 43EE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5c5f6a2c2d2b577e828f983b0b958f787f94e48b6e3dc062e769e06f5b748e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 43EE 		200 B
441 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bg.ecasus.org&callback=_gfp_s_&client=ca-pub-6550413363602588&cookie=ID%3D23e85613db3e46ac%3AT%3D1632741600%3AS%3DALNI_MYZcVp8W1dvVjNFu1-x4wjmBUMdrQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e751a2e40000d863b820b03fc8e5c7aaab3ee8f8cc7b0447a1caaaacddb52254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 43EE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bg.ecasus.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
1_zxm_smrcp.html
cdn.zx-adnet.com/adx/ Frame AEA6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM%2Fzxm_smrcp&adk=2654965827&adf=816031637&pi=t.ma~as.ZXM%2Fzxm_smrcp&w=300&fwrn=3&url=htt...
  • https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14e3cdd51580b866e12a2220c5a394d1e8fd59c13cb98e2538b0cb44611e7e00
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_zxm_smrcp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"116629650762f98a899852d1fac2927a24255cc55cd210d5c68bb91774363870-br"
last-modified
Mon, 13 Sep 2021 06:21:51 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Mon, 27 Sep 2021 11:20:02 GMT
x-served-by
cache-fra19144-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1632741603.626100,VS0,VE166
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
1785

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 27 Sep 2021 11:20:02 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 43EE 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632310961004595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 27 Sep 2021 11:20:02 GMT
1_zxm_smrcp.html
cdn.zx-adnet.com/adx/ Frame 9AF0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3986629809&adf=4188749580&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Ffor...
  • https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
10 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14e3cdd51580b866e12a2220c5a394d1e8fd59c13cb98e2538b0cb44611e7e00
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
cdn.zx-adnet.com
:scheme
https
:path
/adx/1_zxm_smrcp.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.zx-adnet.com/

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"116629650762f98a899852d1fac2927a24255cc55cd210d5c68bb91774363870-br"
last-modified
Mon, 13 Sep 2021 06:21:51 GMT
strict-transport-security
max-age=31556926
x-robots-tag
noindex, nofollow, noarchive
accept-ranges
bytes
date
Mon, 27 Sep 2021 11:20:02 GMT
x-served-by
cache-fra19144-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1632741603.990646,VS0,VE0
vary
accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-length
1785

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
location
https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 27 Sep 2021 11:20:02 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
optad360.js
serving.stat-rock.com/player/ 		307 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:02 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 07:45:44 GMT
server
nginx
etag
W/"6135c728-4caf3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1b95f93c25425ef8db6c8928209f653557d43e6b8c00b415be4ed3f35eeb9251
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:02 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a2150c26-b923-4b66-8dd5-8168859b10a3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://bg.ecasus.org
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ 		5 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkyMDQyOCZ0cmFuc2FjdGlvbklkPTExMjAyNzZlLTVhYjYtNGYxOS04ZGQ0LTgwZGNjYTY4ZTMwNCZyY3VyPVBMTg%3D%3D&pt=gross&stid=9bee82c1-8a5e-475f-b446-2d8afd1a02b9&gdpr=0&gdpr_consent=undefined&fd=1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bg.ecasus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://bg.ecasus.org
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
5
expires
-1
ads
googleads.g.doubleclick.net/pagead/ Frame ED9D 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Requested by
Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/1_zxm_smrcp.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ea251a187058fefa3ff831991e25372f960173a29a57f2b84702d0c495c02244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.zx-adnet.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDWJnBzE9f3fAkS5t31jjGq3NUE1Gkba4SqZbLjPbk2a56feXnCv1FFAPdbr8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.zx-adnet.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 27 Sep 2021 11:20:03 GMT
server
cafe
content-length
8368
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
female-masturbation-17-facts-about-the-naughty-secret-1771
bg.ecasus.org/ 		79 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f62e44e6c931b7db3695b45c082c0f934cfadc39f43fe0ee8306fe27d9eb150
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/female-masturbation-17-facts-about-the-naughty-secret-1771
pragma
no-cache
cookie
__oagr=true; _ym_uid=1632741600358184743; _ym_d=1632741600; __atuvc=1%7C39; __atuvs=6151a8df8f3018ca000; _ym_isad=2; _pbjs_userid_consent_data=6683316680106290; cto_bidid=V_VJr18wYmVWeU81QXhPcmU5UWJNZ0REN09FdkdSa0xXSWZ3Q3dud0JIVFlWUjFhUUZWMVRiRllSdnY3bFE2NUFBSEtNdlR4a2ZQZXlxUTcySXhhaGUlMkY4ZUhnJTNEJTNE; cto_bundle=pFVEUF9qUUsyWFklMkZyYUNoRThCRFpwUzQlMkJ5VGJrY0ZFeVFSQVhRUHZDWEx4WnJqQWhqQUElMkZvOEclMkZSUkxIWmNJS2dUa1lrQ3JQM0RuRVRTcGNSNW1nU0FGOXhJN1ZDeGg5ZE5TdjVsbkl2QUE3b0ZyVjNUZDlhYSUyRk1JRHp3TW95WjhQOGs; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600834%7D%2C%22C1101801%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600850%7D%7D; __gads=ID=23e85613db3e46ac:T=1632741600:S=ALNI_MYZcVp8W1dvVjNFu1-x4wjmBUMdrQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
bg.ecasus.org
referer
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y49KHWY0%2Fj3ZXAjAjIEUjoX2KFvbwDdioQmAmUomg%2FvJuoHgNPLi7O9z9jAGm8cVAQcDbFVtruLzduQfh2vlik3PvRAcJ7c38f%2BK45BVhLFAfj00O1MYA0IcaQtoa2wp"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6954572bfb95f9de-PRG
expires
Tue, 28 Sep 2021 11:20:03 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632741603169.0112&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&t=211&v=96&width=528&z=p%3Adf%3Bv%3AinView%3B&r=0.9030257109125874
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:03 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632741603169.0112&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&t=216&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2177298843397224
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:03 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
female-masturbation-17-facts-about-the-naughty-secret-1771
bg.ecasus.org/ 		79 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.80.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f62e44e6c931b7db3695b45c082c0f934cfadc39f43fe0ee8306fe27d9eb150
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/female-masturbation-17-facts-about-the-naughty-secret-1771
pragma
no-cache
cookie
