japangaysex.com Open in urlscan Pro
2606:4700:3038::6815:e9e0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://japangaysex.com/2019/09/tkb30/
Submission Tags: falconsandbox
Submission: On May 20 via api (May 20th 2021, 10:56:17 am UTC) from US

Summary HTTP 247 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 52 IPs in 5 countries across 47 domains to perform 247 HTTP transactions. The main IP is 2606:4700:3038::6815:e9e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is japangaysex.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2020. Valid for: a year.

This is the only time japangaysex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3038::6815:e9e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	109.206.162.83 109.206.162.83	50245 (SERVEREL-AS) (SERVEREL-AS)
2	2600:9000:205... 2600:9000:2057:c400:c:dd71:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 2	185.94.236.246 185.94.236.246	42567 (MOJHOST-EU) (MOJHOST-EU)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3038::6815:e9c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.23.130.4 104.23.130.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2600:1f18:510... 2600:1f18:510:800:2943:bb87:a771:c207	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.235.160 104.21.235.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.212.104 172.67.212.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:a8c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.95.112.254 208.95.112.254	53334 (TUT-AS) (TUT-AS)
10	2606:4700:303... 2606:4700:3036::6815:1409	13335 (CLOUDFLAR...) (CLOUDFLARENET)
94	2606:4700:303... 2606:4700:3032::6815:12e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:258a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:4666	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:5f25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.15 139.45.197.15	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
6	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
5	139.45.197.241 139.45.197.241	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:23a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3034::ac43:c74c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:bdac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3035::6815:55ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3036::ac43:c547	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:25f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:57a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::ac43:9a90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:3247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
247	52

22 2606:4700:3038::6815:e9e0 (United States)

ASN13335 (CLOUDFLARENET, US)

japangaysex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net

glassmilheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oranegfodnd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:c400:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.236.246 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9c6 (United States)

ASN13335 (CLOUDFLARENET, US)

sexgayhd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.23.130.4 (United States)

ASN13335 (CLOUDFLARENET, US)

hqq.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.blockadsnot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:510:800:2943:bb87:a771:c207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dcba.popcash.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

kvnd8a0npizx.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

kvnd8a0npizx.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

kvnd8a0npizx.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.160 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hydrax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.212.104 (United States)

ASN13335 (CLOUDFLARENET, US)

abyss.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

playhydrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:a8c (United States)

ASN13335 (CLOUDFLARENET, US)

geoip.redirect-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.112.254 (United States)

ASN53334 (TUT-AS, US)

blockadsnot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3036::6815:1409 (United States)

ASN13335 (CLOUDFLARENET, US)

iamcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2606:4700:3032::6815:12e0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.heycdn64.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:258a (United States)

ASN13335 (CLOUDFLARENET, US)

api.apigatewayz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

whowhipi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:4666 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.freeimagecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:5f25 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn000.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)

in-page-push.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.betgorebysson.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.241 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itphanpytor.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:23a5 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn001.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:c74c (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn002.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:bdac (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn003.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:55ac (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn004.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

forzubatr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c547 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn005.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:25f2 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn006.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:57a8 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn007.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:9a90 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn008.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3247 (United States)

ASN13335 (CLOUDFLARENET, US)

i.freecdn009.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	heycdn64.xyz cdn.heycdn64.xyz	4 MB
22	japangaysex.com japangaysex.com	791 KB
12	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re kvnd8a0npizx.l4.adsco.re kvnd8a0npizx.n4.adsco.re kvnd8a0npizx.s4.adsco.re	41 KB
10	iamcdn.net iamcdn.net	305 KB
7	redirect-ads.com geoip.redirect-ads.com	24 KB
5	google.com www.google.com	35 KB
5	itphanpytor.club cdn.itphanpytor.club	123 KB
5	addthis.com s7.addthis.com api-public.addthis.com	191 KB
4	betgorebysson.club cdn.betgorebysson.club	20 KB
3	in-page-push.com in-page-push.com	30 KB
3	googleapis.com fonts.googleapis.com storage.googleapis.com	2 KB
2	wowreality.info o.wowreality.info	409 B
2	cdnativepush.com static.cdnativepush.com	7 KB
2	rtmark.net my.rtmark.net	1 KB
2	freecdn000.xyz i.freecdn000.xyz	113 KB
2	freeimagecdn.net cdn.freeimagecdn.net	44 KB
2	blockadsnot.com www.blockadsnot.com blockadsnot.com	10 KB
2	facebook.net connect.facebook.net	66 KB
2	popcash.net cdn.popcash.net dcba.popcash.net	36 KB
2	gstatic.com fonts.gstatic.com	28 KB
2	jads.co 1 redirects poweredby.jads.co	2 KB
2	juicyads.com js.juicyads.com mobile.juicyads.com Failed	98 KB
1	freecdn009.xyz i.freecdn009.xyz	83 KB
1	freecdn008.xyz i.freecdn008.xyz	63 KB
1	freecdn007.xyz i.freecdn007.xyz	92 KB
1	freecdn006.xyz i.freecdn006.xyz	60 KB
1	freecdn005.xyz i.freecdn005.xyz	67 KB
1	forzubatr.com forzubatr.com	326 B
1	freecdn004.xyz i.freecdn004.xyz	46 KB
1	freecdn003.xyz i.freecdn003.xyz	69 KB
1	freecdn002.xyz i.freecdn002.xyz	54 KB
1	freecdn001.xyz i.freecdn001.xyz	72 KB
1	lalaping.com static.lalaping.com	33 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	whowhipi.net whowhipi.net	151 B
1	jsdelivr.net cdn.jsdelivr.net	30 KB
1	apigatewayz.com api.apigatewayz.com
1	playhydrax.com 1 redirects playhydrax.com	143 B
1	abyss.to abyss.to	7 KB
1	hydrax.net 1 redirects hydrax.net	534 B
1	cloudflare.com cdnjs.cloudflare.com	27 KB
1	addthisedge.com v1.addthisedge.com	846 B
1	moatads.com z.moatads.com	1 KB
1	hqq.tv hqq.tv
1	sexgayhd.com sexgayhd.com	1015 B
1	oranegfodnd.com oranegfodnd.com	64 KB
1	glassmilheart.com glassmilheart.com	27 KB
247	47

	Domain	Requested by
94	cdn.heycdn64.xyz	geoip.redirect-ads.com iamcdn.net
22	japangaysex.com	japangaysex.com
10	iamcdn.net	geoip.redirect-ads.com iamcdn.net
7	geoip.redirect-ads.com	hydrax.net geoip.redirect-ads.com
5	www.google.com	geoip.redirect-ads.com
5	cdn.itphanpytor.club	in-page-push.com cdn.itphanpytor.club
4	cdn.betgorebysson.club	in-page-push.com cdn.betgorebysson.club
3	in-page-push.com	iamcdn.net in-page-push.com
3	api-public.addthis.com	s7.addthis.com
3	c.adsco.re	www.blockadsnot.com c.adsco.re
2	o.wowreality.info	static.lalaping.com
2	static.cdnativepush.com	geoip.redirect-ads.com japangaysex.com
2	my.rtmark.net	in-page-push.com cdn.betgorebysson.club
2	i.freecdn000.xyz	geoip.redirect-ads.com japangaysex.com
2	cdn.freeimagecdn.net	geoip.redirect-ads.com
2	adsco.re	c.adsco.re
2	4.adsco.re	japangaysex.com c.adsco.re
2	6.adsco.re	japangaysex.com c.adsco.re
2	connect.facebook.net	japangaysex.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	s7.addthis.com	japangaysex.com s7.addthis.com
2	poweredby.jads.co	1 redirects japangaysex.com poweredby.jads.co
2	fonts.googleapis.com	japangaysex.com
2	js.juicyads.com	japangaysex.com
1	i.freecdn009.xyz	japangaysex.com
1	i.freecdn008.xyz	japangaysex.com
1	i.freecdn007.xyz	japangaysex.com
1	i.freecdn006.xyz	japangaysex.com
1	i.freecdn005.xyz	japangaysex.com
1	forzubatr.com	japangaysex.com
1	i.freecdn004.xyz	japangaysex.com
1	i.freecdn003.xyz	japangaysex.com
1	i.freecdn002.xyz	japangaysex.com
1	i.freecdn001.xyz	geoip.redirect-ads.com
1	static.lalaping.com	cdn.itphanpytor.club
1	storage.googleapis.com	geoip.redirect-ads.com
1	www.google-analytics.com	iamcdn.net
1	whowhipi.net	geoip.redirect-ads.com
1	cdn.jsdelivr.net	geoip.redirect-ads.com
1	api.apigatewayz.com	geoip.redirect-ads.com
1	blockadsnot.com	www.blockadsnot.com
1	playhydrax.com	1 redirects
1	abyss.to	sexgayhd.com
1	hydrax.net	1 redirects
1	cdnjs.cloudflare.com	sexgayhd.com
1	kvnd8a0npizx.s4.adsco.re	c.adsco.re
1	kvnd8a0npizx.n4.adsco.re	c.adsco.re
1	kvnd8a0npizx.l4.adsco.re	c.adsco.re
1	dcba.popcash.net	cdn.popcash.net
1	v1.addthisedge.com	s7.addthis.com
1	www.blockadsnot.com	japangaysex.com
1	z.moatads.com	s7.addthis.com
1	cdn.popcash.net	japangaysex.com
1	hqq.tv	japangaysex.com
1	sexgayhd.com	japangaysex.com
1	oranegfodnd.com	japangaysex.com
1	glassmilheart.com	japangaysex.com
0	mobile.juicyads.com Failed	js.juicyads.com
247	58

This site contains links to these domains. Also see Links.

Domain
adsco.re
javgay.tv
hdgay.net
websexgay.com
gaycum.net
gayhd.tv
blphoto.net
gaysex69.net
gaysexhd.net
gaysex.tv
www.asiangaysex.net
gayfull.net
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
glassmilheart.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
oranegfodnd.com R3	`2021-04-03` - `2021-07-02`	3 months	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-20` - `2022-04-23`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2020-11-27` - `2021-12-28`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdn.popcash.net R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
1158060716.rsc.cdn77.org R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
*.popcash.net AlphaSSL CA - SHA256 - G2	`2021-04-22` - `2022-05-24`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l4.adsco.re R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.n4.adsco.re R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.s4.adsco.re R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
blockadsnot.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
whowhipi.net R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
in-page-push.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
betgorebysson.club R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
itphanpytor.club R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
wowreality.info R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
forzubatr.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://japangaysex.com/2019/09/tkb30/
Frame ID: A31F01B0DB506EEE217AE1BCCDEB3C9F
Requests: 56 HTTP requests in this frame

Frame: https://geoip.redirect-ads.com/?v=IXRFD77ts
Frame ID: 6EE12BE6038CC7EF6277F6CA51D80B50
Requests: 154 HTTP requests in this frame

Frame: https://hqq.tv/player/embed_player.php?vid=ZmovbmpBc0FiQ3I0ZmM3NStsUlBRQT09&autoplay=no
Frame ID: ECE79B0549CB88DB9BA3D247FE51F228
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: C30D38760131A428497BDF5F93B6600E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.betgorebysson.club/fac.php
Frame ID: 9CD8249CC7881D1971852A2FB371B7FE
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Frame ID: EE0C17CC966B871065E9880CAB82C339
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 544A8526BCC4BE73FD87986F14DF7683
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 9A6C8E94EC8329D9EA22757B8008A164
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 51BFFF77D787FB9783510E0C3B5A2D6C
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: A83B43BB020E17F3281A2FCF5C0BA216
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 85588C6D82184B2456423341C27A6517
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: C856BEC3CFBBBCCCB9F37C78FACB2D2B
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 2B4A51A225C06DF092B3CCA7E333725F
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 1E102E77E72AFC139D0B8A181B6DB305
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 2B0D4A1A0EBF0F2F561B11A9CA5D8CB4
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: B968D37DBC0CB0943AAC9636F5DA0DE7
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: 3DB471DE4B144021E2FA03C3196690C8
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: A6E2F6CE797727F0EA3E47F0CCE6ACA2
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: DA03405094427A969483E3BEEE2E8040
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=771335
Frame ID: E158DA14EDCA95C748FDB15A1E3E9FFB
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: 00384AA252DC5514983140D982BDFBD1
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: C7A9657E6DCA8B43E07B3949D4807C70
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: 211A8CF13594E9E8374FE5F9B5FC64EC
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: B07AC9D355B4C098653CF55497B91008
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: 222DED8FB6B7AE0FEC3D53572F8263DF
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=777696
Frame ID: E9F3BA8C22582F35A591A63C37D07B22
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=895141
Frame ID: 74AD14E6A5874EC3B35FF78D09D82A6F
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=895141
Frame ID: 4FA3F029EB535091B8CE5710CF671328
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=895141
Frame ID: 62C262A679FCBC9E40D8C7B9D767E95E
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=895141
Frame ID: A9004247FA2C2B7D4741DBAA3FA9B080
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=698960
Frame ID: FCC7CDB2EFBF3A581DCC724695163734
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=698960
Frame ID: 805BE4984E341674576E5F6EAA582AB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

247
Requests

87 %
HTTPS

62 %
IPv6

47
Domains

58
Subdomains

52
IPs

5
Countries

7380 kB
Transfer

14154 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://javgay.tv/
Title: MOVIES

Search URL Search Domain Scan URL

URL: https://hdgay.net/
Title: GAY PORN

Search URL Search Domain Scan URL

URL: https://websexgay.com/
Title: WEB GAY

Search URL Search Domain Scan URL

URL: https://gaycum.net/
Title: RANDOM

Search URL Search Domain Scan URL

URL: https://gayhd.tv/
Title: GAY SEX

Search URL Search Domain Scan URL

URL: https://blphoto.net/
Title: PHOTO

Search URL Search Domain Scan URL

URL: https://gaysex69.net/
Title: HOTTEST

Search URL Search Domain Scan URL

URL: https://gaysexhd.net/
Title: HD GAY

Search URL Search Domain Scan URL

URL: http://gaysex.tv/
Title: GAY TUBE

Search URL Search Domain Scan URL

URL: https://www.asiangaysex.net/
Title: ASIAN

Search URL Search Domain Scan URL

URL: https://gayfull.net/
Title: GAY BLOG

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 56

https://hydrax.net/players/player.min.js HTTP 302
https://abyss.to/players/player.min.js

Request Chain 58

https://playhydrax.com/?v=IXRFD77ts HTTP 302
https://geoip.redirect-ads.com/?v=IXRFD77ts

247 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
japangaysex.com/2019/09/tkb30/ 35 KB
9 KB 805ms
781ms Document
text/html 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ed0db575374ee7a46d89ac2af59d78437f254ea7fdece5502c0829add2f810

Request headers

:method: GET
:authority: japangaysex.com
:scheme: https
:path: /2019/09/tkb30/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://japangaysex.com/wp-json/>; rel="https://api.w.org/" <https://japangaysex.com/?p=4342>; rel=shortlink
cf-cache-status: DYNAMIC
cf-request-id: 0a2b03c6ae00002c2e408bd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpTRwGc4HJ0J9npiVedgSlNOrr2V%2FTN3SbbQT7hMuIUAau6Ztot2uPjxr0uwZztT%2BAQQdR6M80kHn3BWKbEptO6a0a64zU%2FvtUlqkr407357sJl4C4uItR5as8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 652508b77d6f2c2e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK apu.php Show response
glassmilheart.com/ 66 KB
27 KB 231ms
73ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glassmilheart.com/apu.php?zoneid=1823016

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),

Reverse DNS

83.162.serverel.net

Software

nginx /

Resource Hash

c2c93945bcd755d614f297c124c60a81724a985c2021e070c541f27a0184f7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Apr 2021 09:37:38 GMT
Server: nginx
ETag: W/"60892ce2-106e5"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 1823028 Show response
oranegfodnd.com/bultykh/ipp24/7/bazinga/ 184 KB
64 KB 261ms
88ms Script
application/javascript 109.206.162.83
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oranegfodnd.com/bultykh/ipp24/7/bazinga/1823028

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),

Reverse DNS

83.162.serverel.net

Software

nginx /

Resource Hash

c15641cf9688e767abcb1200d374138ccb803a7484e62703bc0d4da126aaa747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Apr 2021 09:37:38 GMT
Server: nginx
ETag: W/"60892ce2-2e011"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 jam_min.js Show response
js.juicyads.com/ 21 KB
6 KB 46ms
11ms Script
application/javascript 2600:9000:2057:c400:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jam_min.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c400:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 92f5f97baf283b473cc64aaa840f580a650e8d1bb8d9df68eaa5203248b7fa5e

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: gzip
last-modified: Mon, 23 Dec 2019 18:28:44 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
etag: W/"5e01075c-5394"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-id: AS9ixTmhKrSaUgdbG41Fq7VHZn0YmGMvy3uivanbKelR_xDlUmWAvA==

GET
H3-29 200 style.min.css
japangaysex.com/wp-includes/css/dist/block-library/ 25 KB
4 KB 29ms
17ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03c9d000004a9dd11a0000000001
last-modified: Tue, 06 Oct 2020 05:37:05 GMT
server: cloudflare
etag: W/"5f7c0281-643a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fuVGOsj%2BwqQwYVdmAD0XtF4PbRW12CNYQO83WwHz4UWpU6QDrN5gShAP1cb8yMWzU1KpeVOPtUVaLpsTve4nBwDCgxf6XtGYBm2O9qBQSB6qqC2y6qMXdS6vY%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508bc792a4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 style.css
japangaysex.com/wp-content/themes/yolotube%20edited/ 17 KB
5 KB 35ms
23ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d1d6528bebab140fb7a7874664a6034cb52054c33da13441c547bb88cc1f5dc

Request headers

:path: /wp-content/themes/yolotube%20edited/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
cf-polished: origSize=23714
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03c9d000004a9de88e5000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-5ca2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zkAGnSdLPl9aems0hgYP%2FGepIsgqWUc5KhB9Ibo%2F8CeCGu7X%2FJ91EhWf4kzVzcKkpDODQzdEylfad2LkJScffk%2BoypZvvSxoILjMAOiO2DLR2ft5LptiFsacWHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508bc792c4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 responsive.css
japangaysex.com/wp-content/themes/yolotube%20edited/css/ 2 KB
1 KB 29ms
17ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/css/responsive.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6886d1ea0d4f080e1332c0e0545623ce495bc50c81852a6fc919948b1fc3e34

Request headers

:path: /wp-content/themes/yolotube%20edited/css/responsive.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
cf-polished: origSize=2275
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03c9cf00004a9dd286e000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-8e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EtKB19oQtKH9av62CLBR1aefqAWU5jbvs6bcyVt4jhf8hokysMBUqoYWBBlWvOit9Xn1takVIx0q2LABRp4VnxXtwsNv0Qj6hAAM6G673kuf510Wa2F%2FYs4t74k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508bc792d4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
874 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%7CRoboto%7CSource+Sans+Pro&subset=latin%2Cvietnamese%2Ccyrillic-ext%2Clatin-ext%2Ccyrillic%2Cgreek-ext%2Cgreek&ver=5.0.13&display=swap

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a30cce856f909566c79321f72cd993c864b6542219ee0210583b3080714521bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 10:55:41 GMT
server: ESF
date: Thu, 20 May 2021 10:55:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 10:55:41 GMT

GET
H3-29 200 bootstrap.min.js Show response
japangaysex.com/wp-content/themes/yolotube%20edited/libs/bootstrap/js/ 36 KB
10 KB 28ms
16ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/libs/bootstrap/js/bootstrap.min.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

:path: /wp-content/themes/yolotube%20edited/libs/bootstrap/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03c9cf00004a9d9599e000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-8fd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eO9sZTdE3cX9mM7chblRlIu7mYfEJr4SxpdP5Hqa78stkVLfXi%2BpC3YWhmfePpBkkTtQfFABKN9ZuiGbWITB3etq9pxuH8KaoaImebepo4mcM0ENBILT%2FmM2%2B70%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508bc792b4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