__oagr=true; _ym_uid=1632741600358184743; _ym_d=1632741600; __atuvc=1%7C39; __atuvs=6151a8df8f3018ca000; _ym_isad=2; _pbjs_userid_consent_data=6683316680106290; cto_bidid=V_VJr18wYmVWeU81QXhPcmU5UWJNZ0REN09FdkdSa0xXSWZ3Q3dud0JIVFlWUjFhUUZWMVRiRllSdnY3bFE2NUFBSEtNdlR4a2ZQZXlxUTcySXhhaGUlMkY4ZUhnJTNEJTNE; cto_bundle=pFVEUF9qUUsyWFklMkZyYUNoRThCRFpwUzQlMkJ5VGJrY0ZFeVFSQVhRUHZDWEx4WnJqQWhqQUElMkZvOEclMkZSUkxIWmNJS2dUa1lrQ3JQM0RuRVRTcGNSNW1nU0FGOXhJN1ZDeGg5ZE5TdjVsbkl2QUE3b0ZyVjNUZDlhYSUyRk1JRHp3TW95WjhQOGs; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600834%7D%2C%22C1101801%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600850%7D%7D; __gads=ID=23e85613db3e46ac:T=1632741600:S=ALNI_MYZcVp8W1dvVjNFu1-x4wjmBUMdrQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
bg.ecasus.org
referer
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxMymjgAC1zQppSBPhhPo68FT9tEr1yYf%2BAxXquxTRVrWi%2B9IdHeueGblKB1zBqCgJNPpZ2%2Ff4GCYDXESXUZIVIsU3EK%2Fbc48ZUvvTNjW81IfcORkw0giFHDTzUfCkwx"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6954572c6bdaf9de-PRG
expires
Tue, 28 Sep 2021 11:20:03 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632741603169.0112&type=REQUEST&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&t=287&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.7038915568104354
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:03 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED9D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkJR9hkIVEJgABN1hxeaD_mLXulODwSSqX25cgcjbaEis_f9JvBNFH-ze4C_A79HrW-6RU4q6-ivTuY45qK5J-Y0MT94mMHli-uOX-E2VY_nwYH30
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame ED9D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:18:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ED9D 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39662
x-xss-protection
0
server
sffe
etag
"1632310973010379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Mon, 27 Sep 2021 11:20:03 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame ED9D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:04:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 728A 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDWJnBzE9f3fAkS5t31jjGq3NUE1Gkba4SqZbLjPbk2a56feXnCv1FFAPdbr8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 27 Sep 2021 11:20:03 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame ED9D 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbwMIDPyNrd5KmkB6mfDuJpR0-QCVhrPvyLv-DJyzFJ85jOfwL3dbzvfjElQ-DJVruMe4ZUeKzatTN0zj8TFO-ddyV8PB4dVNHWa0u1JK81nkcXw7BSFh-fzN4CVbRoziYl9Y8Pqhu4c1vHLDhkWBoOAzpTg&dbm_d=AKAmf-CdjpgQDveL2tEoyGHeK3-cBROS3_ZN_1mmnJJJOH5Lobw68HfMKM6WReCe2g63Vbp0Rptr3rJx5-8dNAeAfEYPNQvq1ge8tGjkxklaOkmByJ8wUmp_1Zz5L0uFICOGZdykpmGbdBgHOnlF8n4S4fhyOSTyqg-cYEkTJt06-WkWfdVB575TAv6WvDswWGANzB18kyV6X-R906GAPmp1OWjr3b4UY-Bs1zgHsXut84V-YF10iQkqUfWo6blwzzQcYNlSMVuRzwXhD5CEg5gj8KeLEsDdaDVGTHBnUizzZ1S2BgNu3xVvULZhilTAVHV19lgJsm8OcQ9BFJpWveUeFYqJl1QUxNpnp0Ej1Kpz1ca839eEwDc-htpdcjVo-Z1T0VVn_-qQRQ0rlN2CMfJ4W_m_m9HSmcCMcj5Rq8La6ICc60Xsk61i0sEqkIV4BzRezPLcQj13xrCG1Oyerrm3580WaPFX7qCUEd_AgcJmwjBqppDIWnpn6KNL9JnY8R1RccdmXKj67ftPduuYfbOYJip1VHjMNB1edrbGARBpUMlkkgFKVReD4VbYD3fHEbZrtoo3lEouXNUfHkDolWGz-Oj5v4q6kCazG3NC5Ha-iUasOdwVwTw2wlEZwWJIflt1hlc1OaLUSzgvHe0yp2ZnRmrzyNvgtnMWXj9npt_wpjsMui5_G0oc_DDWEY3OCV3knQyQkUtP-0Z0Avm2Gf8HBfTtOBw5mkYgYQGl71FlOqLmfwAERQHKjVyMiXm7RRl1wV0dgN-bnIsIkDaXHZ3Bz-k4YEHl1QRCrjdy9bgvEH2lD2EEtu269bJz2KEhiTZMSSXFuSX16dj6NV0Qtmce1ZYEyi2tjiKhmsR34F3VdtCr43GO6UNcGPlTjv5c2Jw5pBLkP-8FlWZsYgqvpOZvkP5on6K1ssVpFn4ggywJq7FAkeBdpuNeqDX678swbpmeNfHY1aKOI4VU-9MH7rRYV4bO4GGpWyqTqDCxaUH85GVu5_DFfzL7a0z24LO4A4pEMNEdo3XMmxmT0sE7oxX_0IEX2FNRx80RRyt5QmkNtcFnOAW-38EXAFivRDF6ClYGSruuhMa6QMLKRhNEAHYGoYITvwDjBSKQAePmzikxDR_6Y4P9yX8G9R1tfGaPRvIQQqAc2QF7B_iYCW87nyDCf2fBgkUkSupWbJIIXRgpPr0zHPJjqFdZwDo5gmqpYGbGUEoXRhRUtPzEAIiBfHuUlVpTrD6A5R-5FpZ1ApIH0qr_FRi1pTjR1CpUGttBZ9q4_oV_6mh_GeU0NEuOhxaRGO_AfV_9LQWCf42y_Q1aIfidy9Lx8IuLkmEs5QF3b5d-SoEJar0-A0kk0mscOXrw3pBtI_AyyhxM3O2YLDuUb4SfNTnkIIdyFnDswwSybOyEiyJRS9RT8Iu3ZJIA6PZhfT3d2IRg_IPUVm3xMdraQgBy0hzIwryEa76wHodN4dqO8a_eRPnOjHwVC7i5Jhg16IKL5cjSyXzKoRMSCAXcw2tXiQD0lKC-1vDCAYihJBAEA1EGGzMlHICc2zab_Mrzw83GeEB5Ar4MupDvgjnF_5bN5V7jN91woOeA3mTD1rXPKVTN_5MygdBp612sxK0JdiDm-Sq6UjdhCBUQ8sEOw_gJDg8qAwoexj8Mx2sGsG3EIno8DKJKkbnhyHJTEYmsFwye9TM5ab7v3nIFPfQAyXslXMysKbtdrpwkNnTdlCrOL4zdDFdxvp9YCqxXdCNYnifbq2qKVzHwkkberOYiOKRQQ68wVLyuB-ye6PyvGW-q2E1Alc2VJDIsBM_VDVY5C0uaBNpQ1tVUIPP1mFqF8mu8sK-pjD2jCkOh7k5sD379ehGfKddMn9WPBAjoi5V-bxSXv9Z1qy4devWgS7J1INf0HT6SC2lumhLt5S_U3Kw6REcUPIZuCl9IQlKlN2SkPgMpA-2jfqet9DtoEtUHrZeNI4xNNDXinmS_dl5xYDJCUuoKNkMUlOvfkKuDAvbItW5HouVNn7eP0_dI4Fi8Ss2SfMHZyxCMrPUhTFZJMqYX5Th-C2tEjxx-LxkH_faPxIeCT8QAb23KzRMalVelZ2F3SpTrU5y-aS69O0_0Dmr0k0-aRODDEfZoBxuMi1YZFBgbBfgww9Gn1k1jD3OWlJ6-LoJjWqHzMs7AdNY4SJQCA0Im5zASrW9MC_JoXj3FaFJG0-5_pjnWQkIZzRlMCVQwfzes5pKPMvZ9KqJgCqlCirVXU3B7YAw7ANpetv1LYf7dNstDumdci-AqXC3Tcq2BFxD6NmpWWQxMHn3_LOfxo8LJR8xDJywbnW3ezWR315up45AbL2ZcQfNClSnCikHJxLKp7n78xVo2CwXLCBt8_8YhBu4J_F_1QqJkxTcoHwVPHgYsq9eQK4W0CmCi94yRvcHcJXqkUFqqo56psfgGQz57QkAQWxY78SCKOMUJuKvYHPO9UZ58kXTyuXMC29MKI4KmG_mcWo0gosqxVnf4G-GOQEbTetRELOSuqYqSi1RgR9X4RZ8wuGq5f5noSQT7PSX6QSGfTuAm3PYBmsvAmOfJaFVUCFVVrxrjaZec_iZBoe637HlChZLP1oMj_mfDdm8VmQkmqwWcy6M3z0CZ33hC4P1p_RRDwbn5ItfPvOHS2Q4bIMLxmMPlsSfHIp3LbrTWf3HMWgMcAERXD84oKoGdlC_IiZlbXKXeQBXLJFqZcloSW6GEh0vPk5w0vhvPQucU1h_euwvLCto9MGwGMOuCOG3sFsXChNFscj8YeSYgLwERofs2kgjiiXvle9DlzvKZDdKmvsnHXCYEADkYZEdZ0Rq4c6y6FAMBnmPxpu89fEq2_F6bMOrJPcZnOb5X75EEKwGMajc-6AqH73Wy2uLGPRHZuxW6hF4lofQjT7OiAslgmqftnpxdsAIQkFL3oyZM5NEUz1ByFZM-AS_jLLvj2iP6&cid=CAASEuRozAw_62lUJnHXauecJ5z3Sw&rfl=4%2Chttps%253A%252F%252Fbg.ecasus.org%242%2C%2C%2Chttps%253A%252F%252Fcdn.zx-adnet.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9ae488266656537af5cb084065381fd62ab7c2a5f864cc7c153b519e5bad75ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1632741603169.0112&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&t=342&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.005699556702533082
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:03 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?d=1&id=1632741603169.0112&type=OPPORTUNITY&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fbg.ecasus.org%2Ffemale-masturbation-17-facts-about-the-naughty-secret-1771&t=343&v=96&width=528&z=p%3Adf%3Bv%3AinView%3Bc%3Avast%3Bt%3Aurl%3B&r=0.2897303101711042
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.140.185.32 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
ap8.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://bg.ecasus.org/
Origin
https://bg.ecasus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://bg.ecasus.org
date
Mon, 27 Sep 2021 11:20:03 GMT
srvf
78.140.185.32
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 728A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 27 Sep 2021 11:20:03 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Mon, 27 Sep 2021 11:20:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 728A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVGo44H3nm.CPk5c9fuCKgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 27 Sep 2021 11:20:03 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgvxXDynfmJHt2g-a2CcXQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 728A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGYpkAYLGR4_rdVQvcMoNAI&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGYpkAYLGR4_rdVQvcMoNAI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