13126ms
179ms

Script
application/x-javascript

185.94.236.246
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:56:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Server: nginx
ETag: W/"5e0262a5-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Thu, 20 May 2021 10:55:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H3-29 200 OnlyFans_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 86 KB
86 KB 22ms
20ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/OnlyFans_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bbd892cb8301912a90ae8f6750eaf0ec997a48de5c940cedfeae6405edfb4df

Request headers

:path: /wp-content/uploads/2021/05/OnlyFans_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87613
cf-request-id: 0a2b03cae100004a9dc4036000000001
last-modified: Tue, 18 May 2021 16:38:25 GMT
server: cloudflare
etag: "60a3ed81-1563d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A%2BDiGXWX9gA%2Fd5lOJwFR3mQkQErpVj7XODQHihD1YGyfXbcNbPrBinVb7w4crqQ7kSnlbLZyk96OuQn58Q%2FPricA%2F%2F2yOwZBN6mgXHeiN%2BK1W9IhJ6HsjpTadVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e3a4a9d-FRA
expires: Thu, 17 Jun 2021 17:12:20 GMT

GET
H3-29 200 Doctor2Band2Bhis2Bpatient2B-2BBoyFriendTV.com_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 73 KB
73 KB 15ms
13ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/Doctor2Band2Bhis2Bpatient2B-2BBoyFriendTV.com_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c00291c4a52695e5d3e21d653ad151f02d04dcc1653dabebaef836842570a573

Request headers

:path: /wp-content/uploads/2021/05/Doctor2Band2Bhis2Bpatient2B-2BBoyFriendTV.com_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74365
cf-request-id: 0a2b03cae100004a9d87a23000000001
last-modified: Tue, 18 May 2021 16:38:27 GMT
server: cloudflare
etag: "60a3ed83-1227d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y2D6bguE%2BTqOXGvoYNH6ju10DadREyuoAlcSnowyPrjVQ2Ta6XD6IOqacEcCOSirT9AJhQFrw1HrNYP52Kvhjqo0EHZoTfUxHEYoO3ej1ADhDIUtBjpLWY8JTsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e3b4a9d-FRA
expires: Thu, 17 Jun 2021 17:12:20 GMT

GET
H3-29 200 Korean2Bdaddy2B-2BBoyFriendTV.com_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 127 KB
127 KB 30ms
27ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/Korean2Bdaddy2B-2BBoyFriendTV.com_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 070c9b0da4922abc4131d06175960abf7a1e83da314e8f2297297b0746f060c1

Request headers

:path: /wp-content/uploads/2021/05/Korean2Bdaddy2B-2BBoyFriendTV.com_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150457
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 129680
cf-request-id: 0a2b03cae200004a9dc61fa000000001
last-modified: Tue, 18 May 2021 16:38:29 GMT
server: cloudflare
etag: "60a3ed85-1fa90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S225f5ZANo8dH4YuFZzXJ%2FRey8WGhwMu29Vtt4OgAhdVVpMVm57uaCvlTNTWdTCnY70R5lTOyuLRMVQTefJy4tamee2sbH3ItaYHDc7pZRApxM0EKIJPFin1cek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e3d4a9d-FRA
expires: Thu, 17 Jun 2021 17:08:04 GMT

GET
H3-29 200 Lost2Bto2Blust2B-2BThailand2B-2BBoyFriendTV.com_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 85 KB
86 KB 42ms
39ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/Lost2Bto2Blust2B-2BThailand2B-2BBoyFriendTV.com_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0f09c569df754945ff024c0dcedbc43a076c28c1924b32789dc6ed36538b60

Request headers

:path: /wp-content/uploads/2021/05/Lost2Bto2Blust2B-2BThailand2B-2BBoyFriendTV.com_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150500
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87069
cf-request-id: 0a2b03cae200004a9d959bf000000001
last-modified: Tue, 18 May 2021 16:38:31 GMT
server: cloudflare
etag: "60a3ed87-1541d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BNbheV1mcNTdBhsu%2FKOSB458vr6Z7KYpNXkHT3QoqxOASUTYqVyC%2F8amTMpffHRfuizekySZvVDxARDhn65j1QmMN7yDtZoe%2B5gOQqQTj%2BzGycqiaIA68ybvgxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e404a9d-FRA
expires: Thu, 17 Jun 2021 17:07:21 GMT

GET
H3-29 200 My2Bhuman2Bpet2B-2BBoyFriendTV.com_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 74 KB
74 KB 46ms
44ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/My2Bhuman2Bpet2B-2BBoyFriendTV.com_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc412d3367cdfda3f30e23b3ac1dcae8ec5afb0bf87acee962d5899798bca8f

Request headers

:path: /wp-content/uploads/2021/05/My2Bhuman2Bpet2B-2BBoyFriendTV.com_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75359
cf-request-id: 0a2b03cae200004a9dd21c2000000001
last-modified: Tue, 18 May 2021 16:38:44 GMT
server: cloudflare
etag: "60a3ed94-1265f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pAK%2BDHebxTASPb6VEqa9VdA57tmmbSvAEJGhivvWf1adslzpF4wvjVAyLAw%2BZE68zDNvZ2ZwNFxmfXwJaNfL%2BGqAuuS3hrJw1vgoWp3VFPGEQG%2FfzfIseOjWLhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e414a9d-FRA
expires: Thu, 17 Jun 2021 17:12:20 GMT

GET
H3-29 200 Spiderman2Bdeleted2Bscene2B-2BBoyFriendTV.com_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 119 KB
119 KB 50ms
48ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/Spiderman2Bdeleted2Bscene2B-2BBoyFriendTV.com_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c622bce87bfbe18823ebc683d9d486c564dd17b5770a228de48e3b36a96d0ba7

Request headers

:path: /wp-content/uploads/2021/05/Spiderman2Bdeleted2Bscene2B-2BBoyFriendTV.com_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 150201
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121586
cf-request-id: 0a2b03cae300004a9db43c5000000001
last-modified: Tue, 18 May 2021 16:38:55 GMT
server: cloudflare
etag: "60a3ed9f-1daf2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xBw9tvEXd6YxIqkoC3uZQiEALJtebKRC8EYyU%2FGn%2Fgm1%2BKOhZ3RubaWM0ayDgBzPXIsC1BeVieJjoMgIiHvyEOUl082%2FBzleVimszAuPW2ojqq7xUPsIqc6wv7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e434a9d-FRA
expires: Thu, 17 Jun 2021 17:12:20 GMT

GET
H3-29 200 205035.jpg
japangaysex.com/wp-content/uploads/2021/05/ 25 KB
26 KB 59ms
57ms Image
image/jpeg 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/205035.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c58ccd4cc0694f581b0dac9469104b4e931d24631e4f60b03601d1c536470c0

Request headers

:path: /wp-content/uploads/2021/05/205035.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152039
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25642
cf-request-id: 0a2b03cae300004a9da7225000000001
last-modified: Tue, 18 May 2021 16:39:18 GMT
server: cloudflare
etag: "60a3edb6-642a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pi6omdTRR9yxzpi8Ve4MsQ%2BFKwQndxGIl0L%2Bd9jm3W%2FbQjAZDQfN8n4ugpbLR98zbou3TFd75PJmJsfyV5v2UNJ%2BAwJsjKws1pj9kZfIEx1feeSQ37tjoSCqFlA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e444a9d-FRA
expires: Thu, 17 Jun 2021 16:41:42 GMT

GET
H3-29 200 Z12_000000.png
japangaysex.com/wp-content/uploads/2021/05/ 88 KB
88 KB 59ms
57ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/uploads/2021/05/Z12_000000.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b64efea7eeb3d75c35df53c38c70aed86299c65d9dfc2a5ec6f3ff2fdf3754

Request headers

:path: /wp-content/uploads/2021/05/Z12_000000.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 152052
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89683
cf-request-id: 0a2b03cae300004a9dda323000000001
last-modified: Tue, 18 May 2021 16:38:49 GMT
server: cloudflare
etag: "60a3ed99-15e53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WRin2S7gHKUPXJMXzYXeFlObILDYyE3DgFf02u4QeO0J8QujJXYRNvqR9m1Zd5gZHNms7uvdFFq6YhzjqxvY0lZQjktIoxdbzrRfdJtx1Kt8fKNkIRGMiTdx%2Fko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508be3e474a9d-FRA
expires: Thu, 17 Jun 2021 16:41:29 GMT

GET
H3-29 200 jquery-1.10.2.js Show response
japangaysex.com/wp-content/themes/yolotube%20edited/js/ 143 KB
40 KB 17ms
17ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/js/jquery-1.10.2.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a544f9145084d391c518c00f0daa8374ab6e9b093a203d11f2472e63c345126d

Request headers

:path: /wp-content/themes/yolotube%20edited/js/jquery-1.10.2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
cf-polished: origSize=273199
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cab100004a9db43bf000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-42b2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K2%2FJ5yUrzNMASkI7UMlMQkJ6O%2Fnk2CT6YRz%2BHpfwANGm75%2B4CTndzBrBiU8HEe4A6R%2FQ68tETy0F9oEyoEATYwlnx3p52D2MW1kI1CCVajfDoPRBNqieebIIYJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508bded4f4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 owl.carousel.min.js Show response
japangaysex.com/wp-content/themes/yolotube%20edited/libs/owl.carousel/ 39 KB
11 KB 22ms
22ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/libs/owl.carousel/owl.carousel.min.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

:path: /wp-content/themes/yolotube%20edited/libs/owl.carousel/owl.carousel.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cadd00004a9d2d209000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-9dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HXMs17Rk1lT95wxaIa4Ko9O5vuafIxtWBZynd71cYZ9pyOjjMDhTJg6JpjZSkViRlgcdVZU9TsD0175AtrsY2nuHaKjcneH2UtXy3hG2QkEUgiMxigY5JCk%2BeOA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508be2e1d4a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 main.js Show response
japangaysex.com/wp-content/themes/yolotube%20edited/js/ 809 B
960 B 35ms
33ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/js/main.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c0298696fd7fb8d0289806f4f03dda67fd0d70eeba9ece9b6966c9b5271fd7

Request headers

:path: /wp-content/themes/yolotube%20edited/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
cf-polished: origSize=1240
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cae100004a9ddabbf000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vt6CSewhyqPKzazwn2x9cG0eIrrJ3JaWOX88kTYjn4Y9lmNPsSDXr%2FzEWpkj1HnmJjNG%2BVh6uuMTw3R0Q24BsNFqfwIjtGrNilcLzakInIJcJmNRq82Vh4Dw4eE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508be3e354a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 custom.js Show response
japangaysex.com/wp-content/themes/yolotube%20edited/js/ 2 KB
1 KB 14ms
11ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/js/custom.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b1d77c0d375205f559ff01f7bab4b87002a2eea1ea6abc00b8d6cb9c902d93

Request headers

:path: /wp-content/themes/yolotube%20edited/js/custom.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
cf-polished: origSize=2436
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cae100004a9da837c000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-984"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=34Yn%2FsANtvaxGMH9OussagnotjGMTfS9XVVsebC9lFFsa8c4ffgoUJ8%2FHn1F8kNx6WCL5Sdi3BRVvUf0EBdpDRBGGiCdZ3BRVHwYkNIrdG6MTsulgyw3olkUMTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508be3e364a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H3-29 200 wp-embed.min.js Show response
japangaysex.com/wp-includes/js/ 1 KB
1 KB 23ms
20ms Script
application/javascript 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-includes/js/wp-embed.min.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: japangaysex.com
referer: https://japangaysex.com/2019/09/tkb30/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/2019/09/tkb30/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cae100004a9de5338000000001
last-modified: Thu, 15 Apr 2021 06:47:50 GMT
server: cloudflare
etag: W/"6077e196-56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mSHLceOhrRm2ca0ykeBe2XiOxF5vx1EUUysB7lhgJ0phsDD3VfWvEj6te3VZ8luCJfnZu5bx5VjLny3QINzWp4crUrrdj6KSM3%2FV0opEon%2FwjBpgwFMxc1ON68g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 652508be3e394a9d-FRA
expires: Thu, 20 May 2021 21:14:29 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 160ms
53ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 20 May 2021 10:55:41 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 jp.php Show response
js.juicyads.com/ 91 KB
92 KB 16ms
13ms Script
application/javascript 2600:9000:2057:c400:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c400:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0cfd3b785d0013ae8fe9334fa210df14c256af82554dfb09daf156bd9776ade9

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Thu, 20 May 2021 10:51:39 GMT
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: nginx
age: 242
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: cGBqfFegresX8--QcuyAachyGhXyXc1aKes_yDV1uR3u0Y7NpIUA7A==
expires: Thu, 20 May 2021 11:06:39 GMT

GET serveAd
mobile.juicyads.com/service_async.php/ 0
0

GET
H3-29 200 css
fonts.googleapis.com/ 16 KB
978 B 27ms
25ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0492ec60b8dc2d7f1ecd223adb634c1e01369550dade7382f16194cc9713af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 10:55:41 GMT
server: ESF
date: Thu, 20 May 2021 10:55:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 10:55:41 GMT

GET
H3-29 200 font-awesome.min.css
japangaysex.com/wp-content/themes/yolotube%20edited/libs/font-awesome/css/ 23 KB
6 KB 18ms
17ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/libs/font-awesome/css/font-awesome.min.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

:path: /wp-content/themes/yolotube%20edited/libs/font-awesome/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2021
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cac000004a9dc61f7000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3QoIl6hm3Hnms7FDi%2FGGGaOJV%2FRuW%2FDTNZVCimyBBao4woU8Stmh%2FnM4ZyYGC9BRm4XWWtFLIDLA3Gwj1jfIDHbEeTdglohlBz069rlj7jMkJuBhYEJkq3UouKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508be0d954a9d-FRA
expires: Thu, 20 May 2021 22:22:00 GMT

GET
H3-29 200 bootstrap.min.css
japangaysex.com/wp-content/themes/yolotube%20edited/libs/bootstrap/css/ 120 KB
18 KB 15ms
15ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/libs/bootstrap/css/bootstrap.min.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4795109c0265337e4d7c5b51715a5defed370269a793ab9724ed1d7b815d701

Request headers

:path: /wp-content/themes/yolotube%20edited/libs/bootstrap/css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2021
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cac000004a9dac39c000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-1de25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bG%2BfuLxTDgYG%2FCDkXYrjJiNodFlYBnQjNmOuhc2SePVVz%2FuMOqh8AxJk%2FXMYjaZE2XJ2BUIDTzspjGaeZM0QKDNHEmMcd61QhqxbwRbnNi2q5m2lwGqkeeE9ySk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508be0d994a9d-FRA
expires: Thu, 20 May 2021 22:22:00 GMT

GET
H3-29 200 owl.carousel.css
japangaysex.com/wp-content/themes/yolotube%20edited/libs/owl.carousel/assets/ 4 KB
1 KB 14ms
13ms Stylesheet
text/css 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/libs/owl.carousel/assets/owl.carousel.css
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b84bccba148296e8e68f4a7e794ccbd7116b1f4ab2645d6bb821e0bcbdfcc5

Request headers

:path: /wp-content/themes/yolotube%20edited/libs/owl.carousel/assets/owl.carousel.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: japangaysex.com
referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2021
cf-polished: origSize=4614
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cac100004a9db7355000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: W/"5f7b6a70-1206"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eaJ3GZ81wUPaRb%2FNZ%2F0FqCgOqvKqUdz9U%2FqLiu%2FI9nkALzjLHJ8ocktobbtJCHBP3kAH7VRKOIV%2BznLRV08dX5s0%2BuwmXfwbl8h6COWNuZasLqtLjbBhNMK9QzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 652508be0d9a4a9d-FRA
expires: Thu, 20 May 2021 22:22:00 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://japangaysex.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:34:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
age: 134467
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
expires: Wed, 18 May 2022 21:34:34 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,300,300italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://japangaysex.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:32:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 134601
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 18 May 2022 21:32:20 GMT

GET
H2 200 player.php Show response
sexgayhd.com/ Frame 6EE1 1 KB
1015 B 605ms
575ms Document
text/html 2606:4700:3038::6815:e9c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sexgayhd.com/player.php?id=IXRFD77ts
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e04c4eb599442e0b4e5a395b4fa647e6ed0ed31df0823d41a4ede15c4f056c38

Request headers

:method: GET
:authority: sexgayhd.com
:scheme: https
:path: /player.php?id=IXRFD77ts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://japangaysex.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://japangaysex.com/

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 0a2b03cb2300004e4acbba1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oZsNUNmRzJZJNDIzvmMGmTGvJZLnDtv4A3iLs%2BcDkU%2B8mPa1fQQiDlFg0g5TpFWlNjt1MeTAy9OIiuU0f2nt9vOfYxbKYkzrpHpLlXAKus2qyfr1Bfn4d5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 652508be993e4e4a-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 403 embed_player.php
hqq.tv/player/ Frame ECE7 0
0 182ms
64ms Document
text/html 104.23.130.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hqq.tv/player/embed_player.php?vid=ZmovbmpBc0FiQ3I0ZmM3NStsUlBRQT09&autoplay=no

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.23.130.4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: hqq.tv
:scheme: https
:path: /player/embed_player.php?vid=ZmovbmpBc0FiQ3I0ZmM3NStsUlBRQT09&autoplay=no
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://japangaysex.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://japangaysex.com/

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0a2b03cb9800000c1179b7b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 652508bf5fef0c11-AMS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 show.js Show response
cdn.popcash.net/ 125 KB
36 KB 180ms
63ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.popcash.net/show.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uAa6GYUD%2FS65lVZIY4QYmk2x3zdXN132YJxqaLsedxadyA9R1KZ7eR5hWcqZHgI0T87tCnutdcOKmU%2BWaJ8TB0NgVAn3762HkG7pxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-length: 36202
cf-request-id: 09f247e2a9000040fb80941000000001
last-modified: Thu, 15 Apr 2021 14:09:51 GMT
server: cloudflare
etag: W/"6078492f-1f3c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1621508142.cds060.lo4.hn,1621508142.cds053.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 64ca427dda0740fb-LHR

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/js/custom.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09fc65f19a36912d87d2080b70c1ca7e5668f1a2df2ebb47200d17d97aace920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SVb+iG3zvkiwLESPvbyFYQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: JffQYvT9LImcJoLo5ghLwd0Xk/o+Tz43dm1g3CZRhPwvy3/j1Tluw9ZmWbmyqpQ2biLWjgvO85qdJ0zudOhDag==
x-fb-trip-id: 917726464
x-fb-content-md5: 6c307ab50bc8373077d3f01d0d9e391d
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 20 May 2021 10:55:41 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "36ff07d3d4936db3bce901566b467302"
timing-allow-origin: *
expires: Thu, 20 May 2021 10:59:11 GMT

GET
H3-29 200 icon-play.png
japangaysex.com/wp-content/themes/yolotube%20edited/images/ 3 KB
3 KB 24ms
23ms Image
image/png 2606:4700:3038::6815:e9e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/images/icon-play.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:e9e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3af0092c4db7023b2b6667236bf7bad96800507687c06ca0279eccc00008f60

Request headers

:path: /wp-content/themes/yolotube%20edited/images/icon-play.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: japangaysex.com
referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://japangaysex.com/wp-content/themes/yolotube%20edited/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2486116
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2586
cf-request-id: 0a2b03cb3b00004a9daf8db000000001
last-modified: Mon, 05 Oct 2020 18:48:16 GMT
server: cloudflare
etag: "5f7b6a70-a1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nLNpW1iRnFO7Uodw17d5Bn73MS3lDvv9hupaXxVBjJk%2ByLtNo4RSQErWJdM%2BGh%2B5nse2mswrHWSXoQWJsMD%2BTVaSZ7VNdkzpW04hExQ3l60D3qmefJg9zqBC%2BCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 652508bebfd14a9d-FRA
expires: Fri, 21 May 2021 16:20:25 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/vi_VN/ 215 KB
63 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=13879ae8e3f612a8b991a9bae683bc94&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d56c8de43d61d0f7232b2f649441053636a05e9a5b97b6eb28bc9dbf1c70c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://japangaysex.com
Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rBLCWWp/kGZCNJa8XLpoKQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64968
x-fb-rlafr: 0
x-fb-debug: 05uwQW4395O07rvKC6TAn54PBkWnaOEaZtqfeRRzaAL6rH56cN7UvAX7jc5mwc8cj9CodQwOPHFk8VUWHxuH3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d3b08aca46e84a9098971b64eed5bb2e
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 20 May 2021 10:55:41 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5fbf5565339afd62a4b06ca531d857d3"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 10:13:01 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 175ms
64ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=62609
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 cldr.min.js Show response
www.blockadsnot.com/ 30 KB
9 KB 32ms
11ms Script
application/x-javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blockadsnot.com/cldr.min.js
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b165a32a57cb8d55f4068ab46afeb07449f445c3a4b075a0b21cfb935bb04f8

Request headers

Origin: https://japangaysex.com
Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rywTaZzvhAUEAA==
date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray: +GKAsK9KQME=
x-77-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-77-pop: frankfurtDE
x-cache: HIT
x-age: 263556
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
expires: Mon, 24 May 2021 09:43:06 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-58ed4522449372ba/ 3 KB
846 B 212ms
210ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-58ed4522449372ba/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66069e949d9fcd983c4758e5fe76d79c5d8ca7ba96b7b38614c20b414166b687

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: gzip
etag: -757856772--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 670

GET
H2 204 znWaa3gu Show response
dcba.popcash.net/ 0
118 B 294ms
97ms XHR
text/plain 2600:1f18:510:800:2943:bb87:a771:c207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dcba.popcash.net/znWaa3gu
Requested by: Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:510:800:2943:bb87:a771:c207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 May 2021 10:55:42 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 / Show response
c.adsco.re/ 35 KB
12 KB 46ms
19ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.blockadsnot.com
URL: https://www.blockadsnot.com/cldr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5061349
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 652508c14c1818e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cccc000018e527040000000001
expires: Sun, 20 Jun 2021 10:55:42 GMT

GET
H2 200 /
6.adsco.re/ 0
128 B 36ms
14ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://japangaysex.com
Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://japangaysex.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 652508c189a64a6e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03ccf600004a6ece8ad000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
462 B 272ms
73ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://japangaysex.com
Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:42 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://japangaysex.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
417 B 255ms
70ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 20 May 2021 10:55:42 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://japangaysex.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
462 B 263ms
71ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 0b4d2858fa9003fae24f5d89c05887c1e034a236007ed45cdc3e6a6478485e7c

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:42 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://japangaysex.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
471 B 30ms
13ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://japangaysex.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 652508c189a44a6e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03ccf600004a6ec6914000000001

POST
H/1.1 200
OK /
kvnd8a0npizx.l4.adsco.re/ 0
464 B 190ms
56ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://kvnd8a0npizx.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 20 May 2021 10:55:42 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
kvnd8a0npizx.n4.adsco.re/ 0
464 B 473ms
128ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://kvnd8a0npizx.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 20 May 2021 10:55:42 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
kvnd8a0npizx.s4.adsco.re/ 0
464 B 884ms
217ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://kvnd8a0npizx.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 20 May 2021 10:55:43 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3-29 200 / Show response
c.adsco.re/ Frame C30D 35 KB
12 KB 59ms
32ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://japangaysex.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://japangaysex.com/

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-type: text/html
cache-control: public, max-age=2678400
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires: Sun, 20 Jun 2021 10:55:42 GMT
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
cf-cache-status: HIT
age: 5061349
cf-request-id: 0a2b03cd0800002fa5b5803000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 652508c1a8c62fa5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET /
6.adsco.re/ Frame C30D 0
0

GET /
4.adsco.re/ Frame C30D 0
0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 53ms
52ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 20 May 2021 10:55:42 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 / Show response
c.adsco.re/ Frame C30D 35 KB
12 KB 20ms
20ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b

Request headers

Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5061349
etag: W/"49M/vRKXL5pROhm5uOGH7A=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 652508c29b432fa5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cda100002fa53a30d000000001
expires: Sun, 20 Jun 2021 10:55:42 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ Frame 6EE1 85 KB
27 KB 29ms
28ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: sexgayhd.com
URL: https://sexgayhd.com/player.php?id=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sexgayhd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 568299
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27277
cf-request-id: 0a2b03cdac00004e86ea845000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gI14FtOkspBrLF4E4I2w%2BRGm53sVtiQtRABm2XRMpjEA8oiLSausL0ketUjJjMDz7Y3Je9WdWR4W7YrGJSlojIGLJM8HsER4ch3mkNb39H%2FVykoP%2BLAoTN7uEziU3qKyxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 652508c2ada84e86-FRA
expires: Tue, 10 May 2022 10:55:42 GMT

GET
H2

200

player.min.js Show response
abyss.to/players/ Frame 6EE1
Redirect Chain

https://hydrax.net/players/player.min.js
https://abyss.to/players/player.min.js

18 KB
7 KB

183ms
63ms

Script
application/javascript

172.67.212.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://abyss.to/players/player.min.js
Requested by: Host: sexgayhd.com
URL: https://sexgayhd.com/player.php?id=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.212.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4b1bcf4d1a3df553fede373ca9ac94ad96a10025c93f4aae91d7ea4bad2b3d3

Request headers

Referer: https://sexgayhd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13597
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cf3700000b53523fb000000001
last-modified: Wed, 11 Mar 2020 14:11:19 GMT
server: cloudflare
etag: W/"494a-170c9ef7758"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0gi7IeniMWeIUTziHz6S3OpQf3vFdWo%2FC4s28bTClzjmHgqPvm4t0tL6Ufacag%2FCltJPSC%2BiyUD%2BZrYZxo2FEtRK6GhCBJTy2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c529f80b53-AMS

Redirect headers

date: Thu, 20 May 2021 10:55:42 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=10fEhmoQ%2BILJMimXkYaDeno%2FWbhXYESkAfKJB%2F%2BSuOHp4TFNEXZGF7s9yhSS3Uv3O5Q81IKGYaMnFVQFtTHm6HKESOS%2Bn42EY4mt"}],"group":"cf-nel","max_age":604800}
location: //abyss.to/players/player.min.js
cf-ray: 652508c3791e0b74-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 0a2b03ce2a00000b7410940000000001

POST
H/1.1 200
OK p Show response
adsco.re/ 364 B
863 B 86ms
86ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: d5e25883a3db54bf2fcef05a758d0a10d6cbcdfa5fc358afd3ea738934713a34

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 20 May 2021 10:55:42 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://japangaysex.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2

200

/ Show response
geoip.redirect-ads.com/ Frame 6EE1
Redirect Chain

https://playhydrax.com/?v=IXRFD77ts
https://geoip.redirect-ads.com/?v=IXRFD77ts

3 KB
2 KB

59ms
41ms

Document
text/html

2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Requested by: Host: hydrax.net
URL: https://hydrax.net/players/player.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73169e248702ff0d5c942ce7f799d9fd0665727e1dfb1ffa027ed9f5537888f7

Request headers

:method: GET
:authority: geoip.redirect-ads.com
:scheme: https
:path: /?v=IXRFD77ts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sexgayhd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://sexgayhd.com/player.php?id=IXRFD77ts

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=5, s-maxage=604800
cf-cache-status: HIT
age: 232325
cf-request-id: 0a2b03cfa000004eb568b0b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ly4cEEN4HkRfATvOWAzkhyLHA3BYDx41uZ9TW9zqt1%2B9SkmgyiZDO8kIxuOIiZC%2FldFyi1TXnHgAsdAAcOshdTEkF4ja%2F1vnO9BEFxbxd2JFvKLvNoSWxpjuiipK9vqhJ4N3"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 652508c5ce124eb5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://geoip.redirect-ads.com/?v=IXRFD77ts
date: Thu, 20 May 2021 10:55:42 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 240
x-xss-protection: 0
x-frame-options: SAMEORIGIN

GET
H2 200 Joyd.htm Show response
blockadsnot.com/ 44 B
140 B 326ms
185ms Script
text/javascript 208.95.112.254
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://blockadsnot.com/Joyd.htm?_=BAoAYKZALgFgpkAugAGBAsAAIK3-37eVJdvr3JlPnvDeNf86jOruacxLkV62qve3qrf1wQBHMEUCIQCFYjBla9Albqs3jF4UG1u70oIauyZt94dK8LUsmmqqvwIgFn86goIH6X-Hx3cl9OM-oGgepYLcGku_GpvuaI6Gm_7CACBYAPmsvuammW0NA_skvz6dyQWwoREZ7mgoIacHiFv388QAECoBBPgBklQUAAAAAAAAAALFABDlAtCMvskVh4L30olVvWrMwwBIMEYCIQDhb1jzXFxowtdqvHyub3xQMJwr15DTeRxYfLTw1GECEQIhAKzdsCS1bG5IuefNkK-LntDryfbQPkQPnVONL0Zf1O9E&v=4&pnibZYUr=2284830&minBid=&xmpXLFoq=0,0&JCIGuqWh=&NhJTnxoV=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.blockadsnot.com
URL: https://www.blockadsnot.com/cldr.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.95.112.254 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 May 2021 10:55:43 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H2 200 player.min.css
iamcdn.net/players/ Frame 6EE1 3 KB
1 KB 57ms
25ms Stylesheet
text/css 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/player.min.css
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2df336cfa7ea86eb03e73f5cd20784e2dcf718c93cbf78d9d2da41128d65514

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5791
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfef000005e43582b000000001
last-modified: Wed, 17 Feb 2021 10:20:19 GMT
server: cloudflare
etag: W/"afd-177af813eb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Csw4h93AmVy9Maf15o9iNAm%2BP6fNCkZApLa4vQ8swWd74AuB3daTVQXOF8jZ4V3nFMLJzdHnqYOcNidJx0%2F4ynPeMtFvyWY6JopZRCo1kaGXHgAywHiw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64efe05e4-FRA

GET
H2 200 trace
cdn.heycdn64.xyz/cdn-cgi/ Frame 6EE1 0
0 54ms
22ms Stylesheet
text/plain 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/cdn-cgi/trace
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 trace
api.apigatewayz.com/cdn-cgi/ Frame 6EE1 0
0 42ms
10ms Stylesheet
text/plain 2606:4700:10::6816:258a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.apigatewayz.com/cdn-cgi/trace
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 jwplayer.v8.custom.min.js Show response
iamcdn.net/players/jwplayer/ Frame 6EE1 86 KB
26 KB 66ms
34ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061d2a9f61e2b0bb0e37c45e6323f3589e3cede1fa7b1f8e26f7d4e43f8705f1

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfef000005e445b76000000001
last-modified: Sun, 15 Dec 2019 06:16:11 GMT
server: cloudflare
etag: W/"158f8-16f083333f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7VxSJtV0ey2NR%2BTGmkUyMBmR9rsK9bh%2FuHqJveHAp6y8F76K7RhIBPYtDCCgxeIrqPjPTp%2BZPmKgGh5MvHW75zOR9FQYE%2FWVGJNiYYe4gg1J8g6i%2F7s8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64eff05e4-FRA

GET
H2 200 jwplayer.core.controls.html5.js Show response
iamcdn.net/players/jwplayer/8.4.2/ Frame 6EE1 260 KB
63 KB 60ms
28ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/jwplayer/8.4.2/jwplayer.core.controls.html5.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6414b748647a4307f074e92e0f3729e8b4500a972b8d78abf8586644bd12374a

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cff0000005e405b36000000001
last-modified: Sat, 20 Mar 2021 15:02:32 GMT
server: cloudflare
etag: W/"40f64-1785028c340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Omy6UM71rgPHclt6pcTxPfmtCYjEjViX%2BwZWa0zvFKusOwMuKZW2MMm1uEh9qWg%2ByYy4xW074KO69k%2BQIZX4F60Gk6ZZkjmv6jV1gak0613FPFGV3Zb%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64f0305e4-FRA

GET
H2 200 jwpsrv.js Show response
iamcdn.net/players/jwplayer/8.4.2/ Frame 6EE1 41 KB
13 KB 55ms
23ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/jwplayer/8.4.2/jwpsrv.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f24c43ba57c7a7dee2cd735f62fcb5ed177a6a86429ed48204bda3118b21391

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cff0000005e49da48000000001
last-modified: Thu, 02 Apr 2020 05:44:19 GMT
server: cloudflare
etag: W/"a5f1-171396b3338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2BeBb6GMpGlbmOaiXHFgDdaYQmXJM5QgP6ejbGypQXF12%2BjOPeS3BoYppY1zGlVac6VPyzWLZ4UsVgkSkvS78ryUpuPURWmXvuwt0ruDAObHvV4gaN1h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64f0405e4-FRA

GET
H2 200 related.js Show response
iamcdn.net/players/jwplayer/8.4.2/plugins/ Frame 6EE1 87 KB
20 KB 57ms
26ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/jwplayer/8.4.2/plugins/related.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa8324b22dc0b60b78a9256598da5faf15e545d3b8403d5b0794f51853972c8

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cff0000005e40028d000000001
last-modified: Sat, 28 Jul 2018 18:41:44 GMT
server: cloudflare
etag: W/"15b55-164e2324a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mnoTwqErHn6P2tfmdSdXGIHe64710otY1qwtUEtRgrvD6QerGTOdMQg0P8fdXEOaGSFrux4tOIpMa7h7YGXu%2Bjfi8lNUc9wdXqFDO5GDX2YH7%2FWa0elQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64f0505e4-FRA

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/ Frame 6EE1 85 KB
30 KB 9ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3572703
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 30180
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
x-served-by: cache-fra19182-FRA, cache-hhn4046-HHN
date: Thu, 20 May 2021 10:55:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 3159dd0e4f0d.js Show response
geoip.redirect-ads.com/js/ Frame 6EE1 108 KB
6 KB 55ms
41ms Script
application/javascript 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/js/3159dd0e4f0d.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e10e39eb992ab76793b8763bb8310d1cadde7ec0b9c77257f29abbef8ec6913e

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233742
etag: W/"1ae8b-deEBuHd5RUSU4oa7bGYfEevnLXI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxhJrQCGiF053hMJ%2FygQpULnNSMcKD0IgCAXLTQALO%2B9UfROmf4L6YCW2rdgtNNQ9QskziWzeIiHZfCY1j8J%2FzwLFjXMeyd2LXhF1fVz%2BPGkWkOVyY85zjOPykcP%2F9O22ny5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5, s-maxage=604800
cf-ray: 652508c63f66d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfe70000d6cd663f0000000001

GET
H3-29 200 3159dd0e4f0c.js Show response
geoip.redirect-ads.com/js/ Frame 6EE1 61 KB
3 KB 57ms
43ms Script
application/javascript 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/js/3159dd0e4f0c.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64ec2fd6d185450420676584d5e7d2a3de1fa60f4feade20d6a7e7b01fc648d

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 233742
etag: W/"f54a-xiuoVrb9xg1XJtu58kVpHw5kPXE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HatkgUl%2BRjrnktivv7EkiMpjdOAoipbUjWlbUJaF0OQGwiXpW5h1ModUt27tDbf7e0tv0uVjDuzY7VOixYLSkl3KWYQ0XwF3GdD6m00Cpi7QvBnV7Higa4JOR1PfF%2FuqnHTv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5, s-maxage=604800
cf-ray: 652508c63f63d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfe30000d6cd5d30e000000001

GET
H2 200 bundle.min.js Show response
iamcdn.net/players/ Frame 6EE1 309 KB
74 KB 65ms
36ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/bundle.min.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed88737439cff78ba90b0b45b9ed616b5f25756993e948c1252679f864d1c063

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cff5000005e41213a000000001
last-modified: Fri, 30 Apr 2021 08:20:34 GMT
server: cloudflare
etag: W/"4d262-17921dd7c50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rvxleVp7tjdcjOOGtSEiKwJvzqgYAzjSMW90eBRKDulxtdYp8%2FRh2QKXZxjL6GzKfYKK0N1wXx5XURSQl%2FNJdF0th0SRTNgJm9PrQkqQ9HYF5GOSIhuW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64f0605e4-FRA

GET
H2 200 playhydrax.min.js Show response
iamcdn.net/players/ Frame 6EE1 11 KB
5 KB 63ms
34ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/playhydrax.min.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a3742eef538f5e19aace8f822992a7e27c4fab2d1faeed1b6accb02699677c

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cff0000005e4d0a6f000000001
last-modified: Tue, 13 Apr 2021 16:04:42 GMT
server: cloudflare
etag: W/"2b97-178cbfa4d90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iz5oV4k30iAtoKoZXFNRKcxdWzJ94yYLKOM3m3lZ6xPGuw8CN0n%2BjCKzilWmwTzOUld6FfJnUNt653dKFtsgYnzDFm1cu9BkWC%2BkLI1xr5dvOh1ipCC1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c64f0705e4-FRA

GET
H3-29 200 4a36bb7c3b0a0f7188e905ae16ce3071.js Show response
geoip.redirect-ads.com/js/ Frame 6EE1 6 KB
1 KB 111ms
98ms Script
application/javascript 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/js/4a36bb7c3b0a0f7188e905ae16ce3071.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a294a950ebd89721ab62d0448636dd945a44eaff86e0719b6565f2e9a3918a45

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17a6-o0B52KKk1K+RH6X9boUaU56+2Hs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=apkemFZ3uls5k5MSiDqDWzmN3Ky%2BvuP5zA1TyH480xfPx%2F10X9as7CZ9ZJZHOIrGAXQGkS1pE8rxiyYdyECk2BfGOgjk1GyWgyV%2BX6fCZoX5k7feUcqpZuxPvojpEhvIk6FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5, s-maxage=1800
cf-ray: 652508c63f6cd6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfe40000d6cda522e000000001

GET
H3-29 200 4a36bb7c3b0a0f7188.js Show response
geoip.redirect-ads.com/js/ Frame 6EE1 18 KB
2 KB 128ms
115ms Script
application/javascript 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/js/4a36bb7c3b0a0f7188.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7209358a9850183c322aa1104f740143c89138b9d52165fbdf770cabd515f1d

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"47cc-EnOwObKi5YDQpOXB4oYFu4xRQCs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TEZXi%2FUmdQULpRlJEirr8x7e9AIlhdaE0KdVbeBuVdSi20xDZyrYakdRIVUBwSyp1df7kGlSsOEDHFqVmJ3a3OKr5AZUKqbJ90r1pxxYCl6Bq41IvRMTSMDQZ5KfbqjCDaZn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5, s-maxage=3600
cf-ray: 652508c63f6ad6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03cfe40000d6cd47261000000001

GET
H2 204 favicon.ico
whowhipi.net/ Frame 6EE1 0
151 B 177ms
52ms Image
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whowhipi.net/favicon.ico
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 20 May 2021 10:55:36 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 playhydraxs.min.js Show response
iamcdn.net/players/ Frame 6EE1 59 KB
18 KB 38ms
27ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/playhydraxs.min.js
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed7d7a4e63300dc0d5269617bac946292dc0f7ba1c5c7f4c005f3c6be467db9

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5764
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d05600004e2cf2212000000001
last-modified: Fri, 07 May 2021 06:59:28 GMT
server: cloudflare
etag: W/"eaad-179459fc080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qMIMpAdkA3XZNo9asmp3UV1Y7dw7t0lXw3JUX7Zus0VZuj80ncELsW9ar8HY1F6EyIYeKUZZ%2BvSzE0nAwcflUbfk4muP0sKePfIh3btS2HKD4tpeUVag"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508c6ea414e2c-FRA

GET
H3-29 200 api.js Show response
geoip.redirect-ads.com/cdn-cgi/bm/cv/669835187/ Frame 6EE1 35 KB
9 KB 12ms
11ms Script
text/javascript 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.redirect-ads.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v23lIFKhZ5Y%2FM6raU5iwHebk5uYPDWAme80h0C%2BytW7OKTdf5l4C3OdPisWkepseZl%2B439M%2BEsUbKzWLJ9KPfFF1CIJ8KneqPkK2Me5InQPp2NZsFguxdM%2FuhdhXjnfx7bqF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 652508c6d890d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d04a0000d6cd3caba000000001