536712ac-6207-4e9f-bb26-4582865efc9d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGYpkAYLGR4_rdVQvcMoNAI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 728A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMzc1MTI1NzQ3OTI3MTI1Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMzc1MTI1NzQ3OTI3MTI1Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQ7pTJ6wEYi7WIrgEwAQ&v=APEucNVVowBs4K7uc1b6MLladh9iLbc6mcTNN9k3EgdarMj0rlSDzP3ZvzyVz_r5nD8G94oFykFzsBvoXftNaABxoxQ8SZMiiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5d3e2947-5930-408a-b35a-6da33f3ee45f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQzMzc1MTI1NzQ3OTI3MTI1Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame ED9D 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Sep 2021 10:09:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame ED9D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbwMIDPyNrd5KmkB6mfDuJpR0-QCVhrPvyLv-DJyzFJ85jOfwL3dbzvfjElQ-DJVruMe4ZUeKzatTN0zj8TFO-ddyV8PB4dVNHWa0u1JK81nkcXw7BSFh-fzN4CVbRoziYl9Y8Pqhu4c1vHLDhkWBoOAzpTg&dbm_d=AKAmf-CdjpgQDveL2tEoyGHeK3-cBROS3_ZN_1mmnJJJOH5Lobw68HfMKM6WReCe2g63Vbp0Rptr3rJx5-8dNAeAfEYPNQvq1ge8tGjkxklaOkmByJ8wUmp_1Zz5L0uFICOGZdykpmGbdBgHOnlF8n4S4fhyOSTyqg-cYEkTJt06-WkWfdVB575TAv6WvDswWGANzB18kyV6X-R906GAPmp1OWjr3b4UY-Bs1zgHsXut84V-YF10iQkqUfWo6blwzzQcYNlSMVuRzwXhD5CEg5gj8KeLEsDdaDVGTHBnUizzZ1S2BgNu3xVvULZhilTAVHV19lgJsm8OcQ9BFJpWveUeFYqJl1QUxNpnp0Ej1Kpz1ca839eEwDc-htpdcjVo-Z1T0VVn_-qQRQ0rlN2CMfJ4W_m_m9HSmcCMcj5Rq8La6ICc60Xsk61i0sEqkIV4BzRezPLcQj13xrCG1Oyerrm3580WaPFX7qCUEd_AgcJmwjBqppDIWnpn6KNL9JnY8R1RccdmXKj67ftPduuYfbOYJip1VHjMNB1edrbGARBpUMlkkgFKVReD4VbYD3fHEbZrtoo3lEouXNUfHkDolWGz-Oj5v4q6kCazG3NC5Ha-iUasOdwVwTw2wlEZwWJIflt1hlc1OaLUSzgvHe0yp2ZnRmrzyNvgtnMWXj9npt_wpjsMui5_G0oc_DDWEY3OCV3knQyQkUtP-0Z0Avm2Gf8HBfTtOBw5mkYgYQGl71FlOqLmfwAERQHKjVyMiXm7RRl1wV0dgN-bnIsIkDaXHZ3Bz-k4YEHl1QRCrjdy9bgvEH2lD2EEtu269bJz2KEhiTZMSSXFuSX16dj6NV0Qtmce1ZYEyi2tjiKhmsR34F3VdtCr43GO6UNcGPlTjv5c2Jw5pBLkP-8FlWZsYgqvpOZvkP5on6K1ssVpFn4ggywJq7FAkeBdpuNeqDX678swbpmeNfHY1aKOI4VU-9MH7rRYV4bO4GGpWyqTqDCxaUH85GVu5_DFfzL7a0z24LO4A4pEMNEdo3XMmxmT0sE7oxX_0IEX2FNRx80RRyt5QmkNtcFnOAW-38EXAFivRDF6ClYGSruuhMa6QMLKRhNEAHYGoYITvwDjBSKQAePmzikxDR_6Y4P9yX8G9R1tfGaPRvIQQqAc2QF7B_iYCW87nyDCf2fBgkUkSupWbJIIXRgpPr0zHPJjqFdZwDo5gmqpYGbGUEoXRhRUtPzEAIiBfHuUlVpTrD6A5R-5FpZ1ApIH0qr_FRi1pTjR1CpUGttBZ9q4_oV_6mh_GeU0NEuOhxaRGO_AfV_9LQWCf42y_Q1aIfidy9Lx8IuLkmEs5QF3b5d-SoEJar0-A0kk0mscOXrw3pBtI_AyyhxM3O2YLDuUb4SfNTnkIIdyFnDswwSybOyEiyJRS9RT8Iu3ZJIA6PZhfT3d2IRg_IPUVm3xMdraQgBy0hzIwryEa76wHodN4dqO8a_eRPnOjHwVC7i5Jhg16IKL5cjSyXzKoRMSCAXcw2tXiQD0lKC-1vDCAYihJBAEA1EGGzMlHICc2zab_Mrzw83GeEB5Ar4MupDvgjnF_5bN5V7jN91woOeA3mTD1rXPKVTN_5MygdBp612sxK0JdiDm-Sq6UjdhCBUQ8sEOw_gJDg8qAwoexj8Mx2sGsG3EIno8DKJKkbnhyHJTEYmsFwye9TM5ab7v3nIFPfQAyXslXMysKbtdrpwkNnTdlCrOL4zdDFdxvp9YCqxXdCNYnifbq2qKVzHwkkberOYiOKRQQ68wVLyuB-ye6PyvGW-q2E1Alc2VJDIsBM_VDVY5C0uaBNpQ1tVUIPP1mFqF8mu8sK-pjD2jCkOh7k5sD379ehGfKddMn9WPBAjoi5V-bxSXv9Z1qy4devWgS7J1INf0HT6SC2lumhLt5S_U3Kw6REcUPIZuCl9IQlKlN2SkPgMpA-2jfqet9DtoEtUHrZeNI4xNNDXinmS_dl5xYDJCUuoKNkMUlOvfkKuDAvbItW5HouVNn7eP0_dI4Fi8Ss2SfMHZyxCMrPUhTFZJMqYX5Th-C2tEjxx-LxkH_faPxIeCT8QAb23KzRMalVelZ2F3SpTrU5y-aS69O0_0Dmr0k0-aRODDEfZoBxuMi1YZFBgbBfgww9Gn1k1jD3OWlJ6-LoJjWqHzMs7AdNY4SJQCA0Im5zASrW9MC_JoXj3FaFJG0-5_pjnWQkIZzRlMCVQwfzes5pKPMvZ9KqJgCqlCirVXU3B7YAw7ANpetv1LYf7dNstDumdci-AqXC3Tcq2BFxD6NmpWWQxMHn3_LOfxo8LJR8xDJywbnW3ezWR315up45AbL2ZcQfNClSnCikHJxLKp7n78xVo2CwXLCBt8_8YhBu4J_F_1QqJkxTcoHwVPHgYsq9eQK4W0CmCi94yRvcHcJXqkUFqqo56psfgGQz57QkAQWxY78SCKOMUJuKvYHPO9UZ58kXTyuXMC29MKI4KmG_mcWo0gosqxVnf4G-GOQEbTetRELOSuqYqSi1RgR9X4RZ8wuGq5f5noSQT7PSX6QSGfTuAm3PYBmsvAmOfJaFVUCFVVrxrjaZec_iZBoe637HlChZLP1oMj_mfDdm8VmQkmqwWcy6M3z0CZ33hC4P1p_RRDwbn5ItfPvOHS2Q4bIMLxmMPlsSfHIp3LbrTWf3HMWgMcAERXD84oKoGdlC_IiZlbXKXeQBXLJFqZcloSW6GEh0vPk5w0vhvPQucU1h_euwvLCto9MGwGMOuCOG3sFsXChNFscj8YeSYgLwERofs2kgjiiXvle9DlzvKZDdKmvsnHXCYEADkYZEdZ0Rq4c6y6FAMBnmPxpu89fEq2_F6bMOrJPcZnOb5X75EEKwGMajc-6AqH73Wy2uLGPRHZuxW6hF4lofQjT7OiAslgmqftnpxdsAIQkFL3oyZM5NEUz1ByFZM-AS_jLLvj2iP6&cid=CAASEuRozAw_62lUJnHXauecJ5z3Sw&rfl=4%2Chttps%253A%252F%252Fbg.ecasus.org%242%2C%2C%2Chttps%253A%252F%252Fcdn.zx-adnet.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3143
x-xss-protection
0
server
cafe
etag
2416364338287085106
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:11:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame ED9D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbwMIDPyNrd5KmkB6mfDuJpR0-QCVhrPvyLv-DJyzFJ85jOfwL3dbzvfjElQ-DJVruMe4ZUeKzatTN0zj8TFO-ddyV8PB4dVNHWa0u1JK81nkcXw7BSFh-fzN4CVbRoziYl9Y8Pqhu4c1vHLDhkWBoOAzpTg&dbm_d=AKAmf-CdjpgQDveL2tEoyGHeK3-cBROS3_ZN_1mmnJJJOH5Lobw68HfMKM6WReCe2g63Vbp0Rptr3rJx5-8dNAeAfEYPNQvq1ge8tGjkxklaOkmByJ8wUmp_1Zz5L0uFICOGZdykpmGbdBgHOnlF8n4S4fhyOSTyqg-cYEkTJt06-WkWfdVB575TAv6WvDswWGANzB18kyV6X-R906GAPmp1OWjr3b4UY-Bs1zgHsXut84V-YF10iQkqUfWo6blwzzQcYNlSMVuRzwXhD5CEg5gj8KeLEsDdaDVGTHBnUizzZ1S2BgNu3xVvULZhilTAVHV19lgJsm8OcQ9BFJpWveUeFYqJl1QUxNpnp0Ej1Kpz1ca839eEwDc-htpdcjVo-Z1T0VVn_-qQRQ0rlN2CMfJ4W_m_m9HSmcCMcj5Rq8La6ICc60Xsk61i0sEqkIV4BzRezPLcQj13xrCG1Oyerrm3580WaPFX7qCUEd_AgcJmwjBqppDIWnpn6KNL9JnY8R1RccdmXKj67ftPduuYfbOYJip1VHjMNB1edrbGARBpUMlkkgFKVReD4VbYD3fHEbZrtoo3lEouXNUfHkDolWGz-Oj5v4q6kCazG3NC5Ha-iUasOdwVwTw2wlEZwWJIflt1hlc1OaLUSzgvHe0yp2ZnRmrzyNvgtnMWXj9npt_wpjsMui5_G0oc_DDWEY3OCV3knQyQkUtP-0Z0Avm2Gf8HBfTtOBw5mkYgYQGl71FlOqLmfwAERQHKjVyMiXm7RRl1wV0dgN-bnIsIkDaXHZ3Bz-k4YEHl1QRCrjdy9bgvEH2lD2EEtu269bJz2KEhiTZMSSXFuSX16dj6NV0Qtmce1ZYEyi2tjiKhmsR34F3VdtCr43GO6UNcGPlTjv5c2Jw5pBLkP-8FlWZsYgqvpOZvkP5on6K1ssVpFn4ggywJq7FAkeBdpuNeqDX678swbpmeNfHY1aKOI4VU-9MH7rRYV4bO4GGpWyqTqDCxaUH85GVu5_DFfzL7a0z24LO4A4pEMNEdo3XMmxmT0sE7oxX_0IEX2FNRx80RRyt5QmkNtcFnOAW-38EXAFivRDF6ClYGSruuhMa6QMLKRhNEAHYGoYITvwDjBSKQAePmzikxDR_6Y4P9yX8G9R1tfGaPRvIQQqAc2QF7B_iYCW87nyDCf2fBgkUkSupWbJIIXRgpPr0zHPJjqFdZwDo5gmqpYGbGUEoXRhRUtPzEAIiBfHuUlVpTrD6A5R-5FpZ1ApIH0qr_FRi1pTjR1CpUGttBZ9q4_oV_6mh_GeU0NEuOhxaRGO_AfV_9LQWCf42y_Q1aIfidy9Lx8IuLkmEs5QF3b5d-SoEJar0-A0kk0mscOXrw3pBtI_AyyhxM3O2YLDuUb4SfNTnkIIdyFnDswwSybOyEiyJRS9RT8Iu3ZJIA6PZhfT3d2IRg_IPUVm3xMdraQgBy0hzIwryEa76wHodN4dqO8a_eRPnOjHwVC7i5Jhg16IKL5cjSyXzKoRMSCAXcw2tXiQD0lKC-1vDCAYihJBAEA1EGGzMlHICc2zab_Mrzw83GeEB5Ar4MupDvgjnF_5bN5V7jN91woOeA3mTD1rXPKVTN_5MygdBp612sxK0JdiDm-Sq6UjdhCBUQ8sEOw_gJDg8qAwoexj8Mx2sGsG3EIno8DKJKkbnhyHJTEYmsFwye9TM5ab7v3nIFPfQAyXslXMysKbtdrpwkNnTdlCrOL4zdDFdxvp9YCqxXdCNYnifbq2qKVzHwkkberOYiOKRQQ68wVLyuB-ye6PyvGW-q2E1Alc2VJDIsBM_VDVY5C0uaBNpQ1tVUIPP1mFqF8mu8sK-pjD2jCkOh7k5sD379ehGfKddMn9WPBAjoi5V-bxSXv9Z1qy4devWgS7J1INf0HT6SC2lumhLt5S_U3Kw6REcUPIZuCl9IQlKlN2SkPgMpA-2jfqet9DtoEtUHrZeNI4xNNDXinmS_dl5xYDJCUuoKNkMUlOvfkKuDAvbItW5HouVNn7eP0_dI4Fi8Ss2SfMHZyxCMrPUhTFZJMqYX5Th-C2tEjxx-LxkH_faPxIeCT8QAb23KzRMalVelZ2F3SpTrU5y-aS69O0_0Dmr0k0-aRODDEfZoBxuMi1YZFBgbBfgww9Gn1k1jD3OWlJ6-LoJjWqHzMs7AdNY4SJQCA0Im5zASrW9MC_JoXj3FaFJG0-5_pjnWQkIZzRlMCVQwfzes5pKPMvZ9KqJgCqlCirVXU3B7YAw7ANpetv1LYf7dNstDumdci-AqXC3Tcq2BFxD6NmpWWQxMHn3_LOfxo8LJR8xDJywbnW3ezWR315up45AbL2ZcQfNClSnCikHJxLKp7n78xVo2CwXLCBt8_8YhBu4J_F_1QqJkxTcoHwVPHgYsq9eQK4W0CmCi94yRvcHcJXqkUFqqo56psfgGQz57QkAQWxY78SCKOMUJuKvYHPO9UZ58kXTyuXMC29MKI4KmG_mcWo0gosqxVnf4G-GOQEbTetRELOSuqYqSi1RgR9X4RZ8wuGq5f5noSQT7PSX6QSGfTuAm3PYBmsvAmOfJaFVUCFVVrxrjaZec_iZBoe637HlChZLP1oMj_mfDdm8VmQkmqwWcy6M3z0CZ33hC4P1p_RRDwbn5ItfPvOHS2Q4bIMLxmMPlsSfHIp3LbrTWf3HMWgMcAERXD84oKoGdlC_IiZlbXKXeQBXLJFqZcloSW6GEh0vPk5w0vhvPQucU1h_euwvLCto9MGwGMOuCOG3sFsXChNFscj8YeSYgLwERofs2kgjiiXvle9DlzvKZDdKmvsnHXCYEADkYZEdZ0Rq4c6y6FAMBnmPxpu89fEq2_F6bMOrJPcZnOb5X75EEKwGMajc-6AqH73Wy2uLGPRHZuxW6hF4lofQjT7OiAslgmqftnpxdsAIQkFL3oyZM5NEUz1ByFZM-AS_jLLvj2iP6&cid=CAASEuRozAw_62lUJnHXauecJ5z3Sw&rfl=4%2Chttps%253A%252F%252Fbg.ecasus.org%242%2C%2C%2Chttps%253A%252F%252Fcdn.zx-adnet.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:16:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9237