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
265 B 199ms
196ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fjapangaysex.com%2F2019%2F09%2Ftkb30%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://japangaysex.com/2019/09/tkb30/
last-modified: Thu, 20 May 2021 10:00:00 GMT
server: nginx/1.15.8
date: Thu, 20 May 2021 10:55:43 GMT
content-type: application/json
access-control-allow-origin: https://japangaysex.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 213ms
209ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fjapangaysex.com%2F2019%2F09%2Ftkb30%2F&callback=_ate.cbs.rcb_1nb20

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

4147c9370e4ebee60d47d4bed11469920784bbf58deffda6837e498e024ef05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: japangaysex.com/2019/09/tkb30/
last-modified: Thu, 20 May 2021 10:55:43 GMT
server: nginx/1.15.8
date: Thu, 20 May 2021 10:55:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
292 B 210ms
209ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fjapangaysex.com%2F2019%2F09%2Ftkb30%2F&callback=_ate.cbs.rcb_d85f0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e35152b1a81370e3a0c7d2a8cf1e632ff220b0debc823b8a47d35b2d4be2b348

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://japangaysex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: japangaysex.com/2019/09/tkb30/
last-modified: Thu, 20 May 2021 10:55:43 GMT
server: nginx/1.15.8
date: Thu, 20 May 2021 10:55:43 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6EE1 48 KB
19 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iamcdn.net
URL: https://iamcdn.net/players/playhydrax.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5147
date: Thu, 20 May 2021 09:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 20 May 2021 11:29:56 GMT

GET
H3-29 200 hydrax.gif
iamcdn.net/players/ Frame 6EE1 65 KB
66 KB 17ms
17ms Image
image/gif 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iamcdn.net/players/hydrax.gif
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/player.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dadb02a0c631469dee6aeda7185cb3a60044fa746b4ad079c917e002c528ef4

Request headers

Referer: https://iamcdn.net/players/player.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5789
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67009
cf-request-id: 0a2b03d06c00004e2c6fa72000000001
last-modified: Sat, 02 Nov 2019 10:38:08 GMT
server: cloudflare
etag: W/"105c1-16e2bb19280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bls%2Bca6BeRs2oaTvN65PLnDUom50e0en3zm8NLTKcCmROZBkH6jGbfemTrMVa1ywtXGPj4AgpXui5UQL1zcVBV65C6XXOekxSWwGmdhUDKcnF%2BjorXZJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 652508c71aa84e2c-FRA

GET
H2 200 IXRFD77ts.jpg
cdn.freeimagecdn.net/ Frame 6EE1 21 KB
22 KB 65ms
35ms Image
image/jpeg 2606:4700:3033::6815:4666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.freeimagecdn.net/IXRFD77ts.jpg
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7fa5793ba107f1ab0ea006672718b9f42de2858c47930c0b0afca6530ebf202

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21921
cf-request-id: 0a2b03d08a00002c22ec880000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wKYEauj9i70btKCsjeKEvVdrK5PuNH2UNplUvrsd94yJ8Pe2ZPas7DWgu5wyfvDqx2ZDlMh8DH21MqeEnzgD1otswnfWL6ic9%2BMUj3OyO5Y1tKlAc%2FYXRu%2FLEKnLJPkTLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508c74ab22c22-FRA
access-control-allow-headers: *

GET
H2 200 0.jpg
i.freecdn000.xyz/IXRFD77ts/ Frame 6EE1 48 KB
48 KB 334ms
295ms Image
image/jpeg 2606:4700:3035::6815:5f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn000.xyz/IXRFD77ts/0.jpg
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b74cb9a3f03668fb527577c7672a14003b687219571c3b2775d044eb99823a

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48846
cf-request-id: 0a2b03d0a300004eafcbae9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T2DRuFPZUXsPXrSoywhveoSJHWIb07JROVlaa%2BODm5GKpF%2BrX4LaMjiuGr%2BXlwS0DxbXnI2XG1VH75NkuVPvoIC%2BULykZ%2BXL2EzkCIYx%2B%2FaXLcz3h0jZh1bGVsQ3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508c7698f4eaf-FRA
access-control-allow-headers: *

GET
H2 200 3253712 Show response
in-page-push.com/400/ Frame 6EE1 80 KB
28 KB 188ms
79ms Script
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/400/3253712

Requested by

Host: iamcdn.net
URL: https://iamcdn.net/players/playhydraxs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

27896d51cee6585eedee7521c420f1faa6ccd676028137ce3c14a893f63b1e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 71347a4a83648590113b8f610d386c3c
pragma: no-cache
date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
60 KB 74ms
56ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/0
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d6c9f6063b8a9f672a0d788f66457b403ca145948196d0e56ff353a1017ad4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k7cFqyTUf5Bx8fKap6hbv10y3i4bNzjiX1eiDYwNFS9UPNVbS0zqTR%2BBb%2BijXLniLX3XN63vDJP29lh9I%2F8%2F9qNTzkDXTvnkThKENm93RZofp9P7PxzlsElQYzRI"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c898a94aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d16100004aaa1b25e000000001

GET
H2 200 1 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 82ms
64ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/1
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f6c48f9596bea9abd0ab641e3452dee2bf25d4ae08677e569c6ed11eac1201

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aOVYMQiS7RP5bDuz7T83Aq9K7qYnos%2FamTMdaZrsAAeyN%2FOr%2FRS3W6NRzIPR0r0e%2FjyKPJWHz1DUy%2BfLMcWcRyOCtE1YoKt2xvu0IViQ6VvVyrasKQxYd836kTkR"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c898b24aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d16200004aaa8127d000000001

GET
H2 200 2 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 82ms
65ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/2
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9794bc2d049afd18714fbcc0ac4357b31e6ac1655410c07e1c7403617716c86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WNAVbIP5H%2F2cdZjt9v35ru4GOYo%2FulIUCyJyIVoPpNyLThlMOfLD1ka%2FOyDOxRg6l3GUjMBEC%2Bv70wLqDw6Rwx9twVceToGEk1DNlLeFpt%2Bjd3gN4mUahbW99lc4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c898b44aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d16200004aaa45887000000001

GET
H2 200 3 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 83ms
65ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/3
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7581b505ba73ef726eca6c3d7448260b166d0cc67299ebdf41510070a5fb38d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OCTg1%2BuRXx56YllsB66ea6WWK1lS5Xj6vTlxQ4RFD5%2BI%2FR5i16Gw6kWyoSu1gg7fzTUuA9Awisqe3UIwnO5dsotDwZJczYs1Pe7U2A2VKKZh7jUUVal%2Bt5KZtobu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c898af4aaa-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d16200004aaa2a8ea000000001

GET
BLOB 200
OK 7f062c8e-5f8e-4b9b-8024-4cbd47966d69 Show response
https://geoip.redirect-ads.com/ Frame 6EE1 180 KB
0 XHR
text/vtt

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geoip.redirect-ads.com/7f062c8e-5f8e-4b9b-8024-4cbd47966d69
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1c5c5d1f2d5f1d67ea1e934edd0d767f440f9adccf750083cfa5e80b9f2cbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 184496
Content-Type: text/vtt

GET
BLOB 200
OK 7f062c8e-5f8e-4b9b-8024-4cbd47966d69 Show response
https://geoip.redirect-ads.com/ Frame 6EE1 180 KB
0 XHR
text/vtt

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geoip.redirect-ads.com/7f062c8e-5f8e-4b9b-8024-4cbd47966d69
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1c5c5d1f2d5f1d67ea1e934edd0d767f440f9adccf750083cfa5e80b9f2cbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 184496
Content-Type: text/vtt

GET
H3-29 200 IXRFD77ts.jpg
cdn.freeimagecdn.net/ Frame 6EE1 21 KB
22 KB 30ms
17ms Image
image/jpeg 2606:4700:3033::6815:4666
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.freeimagecdn.net/IXRFD77ts.jpg
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4666 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7fa5793ba107f1ab0ea006672718b9f42de2858c47930c0b0afca6530ebf202

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21921
cf-request-id: 0a2b03d19300001e47e4043000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KiQJF0z9CY0pexfDzABgs0NnoYhy3TEe7ArFfWIUkDQxVgpLwpImL0ybF9WlTBeYQzrl3V99z2xlkltOJk%2BjoykfBAozxic7KnsyyyVrFGuoudGsfEaiz4zhh0Iuh35akA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508c8edc81e47-FRA
access-control-allow-headers: *

POST
H3-29 204 result Show response
geoip.redirect-ads.com/cdn-cgi/bm/cv/ Frame 6EE1 0
738 B 12ms
9ms XHR
text/plain 2606:4700:20::681a:a8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.redirect-ads.com/cdn-cgi/bm/cv/result?req_id=652508c5ce124eb5
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/?v=IXRFD77ts
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EJB9Hgvyb%2BZ7MuLtAf8TrKuSbHqvIpu92c0ce5UB%2FD3dfuU3e4PYioNALxJAWSztuqwWfHiVaJ%2BGkrcX7BeCzig3eWURqufzdzjzSsDv8PzDfqJKqbZjTgRKVsOCk3JePY6A"}],"group":"cf-nel","max_age":604800}
cf-ray: 652508c90c83d6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d1a30000d6cd5a12b000000001

GET
H2 403 IXRFD77ts.txt
storage.googleapis.com/mediastorage/1621508143438/ZXl-bYP8OI/ Frame 6EE1 0
0 240ms
219ms Media
application/xml 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/mediastorage/1621508143438/ZXl-bYP8OI/IXRFD77ts.txt
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://geoip.redirect-ads.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

GET
H3-29 200 4 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 102ms
75ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/4
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d676b503ec11de478b3cb61973ff27e123878d8e2916fd4d317a8d6c3f6005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2M3vY1%2FJzEFzet8eHNifzXGNBTr7EgOpXEXveunT52Ak5l48vEi7FSPTpd0K3c7Wyw1y7fHCyk2sPj6rPHFlVNI7SYjg6r1febDVUKJiuQedL6kc4f72xcvnTaZz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c9bd503237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d20f00003237b8b84000000001

GET
H2 200 apu.php Show response
cdn.betgorebysson.club/ Frame 6EE1 48 KB
19 KB 203ms
87ms Script
application/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.betgorebysson.club/apu.php?zoneid=3473627

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3253712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ba4619790442a9d538baf9c4a732150cedde403915a020e9a6c4687c86f685ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d45883f05e2a803db3b5ffacea0889a6
pragma: no-cache
date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
cdn.itphanpytor.club/ Frame 6EE1 7 KB
4 KB 170ms
62ms Script
text/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/1?z=3520397
Requested by: Host: in-page-push.com
URL: https://in-page-push.com/400/3253712
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 95135d89e56946ad6c9e219dae637ff5ace5282b8b611c9d5dc4f08d55ac20f7

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: gzip
x-sc: 87L6eyEy42EW0aUyNFgvQjZ-5FwpGnzu21r6VjDJ1KBy3dhe04-2P6IKvENyUawPZwHJKGqD-1TdG8w_P3QO6NAJIag=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 5 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 58ms
58ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/5
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e098db1c57d847f7c27165ba059b1a5fb734a16067c589ed1b8107d89e8cb5ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MqrCGpVWMdKHoSz9c1Q%2FDMIxbjXiM%2F1tjUst9exXVyEJNZUrq61iX0HUaIN14QeEmCzGSSKQPZvI31R%2FyGmg5u2dUcerlXp1VrjpLJjITAlWE%2B9XmaIsro6CSyFq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c9fdab3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d23800003237aa035000000001

GET
H3-29 200 7 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
36 KB 79ms
79ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/7
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3004e285913aff903082787e09febdee86828ff3b8982f871018126b1ab25ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QIzo3pZ12EEqKH8VHpkvMuKqjZEeyrIYgmKfexuC25lrsID%2BqlQV5O12OphU5LR3tGabMlH90K4ZdLEVLqqzvRoZ8sZlz2osgiVTzkBu72yPV5pMRxIb%2BAnDjk0q"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508c9fdb83237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d23c00003237d1950000000001

GET
H3-29 200 6 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 77ms
76ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/6
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622302707a84759de48b76a4a9eb9d6b7f07cb9d08ccfd44d5fa203dc5f7da77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hyj%2Bry7Tez2KlKqszxkk0MpYPZDqlwODw55eNVTBZZiz%2FpGl24FJfzkFrh4ZXQqqnMBBNS8noww54YOJim6D%2FIyxU%2BmhWP7rQrdX4ZZx1bpyhzVJrGQxTnxmR5zt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca0dc63237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d24000003237bb810000000001

GET
H3-29 200 8 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 70ms
70ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/8
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe222ae923556c56518cec31f80a224154a3b5c0292147134b9f3f903a7fb0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PR%2F18AmZRew8MN%2FN6yyFRbtrmDVunFf%2BhKEjXVYLloSbhtJxzdOhp18L3qVYHefrHF5ZGfka%2BI9b808rMZSHy8b3KtyBLa3Ruyrg4rbAlCcRh0%2BYQV%2FiYB5dCWy4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca4e3e3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d26e00003237b2919000000001

GET
H3-29 200 0 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
59 KB 34ms
32ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/0
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d6c9f6063b8a9f672a0d788f66457b403ca145948196d0e56ff353a1017ad4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2750000323794b32000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CkSc7Gjm4pafGBT8%2BZ4Yh9w8L7EeuQpI0ZzP7n1OlavSV2wJfMwqrbfzKAkLUmlmFZbctpdUVz9res6YuwCKUWN%2BvJNxwC38fITndHgiLC%2F0ZTdm%2BhCgdWyPOddF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca5e4e3237-FRA
access-control-allow-headers: *

GET
H3-29 200 1 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 43ms
40ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/1
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f6c48f9596bea9abd0ab641e3452dee2bf25d4ae08677e569c6ed11eac1201

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d27300003237bb813000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qLMZuQbIlsj7obPpy8r4Ixy1SOUTU5NjZyp0QCH64znwfS7KF8DReAbpHAYUFbB4ecKtYrUJOrsGtnyqaTufnBQ%2F5OLshOaYkBaXu5C3MZm1ce68JMUs28zrd4%2BM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca5e503237-FRA
access-control-allow-headers: *

GET
H3-29 200 2 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 38ms
35ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/2
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9794bc2d049afd18714fbcc0ac4357b31e6ac1655410c07e1c7403617716c86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d27300003237c6a54000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=78eCB9kiYIdObkOnbd5FpWoINlCRDO40yN1yiRZHDL9FdIowLdP%2FycRhhwV%2B%2F70fvzIsySVZnjqLLcHNmQOzGxQ3ASFu8Q5z1kevJmXkzkOrk7CjfTyk%2FVzRqHJG"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca5e523237-FRA
access-control-allow-headers: *

GET
H3-29 200 3 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 33ms
30ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/3
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7581b505ba73ef726eca6c3d7448260b166d0cc67299ebdf41510070a5fb38d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2730000323798137000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fMcwT7C1%2FclL7fxCaYzu9vQhu%2Bt%2F0DCjLSv5TC%2B78r8VaesSE%2BxGXf1sIK3ECiOfvbDPjUn7KpPRIegX0bXi4NgxaGe%2FiL6RLKNuV3EZPYflUr3PJ2jC2kMSZ0eH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca5e543237-FRA
access-control-allow-headers: *

GET
H3-29 200 9 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 62ms
62ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/9
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087000f790987644e6e52f85a1b33578f31e59c535671214ec845ed2f8228db9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mjtc9FhFKH6JkU85pin9icqE41LTS0p1L1XBZEDss%2BXwdLI8HxuTdXqmjqFkLvql85BTABWnfc9Euds3Y3zY0gYb5hwQWQ1Be1%2FyFqbE0UoUdXlVDl%2BNoJ7BGXzq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca5e623237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d27800003237b8b89000000001

GET
H3-29 200 10 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 58ms
56ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/10
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbad1e0007d84b8b958ff14a1134c91b16791fe0d62ea9513eb3c1787d669a08

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0Eb6i1kZ1zi6LDSQL%2FDVpYbAKP9l2Oy3pCZaQqdTqoJfL7DZmtw9bNyUhKpNfO%2FqIg2sBrBKdOGGfRp%2FSfcQTY13c0%2FSfUkiWg1dylSlRKbEVhG6MuqfN2i4%2BK5U"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca8eaf3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d29300003237923e1000000001

GET
H3-29 200 11 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 60ms
58ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/11
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ddb33e31450d03ce6ae6bb0715640b375dc8147ac82a14979dd8763b2c7eb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fTOynpsDVq8yQsFuGYPQf8%2FGLsheRuz7kxse1QClmPGkdUa7Rrwd7LNMF84pcUeHmoJBul5j3%2FoAHoxvNpVPU7V9Qz5qrWn%2BwbU%2BR1eqbwQweFgnAemUx9nkkFnY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca8ebb3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d29800003237ce3f7000000001

GET
H3-29 200 related.js Show response
iamcdn.net/players/jwplayer/8.4.2/plugins/ Frame 6EE1 87 KB
20 KB 20ms
20ms Script
application/javascript 2606:4700:3036::6815:1409
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iamcdn.net/players/jwplayer/8.4.2/plugins/related.js
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1409 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aa8324b22dc0b60b78a9256598da5faf15e545d3b8403d5b0794f51853972c8

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d29d00004e2ce42e7000000001
last-modified: Sat, 28 Jul 2018 18:41:44 GMT
server: cloudflare
etag: W/"15b55-164e2324a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJQ0S195Q8D6tEO77GxqosCTHvgu3%2Bu8EeVPs9IfVnaHIGwRRGSdfYZQMvjEeOyoS8leTvfilis06Zta9oQm3GUMikmcgYfnRm4w99pp%2BE3grBsFtKh%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 652508ca9b3f4e2c-FRA

GET
H3-29 200 4 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 24ms
24ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/4
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89d676b503ec11de478b3cb61973ff27e123878d8e2916fd4d317a8d6c3f6005

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2a300003237923e2000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v6KR4fzqHsOa0ZXMVxo84dMgcgHJIsJoclxCDnFQR84VFDqgn3j4NRr2%2BsyNT%2FAKRV9qj1UQLBj47a25bozo%2BUjsFnnfjCypJ%2F4nOJWK%2BkwoGsbg7DrgVCeAq%2F5C"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ca9ed53237-FRA
access-control-allow-headers: *

GET
H3-29 200 5 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 27ms
26ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/5
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e098db1c57d847f7c27165ba059b1a5fb734a16067c589ed1b8107d89e8cb5ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2aa00003237deb97000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gd6lQjQ4vo9l6xEDZ1kXpnZRvlRdLn9DTmZne35JsLPXMh%2BMeUmTXGkGbJGszq0jDFzaPJZaGbOcU%2FJMmpaxOylUS0Xj9RK8JTsUxXYUdINOK7hWKREL%2FqB6poql"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508caaeec3237-FRA
access-control-allow-headers: *

GET
H3-29 200 7 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
36 KB 26ms
26ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/7
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3004e285913aff903082787e09febdee86828ff3b8982f871018126b1ab25ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2aa00003237bf37f000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uC7RVkNlEFz8JuXi6ipxZJcO%2Fgs14wcm6skDoDnaXJXQIAGIiCYGIa8TDjDy30hH2fRczDqyH6mm4iJpJ2xg443cJoYUPH%2FIpyjjVmbRbF%2B0JWoo3z4HX02BnlCo"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508caaeed3237-FRA
access-control-allow-headers: *

GET
H3-29 200 6 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 26ms
26ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/6
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622302707a84759de48b76a4a9eb9d6b7f07cb9d08ccfd44d5fa203dc5f7da77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2aa000032377c27d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BePJIXfQh2jlzNJ1xZBPlC3PnmB6l2YM93%2BlLGGWHCVvVbkwTwMAyz3CbwPP3OonliRddBEN3%2FnjksFfleHtro4R2G296uBTqr7yKmuBuV9m%2BkcjbhCUIRVFZDaF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508caaef03237-FRA
access-control-allow-headers: *

GET
H3-29 200 12 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 67ms
65ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/12
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec80805a24239356461ea559a6b4a0c5a010235d3209bfa4a4f755ce3ba6dc92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CPXgkcNaQBj9ZK%2B9slDyQTwlyzashAXIbLld1Y6S8QFfWUJaRhkl5ygWIDfTQpEeaNWZwAR%2FRxWLyegz7Qpid18lry%2FjKTO2a1kv%2Bz7pEfFoqR0%2FGCZnSuiEfuG2"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cacf233237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2b90000323776b91000000001

GET
BLOB 200
OK 7f062c8e-5f8e-4b9b-8024-4cbd47966d69 Show response
https://geoip.redirect-ads.com/ Frame 6EE1 180 KB
0 XHR
text/vtt

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geoip.redirect-ads.com/7f062c8e-5f8e-4b9b-8024-4cbd47966d69
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1c5c5d1f2d5f1d67ea1e934edd0d767f440f9adccf750083cfa5e80b9f2cbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 184496
Content-Type: text/vtt

GET
BLOB 200
OK 7f062c8e-5f8e-4b9b-8024-4cbd47966d69 Show response
https://geoip.redirect-ads.com/ Frame 6EE1 180 KB
0 XHR
text/vtt

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://geoip.redirect-ads.com/7f062c8e-5f8e-4b9b-8024-4cbd47966d69
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c1c5c5d1f2d5f1d67ea1e934edd0d767f440f9adccf750083cfa5e80b9f2cbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 184496
Content-Type: text/vtt

GET
H3-29 200 8 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 39ms
39ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/8
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe222ae923556c56518cec31f80a224154a3b5c0292147134b9f3f903a7fb0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2ed00003237db8cb000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MjeLmkKBXeLQRKlas6zq0Xjg8hScWDwXFR5Uyo7itB3uBDxyFEtj%2BWVPRPFts%2FttFpSrLqePWMYBS1YSrYTjcwZkYtw3OQgX%2Bbx9GxzWu%2BSMacOkRM71NPvD25pY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb1fd33237-FRA
access-control-allow-headers: *

GET
H3-29 200 11 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 49ms
49ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/11
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29ddb33e31450d03ce6ae6bb0715640b375dc8147ac82a14979dd8763b2c7eb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d2f40000323794b3b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YufiL91lcXNNVjxhmDnygma6Ign%2BliMFApkjOfZD4zHHGi4Mod2njOvtnh54%2BDYlc2j2USIj4YSd7p64koeAjxRDmoh%2Fq%2BLFb%2BK0LhknFBY%2FelXJZ3OzPI6x6ieT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb1fe93237-FRA
access-control-allow-headers: *

GET
H3-29 200 12 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 23ms
22ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/12
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec80805a24239356461ea559a6b4a0c5a010235d3209bfa4a4f755ce3ba6dc92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d302000032377c282000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2BZMMT3aO4RoBr9WRUelCDBPRGaFi91z9c6lrO2Z8n9dk7FyiNerLa6xYjuu%2BlULZz3ekKGyWvDcJValrURp6etA%2BRM%2F1xtKjNiRJQY60P7jrQfkhKID%2FHJlO5Vr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb38113237-FRA
access-control-allow-headers: *

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6EE1 65 B
548 B 162ms
54ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3253712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5c229a0afd0eb3d170f15f967f574b3745dcafef00616391164f21f84a5f4719

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3-29 200 13 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 73ms
71ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/13
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83ad52efe4c75dc2974fcdf014f0e22ff4fcc8af7806b190ba17d85f384d28a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=75U5NYnt68i798Ej%2Bv0QDUrU3VWcD8VtTS5s0VAtawsgnnaou4uOk4wDid63D2%2F%2FN4qK8aDRdfw%2FktZTpgljQXRU16%2B2BZNnqCll%2FgFiMQWsCjpDlq14T8qMh3Yd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb58453237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d315000032378d9c8000000001

GET
H3-29 200 14 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 76ms
76ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/14
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a958d17e73e36dcd45fb5065c3f0c1788ff5ac9c3b9d9dc9ea9e0f9ef538c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZriQlewDxfz5Y1rpmI8fXl%2Fok3C4SYTrF1EWoAJBbp%2Bz0ivifxBpJGOiI1P9BsQnvFa16NoZGW4bUAKDtBwF%2FKHVvU6G3%2BxwfGKSb80xj9fx%2BLIx3jXtRdRcyYWN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb58543237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d31b0000323797377000000001

GET
H2 200 1c29ba724f497fe1a72e013f49b51e65 Show response
cdn.itphanpytor.club/27/ Frame 6EE1 362 KB
119 KB 82ms
81ms Script
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itphanpytor.club/27/1c29ba724f497fe1a72e013f49b51e65

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3520397

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9b7400a048c386ef53c82d8760f4b2f7ada0078b67b2fba4aeebf5632876c160

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 05:20:14 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 16 Jun 2081 05:20:14 GMT

GET
H2 200 38 Show response
cdn.itphanpytor.club/42/ Frame 6EE1 0
495 B 146ms
145ms Script
text/plain 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/42/38?z=3520397
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3520397
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 10:55:43 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 9 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
34 KB 24ms
24ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/9
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 087000f790987644e6e52f85a1b33578f31e59c535671214ec845ed2f8228db9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d320000032379f840000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QA2ZTF8yY10yhZGlNrU78isSqKDC40TkMruI3VPHpKQoDF%2Fc%2F7tqrhMhSWgqLumWetNlMszJlab%2B1pyton2Qzo0lskSsie5spX0BJCvyBIXdQ6RBfqKnKVkXiqSM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb68603237-FRA
access-control-allow-headers: *

GET
H3-29 200 10 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
35 KB 23ms
23ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/10
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbad1e0007d84b8b958ff14a1134c91b16791fe0d62ea9513eb3c1787d669a08

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d32200003237d1964000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4d82H00qKBih9pAeSg2ORUcrPHf3HxkS6t8D%2B6zh%2Fbn7%2FZ6aQsywGQdrmphls9IoZE37baLqIutA%2BAKLSFkCVFkFiTNFzVjrgpTAYJbm5XDQXJ6daT9dMssOSRQq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cb68633237-FRA
access-control-allow-headers: *

GET
H2 200 fac.php Show response
cdn.betgorebysson.club/ Frame 9CD8 203 B
647 B 56ms
56ms Document
text/html 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.betgorebysson.club/fac.php

Requested by

Host: cdn.betgorebysson.club
URL: https://cdn.betgorebysson.club/apu.php?zoneid=3473627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4483a20c2654b9d6e2074ff3295ce4999d4a70c8ffe879bef504e1b612310b85

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: cdn.betgorebysson.club
:scheme: https
:path: /fac.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://geoip.redirect-ads.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OAID=fb9cd88d3b0841d39f5495e5ae2c8761; oaidts=1621508143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://geoip.redirect-ads.com/

Response headers

server: nginx
date: Thu, 20 May 2021 10:55:43 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 67c6d8fa8127ff3189a863eb957b4762
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H3-29 200 15 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
29 KB 55ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/15
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a9d4d16ea076c0049d2ed5901fc35246022f3447f21ad62932a5a098f299514

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xh6WqE0TMMnZZ%2Ft2i9igErFQFeRbdNaBOqPijr%2BipWJBEzaFtGYm2Fre7iG1Xwe%2FaQUPSRHtH2fkuPWFwP%2F4%2FHJp7uVOUXOVw7%2FKqpEPs5guKRbA4Jq%2BNKUhkw4w"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbb8d13237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d34e00003237802e9000000001

GET
H3-29 200 16 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
47 KB 72ms
72ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/16
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e31ccc3fc5b23e21fb725d0c4c8e87ee7cafbd6e251241510839ba87f63cffb6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mbcXAmRIkj7U5i5xthqBBPMaudd9I0N4C8SWCojxcOWEe5e%2FUgw0K4HunXe%2FA8eXVrqmg7RkT%2BUK9wNhrW2unstC73gfNUZoryBDc%2Bh1C4Z8BJYsv9KpGJZS2HEy"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbc8f83237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d35d00003237b8b95000000001

GET
H3-29 200 18 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
26 KB 59ms
59ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/18
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3400e109c3c0ac28d3270ed364f4e5c63ce203057b0e4c022b91c411d7879256

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D%2BUv9eNkhdTTnzbPVT42ne2IcXDTEymqlAsnaMX5Cj8nMlRrwXOzpk1tvQMPYospTwhA1Z5mNHHTiEnh1n%2F%2Blq3UuZumQWxXDj0%2BAhZ8vfZxZb9YkcW%2B202YnSnC"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbc90f3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d36900003237ce005000000001

GET
H3-29 200 17 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
25 KB 53ms
52ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/17
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a60347aca92ed585d92b03bac4cd32b6cef19c05536dba7a24c89ea664360f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JV8d2VlQ4O6JbHhaFbE4cb5BFEswWRLo6HbQMZI4kpEgQBGWQtikwW0rngpnC9CqwCodAk0KurdhSiYcMQdAEvGmLqtTqBY75bRed7kRmo9%2FH8in4H%2BgtKtb30ON"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbc91c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d36a00003237ad34f000000001

GET
H3-29 200 21 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
22 KB 54ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/21
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e97a6282cf66163cc0ba1ba2e35c0d52612296b12bacd9e79741ccd5fc47e525

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UG0coziirWq0zAk%2FsyQJ4De2PDAM3Ic00bAgGA6QoPnLJdDbK36RpILEfGT89YPjsJek9dssAnyVbHNoWXYhB7Si4SsFx2ik8Mzy1Snkh%2B%2BMk5sDl%2FUqY21bcWHV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbc91f3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d36a000032376c2fe000000001

GET
H3-29 200 22 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
24 KB 57ms
57ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/22
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed8f0fb75420294f5ee43f8aea9e921a9016aa7872d714a153be9cbda5e6573

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ztWhTiSCzduzGkHOfRtMRXnsMxN3o4yDO%2Bxc3tRvg%2BP8wHeULs5%2F6%2FqfbeCLzBVai6I1Io%2BnyXNDfU354TutUAQWzV0ZSMdEnjLlkqXublY2ZDPQQqTxB124AbSJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbe9273237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d36d00003237bd8d8000000001

GET
H3-29 200 19 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
27 KB 65ms
65ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/19
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec59da272a5eacd19abedbcb5672a3daf9889760e9e26e2027ac28dec2a23234

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8iLBrHlh1mTUPhSJWykp9QeANKUg4sIZnjVGlOkE69OnDYlBfnA7%2F8hZhisinQpri542G69B6hofqt97aUvnbWApfed2pzM0F1YLy38dIqssa6sHSV21Yocc%2BlPP"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbe9313237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d37100003237b0158000000001

GET
H3-29 200 20 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
22 KB 59ms
59ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/20
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64450b050cea458dd1f8d5c1f4dc32f3712dabef29d62ffa44b6d8f8a1ff78de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sRG04xiMJAszhIRHEZBhEouSogIAaQi98O6bnlyWpJgJFnGT0rUZsdB9bokmjGucrvmK9SAHgjVq77e1WJbcF%2FprzADISrD0bazYQmCW%2Bdy%2B5imhi3NrpbOPhgyz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cbe9343237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d37300003237d5871000000001

GET
H3-29 200 23 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
26 KB 55ms
55ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/23
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c56c642abfad261abc0d33d5ca763ec3adba710877dc5a96ab1261d23f42a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R5ddKEwbehQhY%2BPP6za7YC6A9G3TkhkkEqhNjjzaUAaU8IRJNlFIyBuqATPkxTKPslWOx%2B%2Bw%2FB0bHLrNRA8M%2FSBRTp88vM0eVdAsygvv9UVttic9IFV7zfRCuogU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cc196d3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d38b0000323769010000000001

GET
H2 200 img.gif
my.rtmark.net/ Frame 9CD8 43 B
491 B 53ms
53ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=fb9cd88d3b0841d39f5495e5ae2c8761

Requested by

Host: cdn.betgorebysson.club
URL: https://cdn.betgorebysson.club/fac.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.betgorebysson.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:43 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

OPTIONS
H2 200 3253712
in-page-push.com/500/ Frame 0
0 158ms
52ms Preflight 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://in-page-push.com/500/3253712?excludes=&oaid=8c84500273c045c481b6ee4e2eb04bd0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=833&wiw=833&wih=510&wfc=4&pl=https%3A%2F%2Fgeoip.redirect-ads.com%2F%3Fv%3DIXRFD77ts&drf=https%3A%2F%2Fsexgayhd.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Protocol

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://geoip.redirect-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 10:55:43 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3253712 Show response
in-page-push.com/500/ Frame 6EE1 4 KB
2 KB 64ms
63ms XHR
application/javascript 139.45.197.15
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: in-page-push.com
URL: https://in-page-push.com/400/3253712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a65081811b85f91aa69523a696d5775b89a10a0619da031bdac3ce2ef43b1a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 5993745e35b732bb2f5983718e7a8f64
pragma: no-cache
date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 204 9
cdn.itphanpytor.club/ Frame 0
0 206ms
68ms Preflight 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3520397&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fgeoip.redirect-ads.com%2F%3Fv%3DIXRFD77ts&wy=0&wx=0&ww=1600&wh=1200&cw=833&wiw=833&wih=510&wfc=2&sah=1200&drf=https%3A%2F%2Fsexgayhd.com%2F&hil=2&ist=0
Protocol: H2
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geoip.redirect-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 10:55:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ Frame 6EE1 84 KB
33 KB 37ms
20ms Script
application/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/1c29ba724f497fe1a72e013f49b51e65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 5813
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=81CpeU6KV7Z2uFsTnhUbSnlgG8Y94uZqVGLnKfei8UQDJX3iH9dcZcCQP52GzEbRrtCENh%2BJC3ttNXCGPb8lZO6ZBNH4DAOFywJ8h0AkvTN4lRBPzdjfeX3dLVs3SxEh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 652508cd5e7c4d8a-FRA
cf-request-id: 0a2b03d45600004d8a3580d000000001

POST
H2 204 9 Show response
cdn.itphanpytor.club/ Frame 6EE1 0
513 B 55ms
54ms XHR
text/plain 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3520397&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fgeoip.redirect-ads.com%2F%3Fv%3DIXRFD77ts&wy=0&wx=0&ww=1600&wh=1200&cw=833&wiw=833&wih=510&wfc=2&sah=1200&drf=https%3A%2F%2Fsexgayhd.com%2F&hil=2&ist=0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/1c29ba724f497fe1a72e013f49b51e65
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 May 2021 10:55:43 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 options
cdn.betgorebysson.club/ Frame 0
0 183ms
61ms Preflight 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.betgorebysson.club/options?option_args=CNuB1AESIGZiOWNkODhkM2IwODQxZDM5ZjU0OTVlNWFlMmM4NzYxGjRodHRwOi8vY2RuLmJldGdvcmVieXNzb24uY2x1Yi9hcHUucGhwP3pvbmVpZD0zNDczNjI3Ih9odHRwczovL2dlb2lwLnJlZGlyZWN0LWFkcy5jb20vMiQ5YjkwNmEzZC0yYzdhLTRhMjgtODk3Ni03ZWZjODQxZGRkMmM=

Protocol

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geoip.redirect-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 10:55:44 GMT
access-control-allow-origin: https://geoip.redirect-ads.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H2 400 options Show response
cdn.betgorebysson.club/ Frame 6EE1 7 B
368 B 56ms
56ms XHR
text/plain 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.betgorebysson.club/options?option_args=CNuB1AESIGZiOWNkODhkM2IwODQxZDM5ZjU0OTVlNWFlMmM4NzYxGjRodHRwOi8vY2RuLmJldGdvcmVieXNzb24uY2x1Yi9hcHUucGhwP3pvbmVpZD0zNDczNjI3Ih9odHRwczovL2dlb2lwLnJlZGlyZWN0LWFkcy5jb20vMiQ5YjkwNmEzZC0yYzdhLTRhMjgtODk3Ni03ZWZjODQxZGRkMmM=
Requested by: Host: cdn.betgorebysson.club
URL: https://cdn.betgorebysson.club/apu.php?zoneid=3473627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b4d6893d51163e4b7648990ae998ab4cb5a471b1a28bdf5f3a75274b7bbeb10b

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Thu, 20 May 2021 10:55:44 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 7
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3-29 200 26 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
27 KB 94ms
93ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/26
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edaab30f47124e26215134c29907cd17f64acfbd3f87f07958a9c8da889c6af4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qNid%2BquSpl7ULR17QgT6THpWFQvBEslVtRWFaHFfmAFBY51gFUD5JRiYldk8mZOxttSYTiRjLAC31k6D4x5ac6tygcsiUKFlQH6b%2B%2BzTiv1f8TyLpfNNRvx%2FjCko"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd6be93237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d4640000323782169000000001

GET
H3-29 200 25 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
26 KB 94ms
94ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/25
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bada22a899772748a22b664903ad8e1a84f2baaf69abbf70e4b8342c2e4b16c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YD9gEOvcvCNkoVfVBl5YT6bSAR0jsHAebANhsvMQxeel82HP%2Bq77LxdYi%2B6YTntKFgcys1K6PTwpeQaUFdnDhdNyDhfq9xrdAiYZMR494WIT2ZcjMYMlgyk5yySz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd6bec3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d46500003237bb835000000001

GET
H3-29 200 27 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
24 KB 57ms
56ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/27
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0b72e563612b26105ab971457d8ef38eca12c38981ff1ff03a979708e3df9f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G5hSej86T1A72tWLQbu4WEG3HB1nsAv6XnbzuRnJ6Oley7lgKVYvlT2ID9axJY%2BP%2FIPLH8OTUuIY8RJpwKbviQJji3liFND8yuOsB%2FTbPB3C8cCFJp9ygxzI0fYy"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd7bee3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d46600003237a79bc000000001

GET
H3-29 200 24 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
25 KB 56ms
56ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/24
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71c573b860097be74af1697495817a1c975491e675a07c2a3e67a9e59b2b5b58

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bzSsVky%2F15VeQFfrh0T7JCj9lVuepO%2Bq1vTSuX3BTtkHuBz0LcCa20Vhj%2FUWUsuK5QvOJdou00CGV%2BVEWTsCKvELTzaSjPUYBq0enk6P2%2ByaP4ldOAnawf3VZ6mF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd7bfb3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d46800003237bf3a2000000001

GET
H3-29 200 28 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
26 KB 83ms
81ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/28
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81be93f4a1f05377a5e67e552f2f4c48625e8f98644de81920c86aceb7258d85

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g1xizYr9zKvYMF1Fy3VfBEenZ3bj6cA3Spkm2fjmXK8R4fUwNxP%2FrzLK0NsgpobEnFybuj9YUkY5jIvjHZjojxIwKo5hA6ctfERlssz2nfRNfBjXr1QWn%2FpGx6n5"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd7c023237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d46c00003237d587e000000001

GET
H3-29 200 30 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
27 KB 86ms
86ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/30
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1ed74eb454d254db4f707c40bb7a1516fc826163c8c8ed6dda1631c7340729

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z3Vp1ga3qZHXq%2FS7vvrqx4XgMIws5eFptOja62EviY0CtqG4ZeWEo9bLkHnGoC9XXbNfpJb3IT6WpR32VAJYfaYZ7jhXVUV4CHdqrTKcI%2F5r3MthKP8G3e%2BkMqYM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd8c083237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d47000003237ad35c000000001

GET
H2 200 1.jpg
i.freecdn001.xyz/IXRFD77ts/ Frame 6EE1 71 KB
72 KB 87ms
61ms Image
image/jpeg 2606:4700:3035::6815:23a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn001.xyz/IXRFD77ts/1.jpg
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:23a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112b09f3ca15f59e3866109d0286b068f630aa074f80ff5fc22298425e15697b

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73164
cf-request-id: 0a2b03d49400004e2c023ed000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YUrYZ%2BgjF79FK8QJRnOps9GvY%2B5l5%2Ba60%2B0cXYDkZHjxoLNVNHOU%2Bfw6hG6zrTUDzPKAy7aRYTjpe9wO4kPbD%2Fo4koUHUg88KroydWbSo2Tscf4ObiXf7O1kVHUA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508cdbb004e2c-FRA
access-control-allow-headers: *

GET
H3-29 200 29 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
26 KB 87ms
87ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/29
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b2b86cc6492cb8d19e05890f64e48ddc07e46e9ec94b9f89f6e97a923cdf62