x-xss-protection
0
server
cafe
etag
9463376652360951579
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Oct 2021 11:16:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ED9D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 10:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 27 Sep 2022 10:16:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5178 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 27 Sep 2021 08:58:57 GMT
expires
Tue, 28 Sep 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8466
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame ED9D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2874fdb525a55a4f16cbd53e137d1333883b1664fca1b400743f821f2d239c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F339 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 27 Sep 2021 10:27:15 GMT
expires
Tue, 27 Sep 2022 10:27:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5178
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1&google_push=AYg5qPIrD5ybgpSsH0b3Rh-IPXgsuDtXrtA7jLQzKHi_eYwhxUXzpJaEKEtvcADAmAk68WUtgMaX1VKmTn3Q2yNb5ao5k_bCcOA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAyNDI5NzM2NjU3NzIxMDQ0NA==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEOgAV6fMEk7VzhCGD9-W8a8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDt7q3yzdiHmOiSyARHQXhg&google_cver=1&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LL_uWf73RwKPdmQE-zm_6Q2&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU86Akz5EuPOF4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LL_uWf73RwKPdmQE-zm_6Q2&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU86Akz5EuPOF4
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Sep 2021 11:20:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LL_uWf73RwKPdmQE-zm_6Q2&google_push=AYg5qPJgCzhLP6RBw77EJ3aYnDK03IWk00r9Ln2CySlmE4sKSw04CT8PwzF5M1xWlo17q68_ALhR7gkWaWUgIaGU86Akz5EuPOF4
x-host
tde-deliveryengine-production-7f8fcb5db4-jkvnf
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJrp81VTkOHGyCU4mbWiJa0&google_cver=1&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbA...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=ae7951f7-b430-4a0e-9346-ebccd3fa0845&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbAtKC3ot0Q&google_hm=G7O1-BZATpWDLw4PWzspEw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbAtKC3ot0Q&google_hm=G7O1-BZATpWDLw4PWzspEw==
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIMm5AG26_LFpc7w9aK1yuDTmbSmXbPGtdNHVbchX1DgHGO4WAEw_yTmmOD84SGpRIeNjZXmBs8nG03un2D1dbAtKC3ot0Q&google_hm=G7O1-BZATpWDLw4PWzspEw==
date
Mon, 27 Sep 2021 11:20:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMFlnJRpx1FFWKssycln_EI&google_cver=1&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1cU...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MTI1NjQxNzUxMzAzMzA5OA&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MTI1NjQxNzUxMzAzMzA5OA&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1cUYSQrmtYv-ZCV5oAQkW-O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1MTI1NjQxNzUxMzAzMzA5OA&google_push=AYg5qPJr-z4m6blKye4_Ro8buxTVm0XJGYxKlh0LmF0qntttE5GM0cs_yuvnpi0gv0lvuS8mMpwoo1cUYSQrmtYv-ZCV5oAQkW-O
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEP8tHCHPCpfOt97Izv_MjQA&google_cver=1&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ1...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FemVCiPnRRlJWVTqOsBUqdiDckI&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FemVCiPnRRlJWVTqOsBUqdiDckI&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ1h5BKRNEp4dd2Q
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=FemVCiPnRRlJWVTqOsBUqdiDckI&google_push=AYg5qPKCtZTFfXcvCCQxVQpzqTpddhBuhc5pFvaFQ6W1RXEJJf--bndxtbJmbyyGYiRtnUzJdhoAJzsLOoS-kZ1h5BKRNEp4dd2Q
Date
Mon, 27 Sep 2021 11:20:03 GMT
Connection
keep-alive
Content-Length
242
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEi...
0
0
pixel
cm.g.doubleclick.net/ Frame 5178
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGXE_OBvsmId2LloOc_IpvA&google_cver=1&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQLl4CiOCBhjHNcTsWH880Rc&google_hm=ODE5OTE5ND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQLl4CiOCBhjHNcTsWH880Rc&google_hm=ODE5OTE5NDA2MjY3MDQzMjM0OQ%3D%3D
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIs5RVxO_JqIXS6Jc4Clm-qKctht98MiJ2GlP-UQDvJrg5iiV5MGwZC5j_2TCAsXgIAYbKRlQLl4CiOCBhjHNcTsWH880Rc&google_hm=ODE5OTE5NDA2MjY3MDQzMjM0OQ%3D%3D
date
Mon, 27 Sep 2021 11:20:03 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5178 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYQNzCzExwyhH6XpcioXgE9OHyqraYwLfqsXSc44O0oyYZs2FOK7V__y_Bo0OzszZL-pLX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6550413363602588&output=html&h=250&slotname=ZXM/zxm_smrcp&adk=3542187154&adf=4188749677&w=300&guci=2.2.0.0.2.2.0.0&url=https%3A%2F%2Fworldtourismgroup.com%2F&ea=0&flash=0&wgl=1&adsid=ChEI8Ofw7AUQoffkn4u3-YW1ARJMAEr-9XCvDRWInuBbShMcF2PGrArekiCrPPfIKiQS3fE3Q1O0fhAXlwJJ7UdZCv2CdJ0CdW04m0TADFQSSbS3qJwNJ2VVxWuFouOqvw&dt=1570522745897&bpp=40&bdt=75&fdt=159&idt=160&shv=r20191003&cbv=r20190131&saldr=sa&correlator=8707041136288&frm=23&ife=1&pv=1&ga_vid=365402728.1570522746&ga_sid=1570522746&ga_hid=232122425&ga_fc=0&iag=3&icsg=42&nhd=1&dssz=4&mdo=0&mso=0&u_tz=180&u_his=2&u_java=0&u_h=864&u_w=1536&u_ah=740&u_aw=1536&u_cd=24&u_nplug=3&u_nmime=4&adx=16&ady=55&biw=633&bih=670&isw=601&ish=534&ifk=3272065120&scr_x=0&scr_y=0&eid=182982000%2C182982200%2C20040011&oid=2&pvsid=1848541752967834&pem=512&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C740%2C601%2C550&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&jar=2019-10-08-07&ifi=1&uci=1.xbtgg2o437b4&fsb=1&p=https%3A%2F%2Fworldtourismgroup.com%2F&dtd=183&0.4771533722176855
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/10311819/1624627736941/ Frame 84EC 		64 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10311819/1624627736941/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
2b81e82518ec20ea7ea198a646517c21e014c312df1c4019202637f44c255ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10311819/1624627736941/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
18088
date
Mon, 27 Sep 2021 02:22:34 GMT
expires
Tue, 28 Sep 2021 02:22:34 GMT
last-modified
Fri, 25 Jun 2021 13:28:56 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
32249
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame ED9D 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszOcY74p_jqshh_qUl7P16VZeflzuROgcdss2TSl3e5Z3lCxjBNJRlDwJ6WeTtcVt4PwcMj9uEtgvf6nz6EaiUaNG0T8KTRfmU2TxnetSMDYHYWsVpjKfG7zjay6aMH3DaUvw2G1SPK8fInxhN18HU0khveCjPZRduK3qLPA_NTf-PWMFC8A0nwLDHrt7iZ26cjSeSeZ16MFofrZe43v6AkblhP1GS6amEal3JWESORqh8miFB-PgauJIha_hkW8bMQkjWbg3jPZuS4wn3SpT3q0JRdVqZKSi53QD4KgP_IZc5dMavusGSXvANmLdlLKSaGJLNs_Ym-m8egGCG79Z29TmBfpQRLsZnb8AWHnLDZwlmpLu0pjgcleKcXKqK4_yQozoUt06ELh0BUJjLllIKD0k8KttBIUHTzvfrVUnYdixIeJnljJZhvkHmcwKm5uWjn8syXIPDdxUWO7FJP5K4PvIkun4e1xTVOgF4FhivoEWnF1OgolcQ-HBbe241QuK6AWgYXbGcast_8s3iby-5WQBGwbN4kTiJXAjURcSNWcfu2ZzfAvvzizDDudtS4guW2Fl_R8j3V8dRi-Ds5vyrU9huvYWOcWLkYzdLdIDIgxRCtWNZwWn202_0o8OgR1BXwm8CYT32zFHaYX22trl0Sn7LT_7Ca3XqLoPxGJQsXjxCjR-kuuSl3alQlaLGJ6wKRJyujY_MgwzmhYpPfqUSgS76UxmZOONiXFon3AfO9mlVm9iRZL6im-oFZYHNIUBAvW8SghQSW5JJUHYDaZRDUvMRowKAZLssK51qlXlPjrJZYh6qx0_BzU-I2TbiLwleW9gbc3Zqyqj5xKK79fNENSAZweP2oHKpR9O7frrtF4-Ldn3RdWgqksuOpvwfLQHTGrLSmcGfbhX1CP8oywGxdaGqRLkkAkI4DAafOy2lo2nQR_dyFe_xdWFvfVAD83okdFoFGs4uKS3YOK6y32mOEhL_s7h746aFVhyOwCwDsQDWwla2c77xIcQ8YxI1gGIJaIRZ8eNtIrEBPaDQ-cfFBUPZzdZ9ItW_CKxJ5qz9Q8nsfG4HgCHUac3GTesE48dr3LKpE1NYcD0mF_C4kqMFs8itX0F79UENnefZJrb6uzk8OeCMIORf8L8I7IU&sai=AMfl-YTdhH8b2xxxs9YRdfoO9ijBrHNgxAvG6oaM6SveqyuTpT7906u00cM_5qdAx_nXPZgxjAR9gWwj9C2JydR7kh57ZV4tFCuDNWY845Atc4tkYk7U9DMx1r8C8qAja_Hz-VpBlz4VVj1VQFk0Mcw4k3U7PBDuRg&sig=Cg0ArKJSzGOFYn0VjAxtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=124&cbvp=1&cstd=122&cisv=r20210922.49401&adurl=