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gYkCE6hm1wUcrGnKl58ioupkZPzORllrzDdxnN4gYRgNkuJKgS%2Bm%2BVNmL2Uz2IxjiAjKXSWMfgHH6tZzAhQJPO92%2Ff34jGc6nT3Mcwoo8ILs6OSNPeWblj1Pa5qs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd8c173237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d47300003237bb836000000001

GET
H3-29 200 31 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
48 KB 87ms
87ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/31
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020040edd71f5370460418702b5320ade44c74ba8b08fc67b01c24d24d48542b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FvC5h2YDrB4eR8aYZotTOZJU%2BTkJPhT%2BAhJc3D7RPaoczz7HpfTQZz40%2BITgnx%2B2RrzlGlK%2FrM8zht%2FvkU50rmSqzRP3RFa8kQ4geUkBuZRYPGZRXmuJdCFKgbQd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cd8c2c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d4790000323762b67000000001

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ Frame 6EE1 5 KB
5 KB 31ms
30ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Thu, 20 May 2021 10:55:44 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 6EE1 6 KB
6 KB 27ms
26ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Thu, 20 May 2021 10:55:44 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ Frame 6EE1 13 KB
13 KB 31ms
30ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Thu, 20 May 2021 10:55:44 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ Frame 6EE1 7 KB
7 KB 26ms
25ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Thu, 20 May 2021 10:55:44 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ Frame 6EE1 4 KB
4 KB 31ms
31ms Image
image/png 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Thu, 20 May 2021 10:55:44 GMT

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame 6EE1 3 KB
4 KB 225ms
52ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: geoip.redirect-ads.com
URL: https://geoip.redirect-ads.com/?v=IXRFD77ts
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:44 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H3-29 200 34 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 61ms
59ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/34
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 153cf9b5e8dadb8aaffa745cb5b1459cd25650a4cf3767e6d72b68fc3bbfb02f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NNiLDXaQ0AgsPXjpQqTgIX3dp6oq3wY1GJjBh2LgZY49wW42MrSqJeYqhsIQ%2FSNaLEwqsFX3Dfrn2i0s6G4x7KQwo2ETSjL76SPwgfa1iJDaxzc%2F3Ex7wUoAM3R7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ce8e243237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d51900003237b53d2000000001

GET
H3-29 200 35 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 67ms
66ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/35
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1faaac82724b502fd4188082ba8eb57d14ee80dc00ce04296aa437de86175c28

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lfrUqs6MUUnUAGPyXI6FIU3nhz8f7tgqwfd6xao0uKQAJTZysze4K%2Fltd3UilXtk4wGZGoKURL8%2BJa%2BvUw1wQTd0Mu544kD%2BoLnv4zLfXEX4UMSxtBrzLquAnQYQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ce8e283237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d51900003237bb842000000001

GET
H3-29 200 36 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 49ms
48ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/36
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43903ae4a445d0f4eb862d33529061155336eefafea946ab878f451b7af3c3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CdsaEv36xhqKaij1TQJ4T%2FpvTrpllFcQGvJjIhfVgcTnv%2FN43VYBHKZvMrcbgUyjKcNFfMXgA6sFWeW136k49s2SodmBoPbq1paCJSyLXPF%2FoDH95P%2BZpw%2BQyWRF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ce9e383237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d51d0000323773938000000001

GET
H3-29 200 32 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
64 KB 46ms
45ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/32
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948c7766c4595d934180d4dc1793b68a17ade04beb5aac18b58a2cc5ef191181

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4kAkSLNsIw3zOckSMf%2FnT%2F9qo8HFHQXtEccuwyax2eB1818r8DIr%2BHJB2IkHAOkqA%2Bo1qHfLz0NH1urxaaoDw4c8KubKOFucoIUINeRPY5wZN5dh1g4dQhwwy6pS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ce9e413237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d52000003237aa076000000001

GET
H3-29 200 33 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
64 KB 52ms
51ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/33
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97d32f1aa8efecdef16415ae531a6a4c94249c8146d0fa49520cdf4849537f0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mYaSMJHrF9QX2yYsKGtgr8pr4lt1UdeEr36OAGGZsuGQUYyvkneBIUeuNmwLVIasnOWbDi1McbHD7GpJhb5dqc7ZBbq0CB4ZhzDu5LKR5O6%2FqvhhojqLGmC4lFyz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ceae513237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d525000032376e236000000001

GET
H3-29 200 37 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 54ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/37
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbcc17673429086efa0b18761c355b8e58fba4ae3836817ec641d866da04ae62

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NBEEu7x%2FawTZJX9cJ7ZQT1gD1gE3i2GRgkw3G9jBinEU8yIKIdRr7z6RKqp9KlFE9ozTWkygeIpKrDlbE9Dw%2BgmrpvnPqkwQYqtvZoTYzveVkkwcqBh76ceEQjDM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ceae573237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d52700003237debc9000000001

GET
H3-29 200 38 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 58ms
58ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/38
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d85bb75e61e7b0735519eece339e287c83cfb76b218de01a68dcb4cae89012b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AzZZ4ohIyU1iYjbgT%2BTuiD0WwHr9gWAhU1uK6K8JW2ue3RJ1QcbNrHp0Zy37NjBVNcKJlX83C25I6RZaQvR%2FL%2FJmP4gTk2STeu0RLXbASXkwZugtIcvfoswmqhcm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ceae5c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d52900003237640fa000000001

GET
H3-29 200 39 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 60ms
59ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/39
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9cd9883312f5f062352c8dd8bb3ff0f997f9f55355749958f727e238ca94907

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2F%2Frlf%2FuL1StmkXQtKDFnV1zbm%2BOCMi2XZZSqcW5kezYKwzhZLooy7cY3WfLpl0SBElPAgghm5IL0k73cX0mCwCfp4YLX9W%2FrLNyc%2FWqCHT0r678TQXOt1Jr0i97"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508ceae603237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d52b000032376c320000000001

GET
H3-29 200 42 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 56ms
52ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/42
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c24a6c6f71811ce00f4cf7933f01dc6c0866038306aeb0d3b49736bbe0488a94

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gRjAqPu7sic2Pzz8Be6zRNpBKKR3zhwy%2FD%2FfiNkusTD%2BXyEtd9QVvywoEnyzHY3%2FS2N6VHpq9AxC2AhioPy3aU81JSesYFlzGtpZHCTrwihQfiMAciJefRzH%2FHJk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cefee63237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d55f00003237d588e000000001

GET
H3-29 200 43 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 55ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/43
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7dee504e58dd9f6cc663e1430d80e56a596cb9fc1b270e8fb4b2060021b62d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6PO1EoizsEikSyrNPQ%2FSqIlqJqAkpz1j9riHl%2FiRAzJWejN%2BFup4Dp97TY7TUruFChR2v5zPJpyqWOC%2BX%2B7fl6WovhrWgyOILaMMW9VQImfVxEmzhVGpMIyPuFZ6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cefee83237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d55f000032377393e000000001

GET
H3-29 200 40 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 55ms
55ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/40
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31488c0854dc35a04084db4610918cd889060bbc156c0c3b4814781b4210fec9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0FHc4AJ9IfgX85Ro3Rbm%2FegHaOhIpq6haTVf%2Fy9z%2BOlZpT3VhhtocZ%2Fw%2FsEKiFZt49%2FrRsmwXcj6NKLRtU68fFPth6pUDBm1r11Zcb%2BWwVD%2FNqj7sPJi20hpwCt3"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf0ef83237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5630000323794b66000000001

GET
H3-29 200 44 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 67ms
63ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/44
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4bffebe3fe9e8660ccee8341cd464b69c7480569cd7614f6ebfbeb5db02d4c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pi1pbTe0XMbWxHfl7Q%2B58ZiVteRbSnlgh4q84QkaG%2B9uF5IGZXZrnWIHHonTuOcgZOKAhZVkB3HsK0mSQzlkUJsVXPoFq0KJsIbSWp9Tf8sIn%2BoxLK97vWC4mpGz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf0f0c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d56900003237a3b8e000000001

GET
H3-29 200 41 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 56ms
53ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/41
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a40b1f1c239993b5ca7ddcc6bf406bd3016b3e0d09245ee7ef41218d465f400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VVxfH%2Fv8pdAhXcjuW4B%2Bt9T1MywBbMNwsTnuOD9wbmSuXIIrqYSjZwqUlMBan4bOxUYamMP1g9Vcw6OFJIxSRWRaMe%2BtDVazMwS9zXn9i3%2F80L0BYzrW5DcihD%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf0f0f3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d56900003237b017e000000001

GET
H3-29 200 45 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 46ms
46ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/45
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ecce16c8e193922f49dced1b792337f5e8e9ed11452fa1a3b1d50c98e7fb8f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5q1%2B4bk30ScPsdJgsfCdS0lyOKyXNeD%2BH0E5mWMkqlU0K4WbFjPIJY1X%2BcufTbsPlacdg5v%2BguiZv%2B1TmXoCGVRMGkW29teTIS5UZrLkhLmtXhGyhtvbWapqzv4e"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf1f1c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d56e0000323762b7e000000001

GET
H3-29 200 46 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 62ms
62ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/46
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6bd028aca443fd72e502836831a19b4baa2f89bab47bb6b10b35201ef563da7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sXu911YSkkPI%2FZjF22NVFqs2l9acJbqu1vJ3Y9lJtznCQs1Syw%2BSNJ4Q%2BVPfp6okkt08tbGe6H%2FXphUkdNPGjLCB%2F2Isc1Tm7VeQp6rTncPVcOz6kxWxPzvkoQk6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf4f8b3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5910000323794b69000000001

GET
H3-29 200 47 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 53ms
52ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/47
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249d2b04043f46db5a1d8baa34271df719fe75afb139aa595f5dab75e1518de5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TWwuiNNvmAfFDd33MJp5uT4g8Fi8jtULNG7H2%2F9YpmmCuTb2ztRNVHYYcElsEbKO6XH%2BJUC0QqYQYZnVQsMFpI0z89PTvuCJJukpKJcz3nXOkLspwN%2FAP6PnzQeA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf4f8c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d59100003237bf3b8000000001

GET
H3-29 200 48 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 48ms
48ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/48
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30dd36d16e19db91dededc99edec6655fee9a959dd3bf409e90e42844ca1a2ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kEP109dr6AJYDXhmB%2Be5m6m%2Fn1%2Ft%2FFiZsJUY1juhQVusPiEXlxBdw4%2BL%2FgnyTMG11wS3n36IDqOyf1mJiVNRccpEzqKdTeyj605GfDDFHhp6JucJD%2B4uXqW6my4v"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf7ffc3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5af00003237b0184000000001

GET
H3-29 200 49 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 66ms
64ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/49
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b2736cd8c317446407fc8c22dc9497e9462cb9da8fdb6dd757453dd87aecc9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UAFBriGm%2Fj%2BUReCv3TR6rFvC4V3jB%2FwE5oegMooQ05TA%2FF9WPFo5p65h4VdeGs2s%2Fm8QnNZ93JIMDRWi8luK%2F4Rnn%2Fq15Fd36I%2F74X8rTLORZw3dTaeax89%2B28uT"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf88053237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5b2000032377c2b6000000001

GET
H3-29 200 50 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 48ms
48ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/50
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175b434284d6d2f707422f8c6b41f1626ba97233ee6782b517dba1567c9414e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YQ2OGUkEzDnRNugAZJXukiEkVhiz23K%2B9XULvZ%2FPs7o4Db3855vEkipCfYUoRnooGeZ79njiEwb0JJx8N9vjBB24DzC3kRmhgsJjUFR6A0B6pg6odsSpKfTtb2a6"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf88063237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5b5000032377c2b7000000001

GET
H3-29 200 53 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 62ms
61ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/53
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83128b80c6831f855efcfad7d2b62fa3bf284940df241dd31d6f3a6d043647

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hrk1D9UNf8k%2B2FkQ8sUTjtmRIMQI6W0L8Ya3K%2FfDKTr%2BbNemxCnkuEh2Zo7y7yotWPKz0QzpLCt4jTVMycra2KgblfBXJ9ZVh4H%2BLtVFMYDnybtuFKl09c6k7b9w"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf88153237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5b700003237b53da000000001

GET
H3-29 200 52 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 56ms
55ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/52
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442fd32e18792925c5fd06e7eaa076db2911024ae57dff5c947c4cac1bc91965

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Fva50yJ17H7sJgSoniRl%2BGL%2BINCGzsOwrwFm%2FydYeSgBLJTUgg8DRaoXHKPRxJBuLAlDjRu%2By2a2QXKJnGjCmvtHLgLFt4bm8%2FC7D%2FWynCNmBXLCfxDRLx%2BHn9P"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf88203237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5b900003237debd5000000001

GET
H3-29 200 51 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 70ms
68ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/51
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c6f9515c5d852004aa05f886938822937922be10e0ba3a44e2fc226f5151e6c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2FJ%2B3nkWtJF4A5cSXw3BJbOqYbCeawR4Fh%2FUBj4GFXPtLDegbf8rIkbP3t6p1WG89IjHY8y5IzaJxTHSL3vnaibKPuQfQdjsT0dJ36F7aSE%2Fzftpktvhp4BfEV6i"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cf98353237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5bf00003237ad377000000001

GET
H3-29 200 55 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 51ms
50ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/55
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8edc1b76ceec2edf7d984fd6bb249c27c0d0daa0cb0856e24c16f973fafd0744

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nmYCskIyrhsyYD4vropu2QAgu3zRgURdcVZa99rIHOvDppu6vKQwwBG2%2Bv30qzSwYHeOG4pdQYXTiehaL0IyQ9nHEj0iMLJlg49tefrS1%2BR6v3%2FJvZzhiy4xHxXk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cfc88c3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5e20000323764b80000000001

GET
H3-29 200 54 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 52ms
48ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/54
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 121cf286c04eba2b8448ec2cc3ecac116387d4dfbacbc466d86b3a2f403bb7d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IuRiszrQ1ExoXF41puEuBMHFdYIlBln7lhk5iTofFCh34fbw4Za6orjSeUhoehNd5KhQ3E04oIB0MRjHoy5VF0bgFJuxE30fRTmOgSZf8nupQLBd%2BFMJJR6c0Doz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cff8cd3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5f9000032379f873000000001

GET
H3-29 200 56 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 55ms
51ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/56
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 642e3bbb563aee76b3689eb2960e7f7ef397e3fb47887c48f2a92fa829e8a7a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aPTQ5e%2B9r4C7aUTI9ru5ltEXAztcmrF4VTSYGxz1IntAmXSiEQCPm3VUoQbUO5%2BKZGCHUrCBw2PleVPNB%2FORKQbwkH78b%2B5mZ6BwAhInBZHlG8ciCcFZmzD6jXBE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cff8cf3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5f800003237b0189000000001

GET
H3-29 200 58 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 52ms
50ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/58
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732baf0bdd89a464f6f2881414c27037a16a25d56ca407e8e5ce2028769f3ea8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vK2ursYJ8pwnUmbx2zM9NRs6xsOkolp56CkqqIZ%2BNAcdnjJzkW7aP%2FmydHrTwnfddp3uUne2mu2FuiRIKf6mTIZPTET5b3xrX2NcTHeOm1OCftJY27NnI7ev9VTp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508cff8d23237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d5f9000032378d9f3000000001

GET
H3-29 200 60 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 54ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/60
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cdf570ba5c08a0443463cd168d41730a8d3bf82953200f4d9bf591708166a66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bP2G4ifWs6KPOTgC0%2BQ3sfVDcO8FXVdx8iDAn4g7v82ehqo3BwNV0PffNArebQbhVAi2nbQlgBnj0LDgdmzUk89KnJGTJrAG0Hah0wudEOqG6B8RYBpUw7Uzo%2FcN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d20ca53237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d747000032379c8d0000000001

GET
H3-29 200 57 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 56ms
56ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/57
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c286d99970d0a239679f3314903503c079e751f27bac7c2090d8366f427070

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WhEYhWkXCx02Fjgr8ui7Uv3BnZ2x0t%2Beh7Cf2UMruKqvmFlgaUlglmQzL4zaOtAxSN1F042wRZHAGqPa6ixQHmb0vhyi91IEsfmgbJYwloSttkf3aE9E%2BDPjK49z"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d22ce73237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d75b000032379f88e000000001

GET
H2 200 2.jpg
i.freecdn002.xyz/IXRFD77ts/ Frame 6EE1 53 KB
54 KB 73ms
47ms Image
image/jpeg 2606:4700:3034::ac43:c74c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn002.xyz/IXRFD77ts/2.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c74c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200653b4a64f05a238e3d5803895ce534122af75620c4fc2e7d7feedc667b841

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54444
cf-request-id: 0a2b03d7750000535d19b7c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J3z1t88hI2erl4K24yZG22SDBAJZTetaZB0ubYwbnvQ4jJMQIyUmtv5K6LPt0xv65CT4U2x3UkhcJNMpWGJ1Ya09IlvgmBfshMwUnYMyWXLuNJehbjzpeSL53bop"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508d25ad6535d-FRA
access-control-allow-headers: *

GET
H3-29 200 59 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 51ms
51ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/59
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77b9efed6beb85395b7ac668cfc57a353c4b9c57a103a4b0d840469c7b98ccd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZmn8%2Fgh2sWXQ7DaqQW7FSDeRpYFu8JASsjDzR5zWB71qn5WlOnPSTpG809L12vl1vhd75crVCrgcjaEIxkAjPiHh%2Byk8Q9XsssIiK9C0ZWfYcfcMYHroqRt7Kqo"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d23ceb3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d75e000032376e265000000001

GET
H3-29 200 61 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 66ms
65ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/61
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37338896f8ba38a2dfc2d5779ffd3cceb86bb43ccda8c890f82b52cbcb7d1111

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WYi6Ziy4WBuCgudHuZKYfO0EZVlZk1ZEGSU53%2F5uqSq2%2Bj%2BaRX1jrvhY8sScgb%2BM3T7bhjorYrly%2BCWe5mPMgH%2F1nBZBMkf68Z9qCfNuaFP8MOdgc9zW1w8fRSCH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d26d603237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d77f00003237bd91b000000001

GET
H3-29 200 62 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 69ms
69ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/62
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3fea4e662ea94fea0567a7f037ea83cb1b725ab084d6ac3fafc5acc3ea4962c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DsVlvrzqzzkD6AlXShwp9izWMY8f%2FY5CTfJNTkF5UPzN%2FXVxwIBwYCUNoo8zQOrX5H2nqhtX0%2B4N%2BGWngW74z4CRyI%2BBZ99BXNEB2JJqLdScjX91N4vQVyAn8E04"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d26d723237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d78600003237973ca000000001

GET
H3-29 200 63 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 57ms
57ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/63
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c37eba08052194b89be09ca207e41aa184f79736d723e821fce59d4468bd186

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QuHO5jlxUFqGrry5jajYfdw5QmsCcq12tG6ijSSgAH0yBe6arbNAH0%2BHDTlEijUAdFkw3RA%2F1cDMOCKQqDWnKCcNc9Xr00EVCAYG03WHNXfYa1Hih3hts32u0kTa"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d27d793237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d788000032376c34d000000001

GET
H3-29 200 64 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 59ms
59ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/64
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de81d0537549bfd11d5efbfb5723df210e6aeb23b23f26b2f1e3dfbb5f2977c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=13%2BSkAW%2Fwj9y8ynPsqOHO0giBHGvrptKqtdwvsdL4%2Bv%2FzCtO5JtlGrqvufjyGUEUYXkmc0j08jNQrMwj%2F0NrC%2ByBGyDN7A1Z2cBDaolo5Fzo8AoZARR6MA5pqtuh"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d27d843237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d78b00003237debf7000000001

GET
H3-29 200 65 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 50ms
50ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/65
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fa40da733f3191a846c140a00383d34c78a1442f2991494e5ca24437935e11

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SnwJRmsvLAc7vS8EGPystgRn0OQxtRWL1Cx5pgSapMkLYguRP%2FUklfGFqh%2FN2kEfaJVVG3rkIV%2FPr%2BT0Do5tgUt8LZeO6epsvTtq498PFuFriMcHtM%2FXADekMHfP"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d27d863237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d78d00003237b297d000000001

GET
H3-29 200 66 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 52ms
52ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/66
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5daf463864709118121d55265e3dc6fc8b6f70d98d4b80cf2751a440799da89b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LIwTXH2hzb1zTQ0PoSqAe%2B7z4AntvvkX6igkJamFlH3eatXoKk5%2FsmBjpivvNSAQnSa4W6lgnSKHhM77m5sc8I6EqZyTbGyi0%2FeubIacnc09OSAwJssibHjdSKfZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d29db23237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d79e00003237aa0a6000000001

GET
H3-29 200 68 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 55ms
54ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/68
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9301d7da8f33417008bf65529a8b69f041665089e7d55ec40c6c3e3473139374

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XMXLMPykhBP8rWe8%2FAg3ER5eEBuGYws03bqV%2B1yL2Lld8WKrGp6Uo2HT3Ja6qosUWcTeNco5mD8zRcf5mI8DBCKI%2BV9cxpGSgSqvT%2BjohNWcTCc5H8rPnfMAwq7f"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d29dbb3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7a00000323776bec000000001

GET
H3-29 200 67 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 47ms
47ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/67
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4daeed7136a18c6adde6d5f5baf2bceee7dc0b84bd7ee884dc423f7fc8364b99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HF%2BMmMQcTzrYmWACyuF0nGWaKc0gxgOIpFdv9gIcdnDFV5vUOOxGZHonsaHKr7aw232poaSdsXIQzGD1Mmhee5e8Hg%2FbzMy7oNdW8bYY8cB%2Bb%2BRM7MwMeLCGP%2BfR"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d29dbc3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7a100003237821a5000000001

GET
H3-29 200 69 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 55ms
53ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/69
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caae838ca4d1182b4da971eb26644751e0e20c4d5e69c61b5650d52c69d9864c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XUL0RwCx%2Bh0p5eVnrfL3M7%2FSGVssktV4CoImrlv4%2BXKOGHMBXL4HEPXfL1JhDYJU34LpdyjpdMnwWmTB1LPUwqTrzW3dpZ1S8a8%2FAdbDtVpr7oWxBTj0ya2ZeKY%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2de403237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7c900003237bf3e4000000001

GET
H3-29 200 71 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 54ms
52ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/71
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f476109cd8f83f8dca437cb6455660539e9589369c78ad8c313172934fbc9f81

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTQ5hwwl7NIW33Hyg%2BcKoVRnVCTbh7Zfs9KTQKvTNfDG7%2FTNw9168IHBJraEblOMeD%2BgoOmunp8r15zlRc91RLZ91Mv2zLt6L%2BpcMNAXHG4%2B24d%2FpnXy9oe7EpuZ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2ee4d3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7ce0000323773967000000001

GET
H3-29 200 72 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 45ms
45ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/72
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a20c3d47b37d5f4680e6444bc98f5fa82f64c0a968df468e7d3166df6f3cc16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pa8sJD6yMwkKjfIxmJ7u55n%2F%2F9iuiiEf0GWLjOPgqSIFjjE5t3YTdkPc%2Bg5rzMli0JYpk5jTmqdnC2qBJIOxMHtdDBd2HSQc8WVMKFYWvcasFpFSnbaodu7wlspz"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2ee4f3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7cf000032378722c000000001

GET
H3-29 200 73 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 48ms
47ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/73
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27dff0c70624da867882b9014e0317e4840513324170d9c5127d5f7322fbc62

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1lUh5G01L%2FsC8toMcwIDh40w7eGIR%2B%2FL38CQSQ6XT4ENUwbXfGWB7EYmoq9KF410naW64K4CEKQIMMK4xX%2Bnhtcd3tB3%2BLbdLuPfCPb6slPeyhK0Rmy50RMVvtug"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2ee5d3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7d200003237b01b5000000001

GET
H3-29 200 70 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 50ms
49ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/70
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7124b5361e85f3b312ebbd14c84f948f7db19b358837fc49fc17f6cd79053e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oDhTkPmXAvTDVNsDvqAuFWzMb0Bx%2FX%2F9KEJKf2mOuL23m%2BcdGHASCJ%2FZKMazbyxjZmOCuEgbfXw7M%2FP%2Fkg%2BTI2D9cWqzoKipG6wBZLJcCb5j5Flc5I2QEi7vtFlD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2ee633237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7d40000323794b8f000000001

GET
H3-29 200 76 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 50ms
50ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/76
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee67efe1ffe971e7103861dbc2cf0bece111eb1fe8dd30e857c477e985aef43

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fv4z36VrWM2LXfjiOofwpMp4waqIHwmrUFu0blvDe3u2dIC25ZMeJ0bDzUE54xubu8XP%2BInQ97bLlfAWcMvA82GtnxdJnipUhxF3DmvLlMCbI%2BqIIHU98Jgt9ibk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2ee683237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7d5000032377c2e5000000001

GET
H3-29 200 74 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 46ms
46ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/74
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b441a5330e946d3e3ec8aef5215cf13c23d630241916f3ab8eeeed79ad9d69ea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6HPZN4qqpLDJZxyIur2h9r%2F8%2BGKuSklFmRTDnm7IGzIBh5WapogBtgzNJvBysYu2JFmb66GLkfRoOiq45uVKl8hnY9A2ogo%2FrcQR%2FHpCNsJJX0KKmOf%2BOKPzEa4X"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2fe773237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7db0000323774122000000001

GET
H3-29 200 75 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 52ms
51ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/75
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3838372572dfcdcf550505b5f95bb07aebddc2ec7f7d8ca6319ad81d05b8040f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7v0qw2lrkcummCGsSK%2BrZDmbkJc47hTECFMouQ5di4Tn88KSfBHWcppXT0PutEVY48GHqAsfEP3ZI0LzqUbD%2BXIt8CWOlb5qJ%2FqWZQN5XXXeYulV4dvTKs2Y0LYl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d2fe7f3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d7de00003237d19be000000001

GET
H3-29 200 79 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 76ms
72ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/79
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6506d22ccc1fe7f82d36fba48221734c50e80884583d8c5bcb276fc8f7892857

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ut2giGh9%2Fr2iO2A3wtKxZj9FhF2dpXgNpTKeY8wpKG9789pgkXV5%2BCA6jnXLXUN%2FP06txfmZOmsTTbYompT0feXE50i6JRi%2BgvxDvkKGdf7g0bykQUZdPuD9eo%2BU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d33efc3237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d80b00003237b8bdd000000001

GET
H3-29 200 77 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 54ms
49ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/77
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c6af58f4b8c9c50d9ee0386a6f4572f4a4d6ffa63d3dabff31b3ad8c380a02

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nO8dWgq04PsgggGgQaLpYCOYw7%2BNcpSwZuP9RK6Mc3%2FIbbHs8aIPdaFubuKWQ0eW7adnpWMGRjb62NDImOTbr5FUaqKEYhdBgV5TATKl%2FkGzFelBgACyJu3wN6z7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d34f053237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d80a0000323764130000000001

GET
H3-29 200 78 Show response
cdn.heycdn64.xyz/3598364/421930222/65536/ Frame 6EE1 85 KB
65 KB 62ms
62ms Fetch
text/html 2606:4700:3032::6815:12e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heycdn64.xyz/3598364/421930222/65536/78
Requested by: Host: iamcdn.net
URL: https://iamcdn.net/players/bundle.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:12e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef93e60baadbc44ebef9252db1f137f4a1ee342ed1b495b784a6b236d7c36a10

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D6Jre5xhurvwqfcUNjNIS8kEYOORl6j%2BLY4myWGmJpSpHPhlZA2%2Fwy6jcYgUol5vbh%2Ff67CjBiDrnMR4vg%2F9lpp0ijBHVevfV6SpWjc9mk8ibQ%2FOe2oE5k3ntJLV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://geoip.redirect-ads.com
cache-control: public, max-age=2592000, stale-if-error=604800
cf-ray: 652508d34f063237-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b03d80b00003237ce061000000001

GET
H2 200 3.jpg
i.freecdn003.xyz/IXRFD77ts/ Frame 6EE1 69 KB
69 KB 77ms
48ms Image
image/jpeg 2606:4700:3036::ac43:bdac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn003.xyz/IXRFD77ts/3.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f34eec8fc52197f2421193bdc9245f4076eb6e4033cb401132bbcc561e70adea

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:45 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70347
cf-request-id: 0a2b03d9c900001f3574361000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bLs70JM2S8oTeeGx7M3bC7BL0I4pWsj5VSul3MEv5rFcWQW4YnvnRWqvEQ1lk4qQjvIZQAQDNl%2FELku1kQBoACak3mqojbAiHVgoO%2BhDynhQSlpwoVFJ3GQJp%2BTw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508d609c21f35-FRA
access-control-allow-headers: *

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 165ms
54ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://geoip.redirect-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 20 May 2021 10:55:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://geoip.redirect-ads.com

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ Frame 6EE1 0
409 B 213ms
98ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 20 May 2021 10:55:46 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://geoip.redirect-ads.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 4.jpg
i.freecdn004.xyz/IXRFD77ts/ Frame 6EE1 46 KB
46 KB 65ms
39ms Image
image/jpeg 2606:4700:3035::6815:55ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn004.xyz/IXRFD77ts/4.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:55ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddea7ca2943432d5ed94a6f5d3f42161298bc1d86afc889d42bcfa4195262fab

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46801
cf-request-id: 0a2b03dc1700001f21e506a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lg%2BqR9zLtXC4xm%2F1vVluY6X%2BoQlPbRaNFkB%2Fg9atJztHHs3z7BEn9nOirx%2B%2BnitjPh2QVURFvoMgiEqassVKWrevq1%2FaLV4bHmL5g80zX8LL2lIc1wLEgmZDe7zz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508d9bd881f21-FRA
access-control-allow-headers: *

GET
H2 200 OB_MyX8ppXu9H2dQkSBbiQli7wGm1cUbz1vyW6l09APtsUXJxfL3-94MjPNP43g-eg-qPX9Mq42L-TWIAhMDk4SfHZiorkLHi1SCxefB9kJzIAKTGj30XiOT2qTZS-Ehv51Wykj0zDcn3VwDo09_r7dQD82M3KNiFacewp8lyQ1yhCotjRtJKFPqHLof-KB9BwA8w...
forzubatr.com/impression/ Frame 6EE1 43 B
326 B 185ms
63ms Image
image/gif 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forzubatr.com/impression/OB_MyX8ppXu9H2dQkSBbiQli7wGm1cUbz1vyW6l09APtsUXJxfL3-94MjPNP43g-eg-qPX9Mq42L-TWIAhMDk4SfHZiorkLHi1SCxefB9kJzIAKTGj30XiOT2qTZS-Ehv51Wykj0zDcn3VwDo09_r7dQD82M3KNiFacewp8lyQ1yhCotjRtJKFPqHLof-KB9BwA8wyg-DGY2C9GAkpXogQDhdcvGIv3pgPqvax9ztXaPRSVuEUqJWIDHJGLV2UpVZJBYhYtHJDA=?z=3253712&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=833&wiw=833&wih=510&wfc=4&pl=https%3A%2F%2Fgeoip.redirect-ads.com%2F%3Fv%3DIXRFD77ts&drf=https%3A%2F%2Fsexgayhd.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: f6c2a7713dc04739486b81eba263edd2
pragma: no-cache
date: Thu, 20 May 2021 10:55:46 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame EE0C 3 KB
4 KB 53ms
52ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 10:55:46 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 200 5.jpg
i.freecdn005.xyz/IXRFD77ts/ Frame 6EE1 66 KB
67 KB 79ms
45ms Image
image/jpeg 2606:4700:3036::ac43:c547
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn005.xyz/IXRFD77ts/5.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c547 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fdde61ddebab2512f2d3338cc71738e06e990757966a4a364fc47fb1cf68a17

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:46 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67789
cf-request-id: 0a2b03deae00002c197f178000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AWAIC8iDX1uJV2zJ%2BExUVqz7ohnYFEsfjKYG8AXXl6QqiBGCeFISuVpDA4IIHZS60q7zM1rEI8eeqG3yy9yyVXn5AieHsk9WGvbiWARJCdG%2Fmim02ZaQ%2BBOgPJe4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508ddefe02c19-FRA
access-control-allow-headers: *

GET
H2 200 6.jpg
i.freecdn006.xyz/IXRFD77ts/ Frame 6EE1 59 KB
60 KB 75ms
46ms Image
image/jpeg 2606:4700:3030::6815:25f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn006.xyz/IXRFD77ts/6.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:25f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 751072868341b633c59118e7d24fecad549b7603839d714e5eabfa667ac0b44b

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:47 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60673
cf-request-id: 0a2b03e0f400004aa34e31d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZxThlhjo15pRIpweJZBoO3MifFwvL91LXklDt2tLtcxT873FYJdr19rhzQCZWx2app125ahcXgjkLMmMxPBZ%2B5b3fD1QIEacQhDGADQ%2Fg6bPnazg9n5L5FMmYTk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508e18ff94aa3-FRA
access-control-allow-headers: *

GET
H2 200 7.jpg
i.freecdn007.xyz/IXRFD77ts/ Frame 6EE1 92 KB
92 KB 68ms
43ms Image
image/jpeg 2606:4700:3033::6815:57a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn007.xyz/IXRFD77ts/7.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:57a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762c5ecdb3a434d4b740aa043fd39bb82d8ba482fe4e9efc1e6b59e9fcdb0b52

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:48 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93839
cf-request-id: 0a2b03e337000031282a21d000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JkGgLlq0gbJSil7r7IjDm%2B4Mzm5tXnVp6TpctbUt85ByDbkxvpFKCYt5YcbY8Js9OpVm8%2BWGrTmMq4oFWKSWyU2NokIAJFdaqKo8ogLYMYGtulwIYLXPjK4YvL5v"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508e528863128-FRA
access-control-allow-headers: *

GET
H2 200 8.jpg
i.freecdn008.xyz/IXRFD77ts/ Frame 6EE1 63 KB
63 KB 67ms
39ms Image
image/jpeg 2606:4700:3036::ac43:9a90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn008.xyz/IXRFD77ts/8.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9a90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13a8492f8c1ba5bfccf6ec0fccbf64bad5019117d09c26959e0296ccbf614bb

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:48 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64343
cf-request-id: 0a2b03e57a0000c27ce0257000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q6mzA6oRjqQ2f4P4Fx3yxjtoEwRSmx4IT6SYfMpvp36dPBg9Y8FJu%2F72qsVyiJjMk0TCp5TrySZavLQGxRdN7I8lAO8XxzGurypj3Wmo8RnylP9adHUQGa%2BoXoOP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508e8ce09c27c-FRA
access-control-allow-headers: *

GET
H2 200 9.jpg
i.freecdn009.xyz/IXRFD77ts/ Frame 6EE1 82 KB
83 KB 123ms
97ms Image
image/jpeg 2606:4700:3036::6815:3247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn009.xyz/IXRFD77ts/9.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b7e58a65f643bc191041f2965b15aeed9d4918054aee3d7cf5ff0f28acf4162

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:49 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84440
cf-request-id: 0a2b03e7c300004ebcad3f0000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dciQ6r2svZF1Gnypx529ZEG%2By4sMN5%2Bw3JhGPxaTD%2Fl4WpPx9sSAmERxMsBVJisJ0Rt6%2BypQGuciy4zPY5FqQgs0tFxDwgu2TQIGsiTNqInnREh0zK%2Fzsf3lnWaf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508ec68604ebc-FRA
access-control-allow-headers: *

GET
H2 200 10.jpg
i.freecdn000.xyz/IXRFD77ts/ Frame 6EE1 65 KB
65 KB 44ms
43ms Image
image/jpeg 2606:4700:3035::6815:5f25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.freecdn000.xyz/IXRFD77ts/10.jpg
Requested by: Host: japangaysex.com
URL: https://japangaysex.com/2019/09/tkb30/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:5f25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f8145f87fa97c46ad9b55b722db5001076161566e7292d4f1365db93cc87b0

Request headers

Referer: https://geoip.redirect-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:55:49 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66192
cf-request-id: 0a2b03ea1300004eaf512ea000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cCF7kKp4wivrX2g%2Fg9oX%2Fi0DRMUloi52AavBH4UqRBv31wXVVgCj2ZFIRIAF6Kp%2FJfD1oZLW4HFUAaLB3x6e4884sdtNExN5rz8Y7pX0NIX7xWdmUmUkZGXVjIRt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 652508f01c814eaf-FRA
access-control-allow-headers: *

GET adshow.php
poweredby.jads.co/ Frame 544A 0
0

GET adshow.php
poweredby.jads.co/ Frame 9A6C 0
0

GET adshow.php
poweredby.jads.co/ Frame 51BF 0
0

GET adshow.php
poweredby.jads.co/ Frame A83B 0
0

GET adshow.php
poweredby.jads.co/ Frame 8558 0
0

GET adshow.php
poweredby.jads.co/ Frame C856 0
0

GET adshow.php
poweredby.jads.co/ Frame 2B4A 0
0

GET adshow.php
poweredby.jads.co/ Frame 1E10 0
0

GET adshow.php
poweredby.jads.co/ Frame 2B0D 0
0

GET adshow.php
poweredby.jads.co/ Frame B968 0
0

GET adshow.php
poweredby.jads.co/ Frame 3DB4 0
0

GET adshow.php
poweredby.jads.co/ Frame A6E2 0
0

GET adshow.php
poweredby.jads.co/ Frame DA03 0
0

GET adshow.php
poweredby.jads.co/ Frame E158 0
0

GET adshow.php
poweredby.jads.co/ Frame 0038 0
0

GET adshow.php
poweredby.jads.co/ Frame C7A9 0
0

GET adshow.php
poweredby.jads.co/ Frame 211A 0
0

GET adshow.php
poweredby.jads.co/ Frame B07A 0
0

GET adshow.php
poweredby.jads.co/ Frame 222D 0
0

GET adshow.php
poweredby.jads.co/ Frame E9F3 0
0

GET adshow.php
poweredby.jads.co/ Frame 74AD 0
0

GET adshow.php
poweredby.jads.co/ Frame 4FA3 0
0

GET adshow.php
poweredby.jads.co/ Frame 62C2 0
0

GET adshow.php
poweredby.jads.co/ Frame A900 0
0

GET adshow.php
poweredby.jads.co/ Frame FCC7 0
0

GET adshow.php
poweredby.jads.co/ Frame 805B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mobile.juicyads.com
URL: http://mobile.juicyads.com/service_async.php/serveAd?JSON-response-callback=rpc.callbacks.r1&id=1&c=124969&s=223044