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 27 Sep 2021 11:20:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
pagead2.googlesyndication.com/bg/ Frame F339 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
161420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 25 Sep 2022 14:29:43 GMT
DcmEnabler_01_246.js
s0.2mdn.net/879366/ Frame 84EC 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10311819/1624627736941/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10311819/1624627736941/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10121
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Sep 2021 04:07:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ED9D 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsszOcY74p_jqshh_qUl7P16VZeflzuROgcdss2TSl3e5Z3lCxjBNJRlDwJ6WeTtcVt4PwcMj9uEtgvf6nz6EaiUaNG0T8KTRfmU2TxnetSMDYHYWsVpjKfG7zjay6aMH3DaUvw2G1SPK8fInxhN18HU0khveCjPZRduK3qLPA_NTf-PWMFC8A0nwLDHrt7iZ26cjSeSeZ16MFofrZe43v6AkblhP1GS6amEal3JWESORqh8miFB-PgauJIha_hkW8bMQkjWbg3jPZuS4wn3SpT3q0JRdVqZKSi53QD4KgP_IZc5dMavusGSXvANmLdlLKSaGJLNs_Ym-m8egGCG79Z29TmBfpQRLsZnb8AWHnLDZwlmpLu0pjgcleKcXKqK4_yQozoUt06ELh0BUJjLllIKD0k8KttBIUHTzvfrVUnYdixIeJnljJZhvkHmcwKm5uWjn8syXIPDdxUWO7FJP5K4PvIkun4e1xTVOgF4FhivoEWnF1OgolcQ-HBbe241QuK6AWgYXbGcast_8s3iby-5WQBGwbN4kTiJXAjURcSNWcfu2ZzfAvvzizDDudtS4guW2Fl_R8j3V8dRi-Ds5vyrU9huvYWOcWLkYzdLdIDIgxRCtWNZwWn202_0o8OgR1BXwm8CYT32zFHaYX22trl0Sn7LT_7Ca3XqLoPxGJQsXjxCjR-kuuSl3alQlaLGJ6wKRJyujY_MgwzmhYpPfqUSgS76UxmZOONiXFon3AfO9mlVm9iRZL6im-oFZYHNIUBAvW8SghQSW5JJUHYDaZRDUvMRowKAZLssK51qlXlPjrJZYh6qx0_BzU-I2TbiLwleW9gbc3Zqyqj5xKK79fNENSAZweP2oHKpR9O7frrtF4-Ldn3RdWgqksuOpvwfLQHTGrLSmcGfbhX1CP8oywGxdaGqRLkkAkI4DAafOy2lo2nQR_dyFe_xdWFvfVAD83okdFoFGs4uKS3YOK6y32mOEhL_s7h746aFVhyOwCwDsQDWwla2c77xIcQ8YxI1gGIJaIRZ8eNtIrEBPaDQ-cfFBUPZzdZ9ItW_CKxJ5qz9Q8nsfG4HgCHUac3GTesE48dr3LKpE1NYcD0mF_C4kqMFs8itX0F79UENnefZJrb6uzk8OeCMIORf8L8I7IU&sai=AMfl-YTdhH8b2xxxs9YRdfoO9ijBrHNgxAvG6oaM6SveqyuTpT7906u00cM_5qdAx_nXPZgxjAR9gWwj9C2JydR7kh57ZV4tFCuDNWY845Atc4tkYk7U9DMx1r8C8qAja_Hz-VpBlz4VVj1VQFk0Mcw4k3U7PBDuRg&sig=Cg0ArKJSzGOFYn0VjAxtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&vt=11&dtpt=58&dett=3&cstd=122&cisv=r20210922.49401&adurl=
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 43EE 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
346dfc94257a837e16e9bd43e0678991495d88a68b037dcc0afdab13fbaba755
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8622
x-xss-protection
0
Frame_Desktop_300x250_EN.jpg
s0.2mdn.net/10311819/1624627736941/ Frame 84EC 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10311819/1624627736941/Frame_Desktop_300x250_EN.jpg
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
632461aa04bf36623ba5fec785841c55eef747d98599160d2fc1a4630d5ef515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10311819/1624627736941/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 22:01:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 25 Jun 2021 13:28:56 GMT
server
sffe
age
47928
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19474
x-xss-protection
0
expires
Mon, 27 Sep 2021 22:01:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 43EE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 11:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 27 Sep 2021 11:20:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1431 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 27 Sep 2021 11:03:56 GMT
expires
Tue, 27 Sep 2022 11:03:56 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
967
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 16EB 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
440d247d6a86ff83d5f69c5e96ad616e1042d10ec98fa6a4f5917d18af2f4cee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JTDM0l/IOKSyOGrjTqiHBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bg.ecasus.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 27 Sep 2021 11:20:03 GMT
date
Mon, 27 Sep 2021 11:20:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-JTDM0l/IOKSyOGrjTqiHBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
pagead2.googlesyndication.com/bg/ Frame 1431 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 14:29:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
161420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 25 Sep 2022 14:29:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F339 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTKkV46hRYYK7EeuDjuwPx9Co6AsAAAAAOAHgBAI&bg=!S0ilSAzNAAZNQyuQTUM7ACkAdvg8WnCix206iLT_QQfzi9szBHgp_joJ4hiYyJsAy-uD9SX45b3ZlgIAAACAUgAAACBoAQeZA0Lq4njxEmqqtJA5aVy4YgVAc5dKD8ONXpTlT6G7VPbwPInIxlmSFPpaKOqnMvCkxzWXAsa1LvB75QbN5SCd37jWrUtaLec30zQySrn3wnx9Bx5O6HDilc5U6xLYMheGoj2JANvD192M0wjaRe25bOToryBdZRKMuDBH0jloeZhrCyHI5QRQgkmHP3jgtoROh1rVfE77oiyEUbr6r_AjNiGFE5EmyYaXOTiOIYzejrqSwn6cJPWjnjdJm7KUsfccVw2P6cibr8O7CC8Yy2ND-tR6MoSzXqiFIo1WU9bTGBfRFUbJssgO5kjR3ooxtLYkOW-ckZ6Wvid7z4fQcP99e_rWRDzyrjxN59w_W0PYxEvctIfNhVDflRW4wYMtvS5AIB6sYy6eZXZBXFUT9tE4xMWRs2TCYSGFp5MqGh3yAQJGdvYvHtmcRLco3YFLWiW5WEJkjmqcbLEFSEIohzMR1U_Wb5BygO_hMB9XF2GwCHQNdy8pf6vAVJsizW6yvlg2XK_noF1EOIEFZvjKlyY0f_WcIie3AeeHD2RIIMEU4jCRDoEuVuQkReXQqFlgwbYLWum4E82FNS04j0iA2sx_FqTXtXOUzQh60v88qypVf6Xj2DlRMH1l8qosbSsO5ua6VPKXyzqLfhzYXqqMQeOSc59v9uXQT2fEdOTK9P6yox_HzTl65ST4aAP0OqN4uAOKLMwBTtYkmoEgEz9iP2auYbULrwtKLMLYZeVdpAoELXp--0uI7L44ROBrDeTseHyODgW3Y406BxcDCWGrJ57WDvrt8MmP_oh-amy1fUiaDKzA2ONIhrO4zhKgw69r8Cm3P-JjrhHwwsmruXICdhxUMz8hDbxZzTDyR_X_PVy2CMZJGSR7Z2qzI7bkiv9l0uz3TWTPQRrfoXkE0Gn1y2Z-OdDp1aQVd8v9k7nNBCnFbHPmjK_Cn-R6bYQjCLyCMK-7VyY9GP5sOWOi5oETXB4MiM399MC9oTx6wpc8zA1XxdcE1tO0cNbFCc0OwiUwAofO7WVttJK2iGNmfhHKbnkBDbIXHqjnFYjEd-dgdsV39eoZiOzsObYqV4U_MQay0UcZK4g8LTjYDqozPWzF_RerbJfg_Pc
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 16EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=3414835529483069&rc=
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1BB6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bg.ecasus.org/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=1433751257479271256; icu=ChgIis9gEAoYAiACKAIw4tHGigY4AkACSAIQ4tHGigYYAQ..; anj=dTM7k!M41.D>6NRF']wIg2E>=IYUoN!@wnfH8K6pQK`!5=E<*L5?%KF_9:rZie7Qq/jg_U2Cla^5wHx2?wM5gDuRre%nugO%v4VB%nm%g)xDX?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 28 Sep 2021 11:20:05 GMT
Date
Mon, 27 Sep 2021 11:20:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CFCD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.39.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bg.ecasus.org/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=1433751257479271256; icu=ChgIis9gEAoYAiACKAIw4tHGigY4AkACSAIQ4tHGigYYAQ..; anj=dTM7k!M41.D>6NRF']wIg2E>=IYUoN!@wnfH8K6pQK`!5=E<*L5?%KF_9:rZie7Qq/jg_U2Cla^5wHx2?wM5gDuRre%nugO%v4VB%nm%g)xDX?
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 28 Sep 2021 11:20:05 GMT
Date
Mon, 27 Sep 2021 11:20:03 GMT
Connection
keep-alive
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 43EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=3414835529483069&bg=!7u2l7anNAAZNQyuQTUM7ACkAdvg8WmbVRYRJK8hoPD7bjLSA2MFefsWabzGqstuXOZqWGJvA67nKygIAAABdUgAAAAhoAQcKAHGwv_sDDUrqFoHSsPkMSIGxAyNL1WwmWmVGgVmfl2UbEd5lEn1bQ_OFUqz6loKuZMz07X0p1PJM_hES29JtrT1YDA8QtAu0NRtBV_NESPWEDf6-76Nv1NN2WRFcssfcYidVFtiRA1D7JykpujF7m_lhkJkCxozbms-6qUrKhj3WKs9BX9YyaUtiLGGyVm3tDNDxlOBKecTsRKt9g0g30XvdilOIL3AHYvpOD4pjelxbpk4a08A-zLspki7MVlmy6GVLCek109NIADPremTQvY_PonlBVb3BBV5NTuloyHkcRTUC6ebtS9imy6DmqEHfQ-0FNzf74pjmHj5shR4RdInvzRi_WBb2NOOJmws_V-kQEpGIUUbWCtC3cPK0HlYv9LmBtB0zR1TrNejAuRir4S10_A4ihGnUVprToFzRDNx7PFtPtWBUNQntuZj_5xNeJDk3IP3rmSbKwm9zCzwEU-SP8B6sOvkeexyNykT9WrqJ8D4Z5IwPrnJrVoKdh8JgX3-otJDFJSq9nNRq2lbGVfe2meaf5wfVa6tYPKzHN2MX46ZZmIDSss1cVjK8WpSNnaHdDT6U09j0VIbSADxpo_hqEUaMRAM93iTB9hYA4AMMxsViSiZbr5rY72HNx7kn6WbfEMKerxeCrgWhwg97xGeq1PZUTyHdu4ZUeO2L-vZ9gj0nXyiWHw72BbpTR6v7Q0XEKoqvRIGlTTyGLJd-KUCSm2nhNPSjBfXZgj3ixp4qxQ5jrvxV1_VrsLZiaxLIRzbyj4ktE_Q3Lk-pTfRJ4Zxrn-BcquNgrGQ5z9_43-lHQlaHBIiN5fpHL5OdVZKQVuFuJpy2Wgb8P0JD3srIuMQmJIQTEJQRmYybHBm17MeM2m9VPusMxA0dEyAT8V4IsWSzx-YkeTHK95cvuLL9mBIScMgnp6N8xuFX_MmK0MV_xKYZgXxe8tmKyRMu0H269q8QUGqKYR4HBBAbccag-CqZthDybg56S3u8Y4iFjO23QZqS7vUM4NzWwOzvB5IVK86Ofi9D0P0tUHReedrt3yb_MoKw4FJv3ZB3BFShPPPV9jmhTtm9fvScporE4-FAJ3Dn_IRIYdbHWmr1
Requested by
Host: bg.ecasus.org
URL: https://bg.ecasus.org/female-masturbation-17-facts-about-the-naughty-secret-1771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 1BB6 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a4edde85-2585-4fc5-bf4c-55f05ef244c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CFCD 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:03 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
30d52824-cecb-4a40-9539-bcd1683258e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED9D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5_EJPYaqoqiW9ykosRjcqdYpIN-xUNSZjpthIXYG359aZpCo60dN4-UppMs7kosWW1fE0vVoRvFMCVCPxjaejhwNJ8dGuAOySQLN_5kkd7G5uxIo&sai=AMfl-YSVv1aZlS3LStp0PVq4glVASMOo18ScWaHhWYn68hUAbBlowh-xJqwRuG0hQa8yr23acJMkUhBOVlnGyWpsNEiK38bZxHTDNb8&sig=Cg0ArKJSzOuueuvkdoRgEAE&cid=CAASEuRozAw_62lUJnHXauecJ5z3Sw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3542187154&rs=5&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632741603007&rpt=517&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 43EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPNhfJw2vlh26aOrugG8kgVZMiCdxuHOFVwcCMETdK3QO3-NDqjWsXTsnbjAthw0BW6FU4yrtprud_ujqMPDesWGdRb8Z4zSVuOUpL0ipi5Dd6OlNG&sig=Cg0ArKJSzBN3MWpXMeeOEAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210922&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2127426777&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632741602238&rpt=1289&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bg.ecasus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Sep 2021 11:20:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1BB6 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:04 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
432b384f-3ac8-4206-8f6f-92dbbc227a52
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CFCD 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Sep 2021 11:20:04 GMT
X-Proxy-Origin
216.131.114.66; 216.131.114.66; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f4428cb9-f82f-4476-a23f-ac1f7143389b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
sync.e-volution.ai
URL
https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l8r0maOkRTk4
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ

Verdicts & Comments Add Verdict or Comment

353 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| ym object| Sk undefined| $ function| jQuery object| tdb_globals object| tdwGlobal boolean| td_is_safari boolean| td_is_ios boolean| td_is_windows_phone boolean| tdb_post_autoload boolean| tdb_is_ajax string| ua boolean| td_is_android object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| setCookie function| getCookie function| createGeoRestrictionCookie object| _0xbd59 number| zxadflg_rich_stat boolean| cs_flg string| zxmngname_ext string| yamId string| zx_domaine_ext string| zxadblockmng_ext number| zx_ad_flg boolean| zx_flgCap number| zx_gcWrk boolean| zx_flgOverlay boolean| zx_flgNative function| ZxStartMainModule string| zx_type_ad string| zxadpartner_ext object| __ZXNT number| zxCheckAbsStart object| t object| e object| __ZXCONSENT object| googletag object| AdSlotCollection object| regeneratorRuntime object| pbjs325474 function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| __oa360ScriptsState boolean| __isGoogleAllowed object| _mgIntExchangeNews object| MarketGidInfC1102315 function| MarketGidCContextBlock1102315 function| MarketGidCMainBlock1102315 function| MarketGidCInternalExchangeBlock1102315 function| MarketGidCColorBlock1102315 function| MarketGidCChangeColorBlock1102315 function| MarketGidCHideDescriptionBlock1102315 function| MarketGidCRejectBlock1102315 function| MarketGidCCriteoBlock1102315 function| MarketGidCInternalExchangeLoggerBlock1102315 function| MarketGidCObserverBlock1102315 function| MarketGidCSendDimensionsBlock1102315 function| MarketGidCRtbBlock1102315 function| MarketGidCDiscountBlock1102315 function| MarketGidCIframeSizeChangerBlock1102315 function| MarketGidCContentPreviewBlock1102315 function| MarketGidCGradientBlock1102315 boolean| mg_loaded_692293_1102315 object| Ya object| yaCounter69123001 object| AdManager object| a3klsam boolean| __@@##MUH function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| jQuery112406502193996339072 function| $f object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| wp object| cookieconsent object| addthis_share object| addthis_config function| AdPlayerPro function| pbjs325474Chunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| addthis_translations number| zxCheckAbs number| zxConsentEnabled number| ZxConsentFlg number| OaCmpEnabledflg object| MarketGidInfC1101801 function| MarketGidCContextBlock1101801 function| MarketGidCMainBlock1101801 function| MarketGidCInternalExchangeBlock1101801 function| MarketGidCColorBlock1101801 function| MarketGidCRejectBlock1101801 function| MarketGidCCriteoBlock1101801 function| MarketGidCInternalExchangeLoggerBlock1101801 function| MarketGidCObserverBlock1101801 function| MarketGidCSendDimensionsBlock1101801 function| MarketGidCRtbBlock1101801 function| MarketGidCDiscountBlock1101801 function| MarketGidCContentPreviewBlock1101801 function| MarketGidCGradientBlock1101801 boolean| mg_loaded_692293_1101801 object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks number| len function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| onClickExcludes function| mgReject1102315 function| mgLoadAds1102315_1291a function| MarketGidCReject1102315 function| MarketGidLoadGoods1102315_1291a function| mgReject1157681 function| mgLoadAds1157681_1291a function| MarketGidCReject1157681 function| MarketGidLoadGoods1157681_1291a function| mgLoadAds1102315_12936 function| MarketGidLoadGoods1102315_12936 function| mgLoadAds1157681_12936 function| MarketGidLoadGoods1157681_12936 function| mgLoadAds1102315_069f7 function| MarketGidLoadGoods1102315_069f7 function| mgLoadAds1157681_069f7 function| MarketGidLoadGoods1157681_069f7 object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint692293 string| _mgPvid function| mgReject1101801 function| mgLoadAds1101801_09a6f function| MarketGidCReject1101801 function| MarketGidLoadGoods1101801_09a6f function| mgReject1154801 function| mgLoadAds1154801_09a6f function| MarketGidCReject1154801 function| MarketGidLoadGoods1154801_09a6f object| GoogleGcLKhOms object| sas object| apntag object| _ADAGIO boolean| _mgPageView692293 object| google_image_requests function| _mgLib1_11_46 function| _mgwqp function| LoadCriteoAllPlaces1102315_12936 function| LoadCriteoAllPlaces1102315_069f7 function| LoadCriteoAllPlaces1102315_1291a function| LoadCriteoAllPlaces1101801_09a6f boolean| i.js.loaded boolean| i-noref.js.loaded function| mgadSrcNoUi_0 object| _mgAdSrcNoUi object| _mgAdTrSrc function| avPlayer object| Mgvpaid function| getVPAIDAd object| _comscore function| av_sciv_hndlr1632741601327 object| storageAni function| udm_ object| ns_p object| COMSCORE object| ZXNT object| ABS_URL object| DATAZXNT string| slot_ext string| zxadblock_ext string| domen string| site_topdomen number| prtintstlprocent string| zxAdUnit77 string| zx_network_prefix string| zx_ad_slot_default object| adx_dfp_bloks string| zx_banner_w_default string| zx_banner_h_default string| BannerSize_default number| flg_dfp object| t2 object| e2 string| url1 string| url2 string| url3 string| zx_ad_place number| zx_ad_width number| zx_ad_height string| zx_ad_slot string| zx_ad_id string| ins_targets number| cw number| ch object| tt98 string| txt98 string| txt99 string| stl98 string| BannerSize object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| doc object| interstitialAdFrame function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| google_global_correlator object| google_prev_clients object| google_jobrunner object| DMVAST function| playerPro

66 Cookies

Domain/Path Name / Value
.go4s.biz/ Name: uuid
Value: 61333db6-2072-493f-8bea-a1a9f0ad8466
bg.ecasus.org/ Name: __oagr
Value: true
.mgid.com/ Name: __cf_bm
Value: 81byu8YyxmdwQ70mKv0m9I08I29.yY2mbWrmkVmg5sY-1632741599-0-AQCHRjquSg1TwOXyd+QtSpYrI4fiQDfTaqN+LSQGuRKE1UB/sON5pv7UfFvOpSjE45o/STE8Am/+CeZg67VOQeQ=
.ecasus.org/ Name: _ym_uid
Value: 1632741600358184743
.ecasus.org/ Name: _ym_d
Value: 1632741600
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 890573819fake
bg.ecasus.org/ Name: __atuvc
Value: 1%7C39
bg.ecasus.org/ Name: __atuvs
Value: 6151a8df8f3018ca000
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 772015396fake
.ecasus.org/ Name: _ym_isad
Value: 2
.addthis.com/ Name: uvc
Value: 1%7C39
.yandex.com/ Name: yandexuid
Value: 5667508271632741600
.yandex.com/ Name: yuidss
Value: 5667508271632741600
mc.yandex.com/ Name: yabs-sid
Value: 2238988631632741600
.yandex.com/ Name: i
Value: 7ZQyd6ENnk8PEeauJXxHmf1s1mCFi3Lckv5m65Nd6bu55kcvAN2IGdtl7WlaEBu3c6ku5+Sk9f03XhdTnREEeVjdnp4=
.yandex.com/ Name: ymex
Value: 1664277600.yrts.1632741600#1664277600.yrtsi.1632741600
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjg2MTkwNDAwNTAwMDBDSA==
bg.ecasus.org/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.adnxs.com/ Name: uuid2
Value: 1433751257479271256
.mgid.com/ Name: muidn
Value: l8r0maOkRTk4
bg.ecasus.org/ Name: cto_bidid
Value: V_VJr18wYmVWeU81QXhPcmU5UWJNZ0REN09FdkdSa0xXSWZ3Q3dud0JIVFlWUjFhUUZWMVRiRllSdnY3bFE2NUFBSEtNdlR4a2ZQZXlxUTcySXhhaGUlMkY4ZUhnJTNEJTNE
bg.ecasus.org/ Name: cto_bundle
Value: pFVEUF9qUUsyWFklMkZyYUNoRThCRFpwUzQlMkJ5VGJrY0ZFeVFSQVhRUHZDWEx4WnJqQWhqQUElMkZvOEclMkZSUkxIWmNJS2dUa1lrQ3JQM0RuRVRTcGNSNW1nU0FGOXhJN1ZDeGg5ZE5TdjVsbkl2QUE3b0ZyVjNUZDlhYSUyRk1JRHp3TW95WjhQOGs
servicer.mgid.com/ Name: __mglb
Value: cbeb893f26be92ee4d57b414fbc5f82c
bg.ecasus.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600834%7D%2C%22C1101801%22%3A%7B%22page%22%3A1%2C%22time%22%3A1632741600850%7D%7D
.creativecdn.com/ Name: u
Value: lwZzteMtrShvqYxeePdf
.creativecdn.com/ Name: ts
Value: 1632741601
.doubleclick.net/ Name: IDE
Value: AHWqTUmDWJnBzE9f3fAkS5t31jjGq3NUE1Gkba4SqZbLjPbk2a56feXnCv1FFAPdbr8
.bidswitch.net/ Name: c
Value: 1632741601
.bidswitch.net/ Name: tuuid_lu
Value: 1632741601
.bidswitch.net/ Name: tuuid
Value: 1bb3b5f8-1640-4e95-832f-0e0f5b3b2913
.lentainform.com/ Name: muidn
Value: l8r0maOkRTk4
.idealmedia.io/ Name: muidn
Value: l8r0maOkRTk4
.adsrvr.org/ Name: TDID
Value: 7b5503ae-865d-441a-881b-de593a2baa3e
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjYvKal7-yAOhAFOAE.