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=771335

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=777696

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=895141

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=895141

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=895141

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=895141

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=698960

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=698960

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

131 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 7) Message: %c join the juicy ads team ‌‌‌‌⁠‌‌‌‌‌⁠‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌%cJuicyAds is growing quickly and we are always hiring the right people! We are actively seeking experienced, motivated, proactive individuals who are interested in working remotely as part of the JuicyAds team. You must have a firm understanding and experience of how JuicyAds works as a Publisher and Advertiser to be able to work with us. Most important, JuicyAds is a team of independent contractors and employees. Everyone on our team works remotely from home which requires dedication, loyalty, and above all the ability to be responsible. We will ask for a CV/Resume, so please provide it when you contact us -- your past accomplishments and experience is most important to us and we love self-made Entrepreneurs. Fancy diplomas and papers not required but an added bonus.‌‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌%cFIND OUT MORE ABOUT JUICYADS CAREERS AT https://www.juicyads.com/careers/‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌‌‌‌⁠‌‌‌‌‌‌⁠‌‌‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌⁠‌‌‌⁠‌‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌‌⁠‌‌‌‌⁠‌‌‌‌‌⁠‌‌‌‌‌ font-family: sans-serif; color: #f68000; text-transform: uppercase; text-transform: uppercase; font-family: sans-serif; font-family: sans-serif;
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://c.adsco.re/(Line 15) Message:
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: JW Plugin "jwpsrv" already loaded from "jwpsrv". Ignoring "https://iamcdn.net/players/jwplayer/8.4.2/jwpsrv.js."
console-api	log	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: JW Plugin "related" already loaded from "related". Ignoring "https://iamcdn.net/players/jwplayer/8.4.2/plugins/related.js."
console-api	log	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: Cannot read property 'jwplayer.mediaIds' of null
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	error	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: [object MediaError]
console-api	error	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: JW Player Error 224003. For more information see https://developer.jwplayer.com/jw-player/docs/developer-guide/api/errors-reference#224003
console-api	log	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: JW Plugin "jwpsrv" already loaded from "jwpsrv". Ignoring "https://iamcdn.net/players/jwplayer/8.4.2/jwpsrv.js."
console-api	log	URL: https://iamcdn.net/players/jwplayer/jwplayer.v8.custom.min.js(Line 10) Message: Cannot read property 'jwplayer.mediaIds' of null
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://iamcdn.net/players/playhydrax.min.js(Line 8) Message: [object HTMLImageElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: [object HTMLDivElement]
console-api	log	URL: https://js.juicyads.com/jp.php?c=3474y233v2a4u4q2q294x29454&u=http%3A%2F%2Fwww.juicyads.rocks(Line 4) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
abyss.to
adsco.re
api-public.addthis.com
api.apigatewayz.com
blockadsnot.com
c.adsco.re
cdn.betgorebysson.club
cdn.freeimagecdn.net
cdn.heycdn64.xyz
cdn.itphanpytor.club
cdn.jsdelivr.net
cdn.popcash.net
cdnjs.cloudflare.com
connect.facebook.net
dcba.popcash.net
fonts.googleapis.com
fonts.gstatic.com
forzubatr.com
geoip.redirect-ads.com
glassmilheart.com
hqq.tv
hydrax.net
i.freecdn000.xyz
i.freecdn001.xyz
i.freecdn002.xyz
i.freecdn003.xyz
i.freecdn004.xyz
i.freecdn005.xyz
i.freecdn006.xyz
i.freecdn007.xyz
i.freecdn008.xyz
i.freecdn009.xyz
iamcdn.net
in-page-push.com
japangaysex.com
js.juicyads.com
kvnd8a0npizx.l4.adsco.re
kvnd8a0npizx.n4.adsco.re
kvnd8a0npizx.s4.adsco.re
mobile.juicyads.com
my.rtmark.net
o.wowreality.info
oranegfodnd.com
playhydrax.com
poweredby.jads.co
s7.addthis.com
sexgayhd.com
static.cdnativepush.com
static.lalaping.com
storage.googleapis.com
v1.addthisedge.com
whowhipi.net
www.blockadsnot.com
www.google-analytics.com
www.google.com
z.moatads.com
4.adsco.re
6.adsco.re
mobile.juicyads.com
poweredby.jads.co
104.21.235.160
104.23.130.4
104.75.88.126
109.206.162.83
139.45.195.254
139.45.195.8
139.45.197.15
139.45.197.188
139.45.197.236
139.45.197.238
139.45.197.241
151.139.128.11
162.252.214.5
172.67.212.104
185.200.116.90
185.200.118.90
185.94.236.246
2.18.235.40
2001:4860:4802:32::15
208.95.112.254
2600:1f18:510:800:2943:bb87:a771:c207
2600:9000:2057:c400:c:dd71:23c0:93a1
2606:4700:10::6816:258a
2606:4700:20::681a:a8c
2606:4700:20::ac43:4b21
2606:4700:3030::6815:25f2
2606:4700:3032::6815:12e0
2606:4700:3033::6815:4666
2606:4700:3033::6815:57a8
2606:4700:3034::ac43:c74c
2606:4700:3035::6815:23a5
2606:4700:3035::6815:55ac
2606:4700:3035::6815:5f25
2606:4700:3036::6815:1409
2606:4700:3036::6815:3247
2606:4700:3036::ac43:9a90
2606:4700:3036::ac43:bdac
2606:4700:3036::ac43:c547
2606:4700:3038::6815:e9c6
2606:4700:3038::6815:e9e0
2606:4700::6810:135e
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:800::200a
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2010
2a02:6ea0:c700::1
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:1b::621
38.132.109.186
020040edd71f5370460418702b5320ade44c74ba8b08fc67b01c24d24d48542b
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
061d2a9f61e2b0bb0e37c45e6323f3589e3cede1fa7b1f8e26f7d4e43f8705f1
070c9b0da4922abc4131d06175960abf7a1e83da314e8f2297297b0746f060c1
087000f790987644e6e52f85a1b33578f31e59c535671214ec845ed2f8228db9
08c286d99970d0a239679f3314903503c079e751f27bac7c2090d8366f427070
09fc65f19a36912d87d2080b70c1ca7e5668f1a2df2ebb47200d17d97aace920
0b4d2858fa9003fae24f5d89c05887c1e034a236007ed45cdc3e6a6478485e7c
0cfd3b785d0013ae8fe9334fa210df14c256af82554dfb09daf156bd9776ade9
0d0f09c569df754945ff024c0dcedbc43a076c28c1924b32789dc6ed36538b60
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0fdde61ddebab2512f2d3338cc71738e06e990757966a4a364fc47fb1cf68a17
112b09f3ca15f59e3866109d0286b068f630aa074f80ff5fc22298425e15697b
121cf286c04eba2b8448ec2cc3ecac116387d4dfbacbc466d86b3a2f403bb7d6
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
13a60347aca92ed585d92b03bac4cd32b6cef19c05536dba7a24c89ea664360f
153cf9b5e8dadb8aaffa745cb5b1459cd25650a4cf3767e6d72b68fc3bbfb02f
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
175b434284d6d2f707422f8c6b41f1626ba97233ee6782b517dba1567c9414e0
17b2736cd8c317446407fc8c22dc9497e9462cb9da8fdb6dd757453dd87aecc9
1b165a32a57cb8d55f4068ab46afeb07449f445c3a4b075a0b21cfb935bb04f8
1faaac82724b502fd4188082ba8eb57d14ee80dc00ce04296aa437de86175c28
1fc412d3367cdfda3f30e23b3ac1dcae8ec5afb0bf87acee962d5899798bca8f
200653b4a64f05a238e3d5803895ce534122af75620c4fc2e7d7feedc667b841
21f8145f87fa97c46ad9b55b722db5001076161566e7292d4f1365db93cc87b0
23fa40da733f3191a846c140a00383d34c78a1442f2991494e5ca24437935e11
249d2b04043f46db5a1d8baa34271df719fe75afb139aa595f5dab75e1518de5
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
27896d51cee6585eedee7521c420f1faa6ccd676028137ce3c14a893f63b1e15
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
29ddb33e31450d03ce6ae6bb0715640b375dc8147ac82a14979dd8763b2c7eb3
2a40b1f1c239993b5ca7ddcc6bf406bd3016b3e0d09245ee7ef41218d465f400
2c1c5c5d1f2d5f1d67ea1e934edd0d767f440f9adccf750083cfa5e80b9f2cbb
2c58ccd4cc0694f581b0dac9469104b4e931d24631e4f60b03601d1c536470c0
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ee67efe1ffe971e7103861dbc2cf0bece111eb1fe8dd30e857c477e985aef43
30dd36d16e19db91dededc99edec6655fee9a959dd3bf409e90e42844ca1a2ab
31488c0854dc35a04084db4610918cd889060bbc156c0c3b4814781b4210fec9
32b74cb9a3f03668fb527577c7672a14003b687219571c3b2775d044eb99823a
3400e109c3c0ac28d3270ed364f4e5c63ce203057b0e4c022b91c411d7879256
37338896f8ba38a2dfc2d5779ffd3cceb86bb43ccda8c890f82b52cbcb7d1111
3838372572dfcdcf550505b5f95bb07aebddc2ec7f7d8ca6319ad81d05b8040f
3a20c3d47b37d5f4680e6444bc98f5fa82f64c0a968df468e7d3166df6f3cc16
3a9d4d16ea076c0049d2ed5901fc35246022f3447f21ad62932a5a098f299514
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
4147c9370e4ebee60d47d4bed11469920784bbf58deffda6837e498e024ef05d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442fd32e18792925c5fd06e7eaa076db2911024ae57dff5c947c4cac1bc91965
4483a20c2654b9d6e2074ff3295ce4999d4a70c8ffe879bef504e1b612310b85
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4aa8324b22dc0b60b78a9256598da5faf15e545d3b8403d5b0794f51853972c8
4daeed7136a18c6adde6d5f5baf2bceee7dc0b84bd7ee884dc423f7fc8364b99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
51ed0db575374ee7a46d89ac2af59d78437f254ea7fdece5502c0829add2f810
53b84bccba148296e8e68f4a7e794ccbd7116b1f4ab2645d6bb821e0bcbdfcc5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5b7e58a65f643bc191041f2965b15aeed9d4918054aee3d7cf5ff0f28acf4162
5bbd892cb8301912a90ae8f6750eaf0ec997a48de5c940cedfeae6405edfb4df
5c229a0afd0eb3d170f15f967f574b3745dcafef00616391164f21f84a5f4719
5d1d6528bebab140fb7a7874664a6034cb52054c33da13441c547bb88cc1f5dc
5d4bffebe3fe9e8660ccee8341cd464b69c7480569cd7614f6ebfbeb5db02d4c
5d56c8de43d61d0f7232b2f649441053636a05e9a5b97b6eb28bc9dbf1c70c77
5daf463864709118121d55265e3dc6fc8b6f70d98d4b80cf2751a440799da89b
5f24c43ba57c7a7dee2cd735f62fcb5ed177a6a86429ed48204bda3118b21391
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
622302707a84759de48b76a4a9eb9d6b7f07cb9d08ccfd44d5fa203dc5f7da77
63f6c48f9596bea9abd0ab641e3452dee2bf25d4ae08677e569c6ed11eac1201
6414b748647a4307f074e92e0f3729e8b4500a972b8d78abf8586644bd12374a
642e3bbb563aee76b3689eb2960e7f7ef397e3fb47887c48f2a92fa829e8a7a0
64450b050cea458dd1f8d5c1f4dc32f3712dabef29d62ffa44b6d8f8a1ff78de
6506d22ccc1fe7f82d36fba48221734c50e80884583d8c5bcb276fc8f7892857
66069e949d9fcd983c4758e5fe76d79c5d8ca7ba96b7b38614c20b414166b687
71c573b860097be74af1697495817a1c975491e675a07c2a3e67a9e59b2b5b58
73169e248702ff0d5c942ce7f799d9fd0665727e1dfb1ffa027ed9f5537888f7
732baf0bdd89a464f6f2881414c27037a16a25d56ca407e8e5ce2028769f3ea8
751072868341b633c59118e7d24fecad549b7603839d714e5eabfa667ac0b44b
7581b505ba73ef726eca6c3d7448260b166d0cc67299ebdf41510070a5fb38d1
762c5ecdb3a434d4b740aa043fd39bb82d8ba482fe4e9efc1e6b59e9fcdb0b52
78c6af58f4b8c9c50d9ee0386a6f4572f4a4d6ffa63d3dabff31b3ad8c380a02
7a12f358b0d0eb8cd45b81bf39485969c511224ea79e84980294523b1cd72519
7cebcf026e3e00dd02e26072ab12698694428db8fd53c6a13f35693155a73e4b
81be93f4a1f05377a5e67e552f2f4c48625e8f98644de81920c86aceb7258d85
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
83ad52efe4c75dc2974fcdf014f0e22ff4fcc8af7806b190ba17d85f384d28a4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89d676b503ec11de478b3cb61973ff27e123878d8e2916fd4d317a8d6c3f6005
8c37eba08052194b89be09ca207e41aa184f79736d723e821fce59d4468bd186
8dadb02a0c631469dee6aeda7185cb3a60044fa746b4ad079c917e002c528ef4
8ed8f0fb75420294f5ee43f8aea9e921a9016aa7872d714a153be9cbda5e6573
8edc1b76ceec2edf7d984fd6bb249c27c0d0daa0cb0856e24c16f973fafd0744
92f5f97baf283b473cc64aaa840f580a650e8d1bb8d9df68eaa5203248b7fa5e
9301d7da8f33417008bf65529a8b69f041665089e7d55ec40c6c3e3473139374
948c7766c4595d934180d4dc1793b68a17ade04beb5aac18b58a2cc5ef191181
95135d89e56946ad6c9e219dae637ff5ace5282b8b611c9d5dc4f08d55ac20f7
97d32f1aa8efecdef16415ae531a6a4c94249c8146d0fa49520cdf4849537f0b
9b7400a048c386ef53c82d8760f4b2f7ada0078b67b2fba4aeebf5632876c160
9c6f9515c5d852004aa05f886938822937922be10e0ba3a44e2fc226f5151e6c
9cdf570ba5c08a0443463cd168d41730a8d3bf82953200f4d9bf591708166a66
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9d7dee504e58dd9f6cc663e1430d80e56a596cb9fc1b270e8fb4b2060021b62d
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a294a950ebd89721ab62d0448636dd945a44eaff86e0719b6565f2e9a3918a45
a3004e285913aff903082787e09febdee86828ff3b8982f871018126b1ab25ad
a30cce856f909566c79321f72cd993c864b6542219ee0210583b3080714521bf
a3af0092c4db7023b2b6667236bf7bad96800507687c06ca0279eccc00008f60
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a544f9145084d391c518c00f0daa8374ab6e9b093a203d11f2472e63c345126d
a65081811b85f91aa69523a696d5775b89a10a0619da031bdac3ce2ef43b1a03
a8b2b86cc6492cb8d19e05890f64e48ddc07e46e9ec94b9f89f6e97a923cdf62
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b27dff0c70624da867882b9014e0317e4840513324170d9c5127d5f7322fbc62
b2a958d17e73e36dcd45fb5065c3f0c1788ff5ac9c3b9d9dc9ea9e0f9ef538c0
b441a5330e946d3e3ec8aef5215cf13c23d630241916f3ab8eeeed79ad9d69ea
b4d6893d51163e4b7648990ae998ab4cb5a471b1a28bdf5f3a75274b7bbeb10b
b64ec2fd6d185450420676584d5e7d2a3de1fa60f4feade20d6a7e7b01fc648d
b7209358a9850183c322aa1104f740143c89138b9d52165fbdf770cabd515f1d
ba0b72e563612b26105ab971457d8ef38eca12c38981ff1ff03a979708e3df9f
ba4619790442a9d538baf9c4a732150cedde403915a020e9a6c4687c86f685ac
ba83128b80c6831f855efcfad7d2b62fa3bf284940df241dd31d6f3a6d043647
bada22a899772748a22b664903ad8e1a84f2baaf69abbf70e4b8342c2e4b16c1
bed7d7a4e63300dc0d5269617bac946292dc0f7ba1c5c7f4c005f3c6be467db9
c00291c4a52695e5d3e21d653ad151f02d04dcc1653dabebaef836842570a573
c0492ec60b8dc2d7f1ecd223adb634c1e01369550dade7382f16194cc9713af5
c0c56c642abfad261abc0d33d5ca763ec3adba710877dc5a96ab1261d23f42a3
c15641cf9688e767abcb1200d374138ccb803a7484e62703bc0d4da126aaa747
c24a6c6f71811ce00f4cf7933f01dc6c0866038306aeb0d3b49736bbe0488a94
c2c93945bcd755d614f297c124c60a81724a985c2021e070c541f27a0184f7b7
c43903ae4a445d0f4eb862d33529061155336eefafea946ab878f451b7af3c3f
c4b1bcf4d1a3df553fede373ca9ac94ad96a10025c93f4aae91d7ea4bad2b3d3
c4ecce16c8e193922f49dced1b792337f5e8e9ed11452fa1a3b1d50c98e7fb8f
c622bce87bfbe18823ebc683d9d486c564dd17b5770a228de48e3b36a96d0ba7
c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0
caae838ca4d1182b4da971eb26644751e0e20c4d5e69c61b5650d52c69d9864c
cfe222ae923556c56518cec31f80a224154a3b5c0292147134b9f3f903a7fb0b
d13a8492f8c1ba5bfccf6ec0fccbf64bad5019117d09c26959e0296ccbf614bb
d2df336cfa7ea86eb03e73f5cd20784e2dcf718c93cbf78d9d2da41128d65514
d5e25883a3db54bf2fcef05a758d0a10d6cbcdfa5fc358afd3ea738934713a34
d6886d1ea0d4f080e1332c0e0545623ce495bc50c81852a6fc919948b1fc3e34
d77b9efed6beb85395b7ac668cfc57a353c4b9c57a103a4b0d840469c7b98ccd
d85bb75e61e7b0735519eece339e287c83cfb76b218de01a68dcb4cae89012b3
d8c0298696fd7fb8d0289806f4f03dda67fd0d70eeba9ece9b6966c9b5271fd7
d9794bc2d049afd18714fbcc0ac4357b31e6ac1655410c07e1c7403617716c86
dbad1e0007d84b8b958ff14a1134c91b16791fe0d62ea9513eb3c1787d669a08
dbcc17673429086efa0b18761c355b8e58fba4ae3836817ec641d866da04ae62
ddea7ca2943432d5ed94a6f5d3f42161298bc1d86afc889d42bcfa4195262fab
de1ed74eb454d254db4f707c40bb7a1516fc826163c8c8ed6dda1631c7340729
de81d0537549bfd11d5efbfb5723df210e6aeb23b23f26b2f1e3dfbb5f2977c1
e04c4eb599442e0b4e5a395b4fa647e6ed0ed31df0823d41a4ede15c4f056c38
e098db1c57d847f7c27165ba059b1a5fb734a16067c589ed1b8107d89e8cb5ee
e10e39eb992ab76793b8763bb8310d1cadde7ec0b9c77257f29abbef8ec6913e
e31ccc3fc5b23e21fb725d0c4c8e87ee7cafbd6e251241510839ba87f63cffb6
e35152b1a81370e3a0c7d2a8cf1e632ff220b0debc823b8a47d35b2d4be2b348
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d6c9f6063b8a9f672a0d788f66457b403ca145948196d0e56ff353a1017ad4
e3fea4e662ea94fea0567a7f037ea83cb1b725ab084d6ac3fafc5acc3ea4962c
e4795109c0265337e4d7c5b51715a5defed370269a793ab9724ed1d7b815d701
e7124b5361e85f3b312ebbd14c84f948f7db19b358837fc49fc17f6cd79053e8
e7b64efea7eeb3d75c35df53c38c70aed86299c65d9dfc2a5ec6f3ff2fdf3754
e7fa5793ba107f1ab0ea006672718b9f42de2858c47930c0b0afca6530ebf202
e97a6282cf66163cc0ba1ba2e35c0d52612296b12bacd9e79741ccd5fc47e525
e9cd9883312f5f062352c8dd8bb3ff0f997f9f55355749958f727e238ca94907
ec59da272a5eacd19abedbcb5672a3daf9889760e9e26e2027ac28dec2a23234
ec80805a24239356461ea559a6b4a0c5a010235d3209bfa4a4f755ce3ba6dc92
ed88737439cff78ba90b0b45b9ed616b5f25756993e948c1252679f864d1c063
edaab30f47124e26215134c29907cd17f64acfbd3f87f07958a9c8da889c6af4
ef93e60baadbc44ebef9252db1f137f4a1ee342ed1b495b784a6b236d7c36a10
f34eec8fc52197f2421193bdc9245f4076eb6e4033cb401132bbcc561e70adea
f476109cd8f83f8dca437cb6455660539e9589369c78ad8c313172934fbc9f81
f6bd028aca443fd72e502836831a19b4baa2f89bab47bb6b10b35201ef563da7
f8a3742eef538f5e19aace8f822992a7e27c4fab2d1faeed1b6accb02699677c
f8b1d77c0d375205f559ff01f7bab4b87002a2eea1ea6abc00b8d6cb9c902d93

japangaysex.com Open in urlscan Pro 2606:4700:3038::6815:e9e0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

247 Requests

87 %HTTPS

62 %IPv6

47 Domains

58 Subdomains

52 IPs

5 Countries

7380 kBTransfer

14154 kBSize

0 Cookies

13 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

japangaysex.com Open in urlscan Pro
2606:4700:3038::6815:e9e0 Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

87 %
HTTPS

62 %
IPv6

47
Domains

58
Subdomains

52
IPs

5
Countries

7380 kB
Transfer

14154 kB
Size

0
Cookies

247 HTTP transactions
1 data transactions