.sharethrough.com/ Name: stx_user_id
Value: 92f811f4-d236-43d2-ad43-cbfd3220fca0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 1051256417513033098
.scorecardresearch.com/ Name: UID
Value: 1C4ZWGQD12XVZN4ZKYRFA6g1632741601
.mfadsrvr.com/ Name: tuuid
Value: d9052254-f8cf-4d12-b401-11522a503e0c
.mfadsrvr.com/ Name: c
Value: 1632741601
.mfadsrvr.com/ Name: tuuid_lu
Value: 1632741601
.adtelligent.com/ Name: vmuid
Value: 3c934d8d8fda6a18
.aniview.com/ Name: aniC
Value: 1632741601671-918721588423-005858-000-007275
.mfadsrvr.com/ Name: ssh
Value: !mgid,1632741601
cm.mgid.com/ Name: mg_sync
Value: {"265689":1632741601,"287839":1632741601,"341189":1632741601,"363887":1632741601,"371158":1632741601,"433145":1632741601,"433146":1632741601,"501037":1632741601,"516418":1632741601,"617666":1632741601}
.yandex.ru/ Name: ymex
Value: 1664277602.yrts.1632741602#1664277602.yrtsi.1632741602
.yandex.ru/ Name: yandexuid
Value: 6366197601632741602
.yandex.ru/ Name: yuidss
Value: 6366197601632741602
mc.yandex.ru/ Name: yabs-sid
Value: 2135027161632741602
.yandex.ru/ Name: i
Value: z2McQFjKfyZ7O1L+UIGD32tKVsYqeGClDx+4WLknEOMPFcUVMm6LC1CL26j6ixhwpc7eVqxpCVcoZ5jIngNj7RjB78A=
.ecasus.org/ Name: __gads
Value: ID=23e85613db3e46ac:T=1632741600:S=ALNI_MYZcVp8W1dvVjNFu1-x4wjmBUMdrQ
.adnxs.com/ Name: icu
Value: ChgIis9gEAoYAiACKAIw4tHGigY4AkACSAIQ4tHGigYYAQ..
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>=IYUoN!@wnfH8K6pQK`!5=E<*L5?%KF_9:rZie7Qq/jg_U2Cla^5wHx2?wM5gDuRre%nugO%v4VB%nm%g)xDX?
.casalemedia.com/ Name: CMPS
Value: 5223
.casalemedia.com/ Name: CMID
Value: YVGo44H3nm.CPk5c9fuCKgAA
.casalemedia.com/ Name: CMPRO
Value: 1212
.casalemedia.com/ Name: CMST
Value: YVGo42FRqOMA
.casalemedia.com/ Name: CMRUM3
Value: 2d6151a8e32760CAESEAgvxXDynfmJHt2g-a2CcXQ
.turn.com/ Name: uid
Value: 9024297366577210444
.smartadserver.com/ Name: pid
Value: 8199194062670432349
.scoota.co/ Name: tuuid
Value: ae7951f7-b430-4a0e-9346-ebccd3fa0845
.scoota.co/ Name: c
Value: 1632741603
.scoota.co/ Name: tuuid_lu
Value: 1632741603
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%222CBFEE59-FEF7-4702-8F76-6404FB39BFE9%22%7D
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-15e9950a-23e7-4519-4959-54ea3ac054a9.USbBqdjtQ2nnIH8QIMmem9JRjdmWlBe8Fi8lrOQ8prc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-15e9950a-23e7-4519-4959-54ea3ac054a9%24ip%24216.131.114.66.QXWYH0939nT8pc22wauq3mSKlgYfW7O39L%2BBnAl1wJU

5 Console Messages

Source Level URL
Text
network error URL: https://ecasus.org/template/classic-blog/css/newspaper_classic_blog/wp-content/uploads/2016/05/blog-menu-bg2.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9409.aozvClb0Sxk7NlPhB7bUQ9S5RpnQmAonWKYVzXk-sabPB_KZb_SlOp93AqOp3quSeRstYd5UMqiFvtx-TmBFpw%2C%2C.9lDWOChPrFg1oEUec6kfBRKLWJE%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062914(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVGo44H3nm-CPk5c9fuCKgAABLwAAAAB&google_gid=CAESEBsEcx8OprJS_1EHmM0h6UY&google_cver=1&google_push=AYg5qPIQx3SvWXEjYFMu5BK-bodKQAK0I_CEikRKzu52trvpJ-qtcTGQJf-5S1reydzSoiSBMW7JWhPcEg6lydyW2V9SeFOHZUQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

717f3b3237930fe2adf2fc849a6286d9.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.travelaudience.com
ads.viralize.tv
adservice.google.com
adx.adform.net
api-public.addthis.com
bg.ecasus.org
c.mgid.com
c1.adform.net
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cmp.optad360.io
creativecdn.com
cst.cstwpush.com
dsum-sec.casalemedia.com
ecasus.org
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
go1.aniview.com
go4s.biz
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
js.wpadmngr.com
js.wpushsdk.com
jsc.mgid.com
m.addthis.com
match.adsrvr.org
match.sharethrough.com
mc.yandex.com
mc.yandex.ru
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
player.aniview.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.scoota.co
r.turn.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
serving.stat-rock.com
serving.viewtraff.com
ssbsync.smartadserver.com
sync.adtelligent.com
sync.e-volution.ai
sync.srv.stackadapt.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
v1.addthisedge.com
video-native.mgid.com
widgets.pinterest.com
www.google.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
cm.g.doubleclick.net
s7.addthis.com
sync.e-volution.ai
104.109.78.125
104.16.221.74
104.18.15.161
104.19.132.78
104.19.135.78
104.19.216.61
104.21.80.86
104.75.88.126
13.225.78.28
13.225.78.57
13.225.78.64
142.250.181.226
142.250.184.194
142.250.185.129
142.250.185.130
142.250.185.202
142.250.185.99
142.250.186.129
142.250.186.164
142.250.186.166
142.250.186.98
142.250.74.194
144.76.120.254
147.75.38.124
151.101.1.195
151.101.129.229
151.101.64.84
172.217.23.98
178.250.2.146
18.184.122.71
18.210.5.212
18.232.230.29
184.73.102.165
185.184.8.65
185.239.172.66
185.86.138.132
188.166.135.13
2.18.232.130
2.18.232.78
2.18.234.21
2.18.235.40
2.19.35.65
213.174.135.24
213.174.135.25
216.58.212.130
3.123.161.47
35.186.238.232
35.190.0.66
35.212.212.222
37.157.2.238
37.157.4.41
37.252.172.249
46.228.164.11
62.149.0.72
69.173.144.165
76.223.111.131
78.140.185.32
92.223.124.254
93.158.134.119
99.80.151.46
02ba7dde63b05ebdf61208cba2cf4c7016d04efe8b8dd37baccb21bba67b8a48
044b59dc39b3365bb7d051708f1773e7db552e52e2ef2fc7ef38d038f9de52b4
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
083007b3ce2a39567dfa256c6bad0918723b5036d01dc3942936a8d88d26cba3
0b4764f64d863521a29c559ba9384821844d5445d0273921f7b28fc11d74e738
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bea19b0b73e8fba31a9ea570bc51f269db4f39f0db97ff38165cf7a45d84c56
0db75643a6c905d8d9d813015b6ce4b2dfb2b9631d61cbc9ab2e61f6c0380b1b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139acda9e3a57f34716543ceb657485a6e1aa5070db8de9193857fd294d9f4cb
14e3cdd51580b866e12a2220c5a394d1e8fd59c13cb98e2538b0cb44611e7e00
15d4f84548e74b1ea84c0e518befe96efa13cc5fabda1f13a408360479e85ca0
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16e773370c6c96981ac5eb8f0088c94271b6a07e4589040c0062c5a9f44cb76d
1753b9f4dc54ff33299cb92f28b5437c8c39d6998b53615d6ae0ac59aba3e60c
17c5903cb63980173f74669213b34aa508c3ee28725aa317f4af1208afb6b679
17f63aef9f754cf0f4a0f141c4c266ea0f15799499f02d40145083a7ca990bae
193bdf6c4a5fbbb3fa5c0bf95c10d868da4857a3971b7fcd2da8d386c89ad4a2
1a4439966cf3114fcfbe92d56d21b21810b5f3a0f138032a7e665113f2c754a7
1ad367910f045ef2ee71cf0b636a7283370c81abf0bdf0d4913d1d514ed41d8a
1b95f93c25425ef8db6c8928209f653557d43e6b8c00b415be4ed3f35eeb9251
2860aec72f2ec742422cce67e19134ae576581a04c608857c6fbba6db0c66be1
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
2b81e82518ec20ea7ea198a646517c21e014c312df1c4019202637f44c255ecd
2b83c5bd7aedc59df4c2235b31d8080f41c11d95de1f20279f23870ff77feeed
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2eca9a487584197a09a6bcfc5e302b132507a3608da2d341f287b79f503d3723
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32122fbd7783d5e29c2ce860c92ec42445cd6e0e4c060966cdaeccd19508573c
32c7bf73cc1c01f4410c0a23837c1ac484ae8892b3697d841708be64f77257e4
33a949da5686480021bb9c1d1ff6fafc8ca8a03c846a7d81cb0d90e9eb7f5eac
3419057d4d0ea2416ad392eb797ded2ac1033896fc70df1dadd4eaad31862bf1
346dfc94257a837e16e9bd43e0678991495d88a68b037dcc0afdab13fbaba755
358397cc830a4098def1c47def116498dacbb8711c1e7e4f68bb204fca577498
35da21eea6062de85141e49d3d23e38f2ead16f8bbbfb4648033d95ec1028586
36d7d981d8ac09da34c03c3b4914104e830ceed745bad1523117e9d511073a0e
3701da754cd5a0bc28caf5540c9d07c59164f08cfc5a3fb57ffc4864ce97abe5
373d80436599df05b3a76f7808839be76e83b5a63cfd4fc41ec25e1512aff3dd
379a70e8585366281696a53d0d2650ea529eb22946bd929b595db45d1b58d9c6
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3b55e5004a364de7ff52d1ff57a793495bff57162f59c5b08d29d79619ac3d16
3caa2ad516420bae3dee5d9fa14d09ceca1393384721edbd793a5ba14e94cdef
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fc84249222109c97552fb70837366a2425141a92626b2eaabae43a49a22ac44
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4012b60b50fc1eba6890f9744fc7ed75e12f2d3f9ae421670e200468e1785b34
440d247d6a86ff83d5f69c5e96ad616e1042d10ec98fa6a4f5917d18af2f4cee
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
46e6dc322efdbcb1dd558f99027ea33976253f0986ae538c6db660040847adef
47b465dfcd8aebb72e225ac9d729cda97473cdc1550011250f417c3242ff5b71
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48fd359287a75a0475a99d7776414120569605ba2b6e8a082f2d375d092d3b52
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49ed008d8772c6163ba08acf4eea413aba84650f2a4185e7b2166b87036e25e3
4a0a075d96835119600c4b2ed9768f51a889cc18aa9a0b0b1e099b8bf7d0bb52
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4e8fc9a46666858fef80891b943c4ce7c4286d358fa97f0325fdce1d40fe4b8a
4eb2ed04438c11c4ff98d8d9527ccabfc078b873d0882da321c5e54063aad007
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
4f62e44e6c931b7db3695b45c082c0f934cfadc39f43fe0ee8306fe27d9eb150
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51f9a30cd2c9154738d08001bd13be571efa67dcb91a2a94a458af3b712c0599
5239a9bff8ddc0e588af27ffa74890237741b97f808b5a983cfc69ca19d3249c
525b6cee4be1d68b23c08fd4aec7a3c784c97a3dce731c618e439f419937c63e
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55313d954e6450db67ad97d784427c56cb04b1cf27b58ff3add75308ec975849
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5ac817f582ee4fd11da33dc1215e8db64c319e92e3ea18238e308f4b7ab094e3
5b03341a2867bf1ebb28ffa17c2495bab11d119c0b0ed36884cfe620b217cb6f
5b9211eb23d9445c99e9aa0b10dbf1574394cd32eb3d15ea3438affe02776682
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
5d8e0da70a7a3c000ce3662c0c33129cd7f2db1f332189472755bf83039d068e
5dc853e31e63192ddad176308d87564ac24d9e39c2042e2afaadcd38806c9284
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
632461aa04bf36623ba5fec785841c55eef747d98599160d2fc1a4630d5ef515
65f98e426a18500efb9d67d520788bb94ee7dcf42296bf6436a7a2f8bc2c15e4
677bb80256477340c7ab35de7dbe915d1fcb70b56c34e8be33913998d9f1f244
6f68a4bc802b8c4a54806703e454489979bb6b543c97bdd82dd4921a9fbb5fd7
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
744a60d2c0eacc6341e092aef2810127db48a13d969109df4fcec39f1162a2c0
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
761b309e550425464d627968eee8c2fc2e1b2268a7729ce004f75b75e196ad06
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d5f8049626b933508a81f5fb0dbc139b2257bbb18acb16be0bcb47b1397824b
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e
8151be9a0a1ffee7f424832cd1fae0be070493c007895b0e9d8478da1a1e6869
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
834bcb70b8df1fa7df6d4b308cbad725cd6d85b6d5b719f75b5497b6d2587433
8361f4ecccad66f1efd5070c00a599ceadad45ed0c0b0d666991390a514cb7f9
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83c4998d954026bfc94868f3adde48a64c13b39a170e6efad19ebd41e54b78c7
850ebe5afa86a299ed655f0dd371f0bb4c80e38b73d855edf5139c3475f0d7f0
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
86a90b183aecfa70018125329bdc860971b2f20123c0f40e68bac0a1dcb58645
89b62430c67162c02dfae06a1a502af1f2ea87ffc702fb6d5445a6e19641f98c
8a3ec68a0fce79c80c06f06e9feb232b4b2be319a3723b8c325e8f00583ce588
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8bdc77cba9d8dcf09308eace7aa833cc9acd99bd76660b44f8d7649a457cddf3
8c8b2f99b98589360ad971a7d028965a469996eea18833ba43208a30a5d6955d
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8dce90c8d06a68d557afc87d1783527292438bda3950121393107dcb663dae07
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
9696f42a45b17b372aadd26e007fbbe9c1740292781ff30213876b78a26ceb6d
99c2515b0e271ce91f648abc571dcf21efffc99612ccd11f09d5741649fc1973
99e9b7cebe096da278aff227bd4290a919259d59024e4b3fec8965cad694b196
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae488266656537af5cb084065381fd62ab7c2a5f864cc7c153b519e5bad75ee
9af5c891e746f5ccc60c2aad543eef0fd5e0f7404da5714eaffc0d81c172c3ef
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
9fd2af92afd0ae90c0e88a3d73c8a71aefd3ee2e9c101829d87e93a2c757093f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a215dfc619c9f8aa50e5aab45d1ee793c44ffe2a6dcd0bc1ba27dbb3f1cdcff6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4c5c0a8f2d1b93748b0979fc9faf4024442686b59854d14224a0027869cfa93
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63e3595aca60ab2a3b796be9c9b81a050649eb305f36a1d9ddd7e639aa43910
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab8f653041d4088682b61db083b52b17b647e0f5e901560997e3e4065268c992
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6274033c6bc74d7f476e303b6bcd7703922404e08d7c4fe477e200582a0e06
ad98f4634ec34239ff0c7bf2c2773bc1bd6d5e17852208304954f84215b462c1
adb0b01662616029cfeac72688ac4dd649c0bfe1569b0e52481133a7112e24a8
af035efca25535d751759333b5060a73cd91098cd85ec95ebe738515da0feed3
af468e8cd644877f48ad260e1711a3103629fc5a0f9527d9a8524ef88a27fc90
af68b91794e822e56116948c52ea84a2c8483e3ba1d800551b680b40e1cf076c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2738296095466160370dced4f9219866a7988d575d94f012278fa81ed634c3c
b425d81b412c43c491f30e517bc9a2d4a5d7384b7948ba77e4b3a6e08642427f
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b90abe4b302dde990692db3d6311e5e4362032a0e58b03c00848deca7b33e1fd
baaf31c1741e457fb1a7c35d9405d6d36d8a387f6a1e9c85a4ebaa701535f1d6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
be634f677ccb5ec45c00ec648b8b47529b36779c1888da92e8a6876f5a8decc7
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c49c82f3f670e16ab6ad5231d4dba5ccea94142649a946a69d5d7f64a9cfe4cd
c7f2d2c3a152c4dca3d245964a1b3510541d7d0d7eac8f8f8a14c6479e6121dd
c80361a43b0c373f76dd7543443b36f5a281fa434c91f286f1ceb05e59dacfc6
cae8542db075fb3b27ea542cb3e1b8b5628314e74b23c5d3c3cf6e6f453032b0
cb8e4cf3a207c549950c5d8d2899b23f291245ed836391866d6e40838b45851d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8a1147897e0fc7fc337a0b46e57999a3582c8fde88934dff9e9dff6eea0f56
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d013529b21ad0533477049ca5b350ef0983814b617d0b8b3daae4253b3b09cd3
d2874fdb525a55a4f16cbd53e137d1333883b1664fca1b400743f821f2d239c5
d39a60a6bc028590db1ec256ab65215a935c7ba79ac714aba34113a31e1e06ad
d5c5f6a2c2d2b577e828f983b0b958f787f94e48b6e3dc062e769e06f5b748e1
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
daef238eaa5fe22f8304c0c9cae17157ba58b44188f67eb11f17b59fb1d248be
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd5f70c5fb0cda9df50d1ea168efa19f63b1fa125c5cf20b6c91476a3c2c2120
dec9b1658814521902f86d8ba736b2e32de4fc3642069815e0a7d852f0ca9383
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e167af37f1fd882edf7bcf15a703c25607ae273a016e9e892be7b2526b3717bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e247478fc561a82e78bee7449288e91a808ece811f6aac5842df15b0963755
e47dfb0c50adcc7e2a60e215010b6ace3fcc83eb8ceb13871ecd80c4598679bb
e51e1f0de62cdf7350ba101a575ab33d06ff8c01efd2376c055f9d59cf5386e7
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e5b2b009ef6524229f6d9892f90fc89e8c0bd1b07ff40868f56aff745105f590
e751a2e40000d863b820b03fc8e5c7aaab3ee8f8cc7b0447a1caaaacddb52254
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea251a187058fefa3ff831991e25372f960173a29a57f2b84702d0c495c02244
ed7e359585cf38547edc775fd34423c798d8ed5161e9bf0eba0dc9ae21da586e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f144441391ff81772d6f60ba9138e81f0a78f76739f2d123aa6d09cca8920f66
f247b465fa59a0897b4a14a79df64e7d6994fb9c40a27e17a9f6ca673e4cb961
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
f8d545ba1b46f0fc875c342080254d3051fb46bb25b8593ae101c7d591c4fd02
f8fd19e664526e5667d00bed3e089e60559219501c1fcf5cea88feed079db74c
f9b54b5b7f651d58212686f18bb72a0142cf95881cbf4967a32b1d86a5c6e5cb
fa3347e4170323e894c13c9b3f3aa8b23d4c4d59477296a05d62a826c5306f3f
fc2d7e2e227883c1ad3ab84d15f45e22d8a0bb7760ff0b9867e94bf7a3cb640f
fc9ae90ebf7ca6d069d13c4b3779ca21b8ff61cedbe2cabe1edd0b69187c0c38
fcfe5110ac9c49cc22d5eac8f5d53c480f48c0830b006769b0beb021a36d1010
fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737