urlscan.io logo urlscan.io
SecurityTrails logo

girlsandtheir.webcam Open in urlscan Pro
2606:4700:3031::6815:3b44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nudeposingsexy.blogspot.com/
Effective URL: http://girlsandtheir.webcam/&_=1665990614964
Submission: On October 17 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::6815:3b44, located in United States and belongs to CLOUDFLARENET, US. The main domain is girlsandtheir.webcam.
This is the only time girlsandtheir.webcam was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
nudeposingsexy.blogspot.com
2    2a00:1450:4001:802::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
goo.gl
1    195.20.48.134 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
lashunda.mleot9.ga
4    2606:4700:3031::6815:3b44 (United States)

ASN13335 (CLOUDFLARENET, US)
girlsandtheir.webcam
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2600:9000:2250:ba00:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
afs.googlesyndication.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
afs.googleusercontent.com
Apex Domain
Subdomains		 Transfer
4 cloudfront.net
d38psrni17bvxu.cloudfront.net
21 KB
4 girlsandtheir.webcam
girlsandtheir.webcam
9 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
54 KB
2 googleusercontent.com
afs.googleusercontent.com — Cisco Umbrella Rank: 13219
1 KB
2 googlesyndication.com
afs.googlesyndication.com — Cisco Umbrella Rank: 60418
56 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 8726
63 KB
2 blogspot.com
nudeposingsexy.blogspot.com
10 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
634 B
1 mleot9.ga
lashunda.mleot9.ga
883 B
1 goo.gl
goo.gl — Cisco Umbrella Rank: 9307
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
905 B
22 11
Domain Requested by
4 d38psrni17bvxu.cloudfront.net girlsandtheir.webcam
d38psrni17bvxu.cloudfront.net
4 girlsandtheir.webcam lashunda.mleot9.ga
d38psrni17bvxu.cloudfront.net
girlsandtheir.webcam
3 www.google.com girlsandtheir.webcam
2 afs.googleusercontent.com afs.googlesyndication.com
2 afs.googlesyndication.com www.google.com
afs.googlesyndication.com
2 www.blogger.com nudeposingsexy.blogspot.com
2 nudeposingsexy.blogspot.com nudeposingsexy.blogspot.com
1 partner.googleadservices.com www.google.com
1 lashunda.mleot9.ga nudeposingsexy.blogspot.com
1 goo.gl 1 redirects
1 fonts.googleapis.com nudeposingsexy.blogspot.com
22 11

This site contains no links.

Subject Issuer Validity Valid
*.blogger.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://girlsandtheir.webcam/&_=1665990614964
Frame ID: 7044F4B96A4909C5BE8A269B9D094F76
Requests: 18 HTTP requests in this frame

Frame: https://afs.googlesyndication.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2540080986034888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300934%2C17300936%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=1321665990615387&num=0&output=afd_ads&domain_name=girlsandtheir.webcam&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665990615391&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fgirlsandtheir.webcam%2F%26_%3D1665990614964&referer=http%3A%2F%2Flashunda.mleot9.ga%2F&adbw=master-1%3A530
Frame ID: 17412F3A2487944B79CCC3973E435735
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

girlsandtheir.webcam

Page URL History Show full URLs

  1. http://nudeposingsexy.blogspot.com/ Page URL
  2. http://goo.gl/1uySXJ HTTP 307
    https://goo.gl/1uySXJ HTTP 302
    http://lashunda.mleot9.ga/kaiz_70821099.rm Page URL
  3. http://girlsandtheir.webcam/&_=1665990614964 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

22
Requests

41 %
HTTPS

82 %
IPv6

11
Domains

11
Subdomains

10
IPs

3
Countries

216 kB
Transfer

540 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nudeposingsexy.blogspot.com/ Page URL
  2. http://goo.gl/1uySXJ HTTP 307
    https://goo.gl/1uySXJ HTTP 302
    http://lashunda.mleot9.ga/kaiz_70821099.rm Page URL
  3. http://girlsandtheir.webcam/&_=1665990614964 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://goo.gl/1uySXJ HTTP 307
  • https://goo.gl/1uySXJ HTTP 302
  • http://lashunda.mleot9.ga/kaiz_70821099.rm

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nudeposingsexy.blogspot.com/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://nudeposingsexy.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9b9eeecaf85fafdc05fdb5af1839825d3c2dfa86d3fd3438c0c019f9ca7d747b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
7078
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:10:13 GMT
ETag
W/"0f617b4301e30e9b6487a0c3d664ccc9dc2cc98b53f6bfb37c01c2eedf9e2e98"
Expires
Mon, 17 Oct 2022 07:10:13 GMT
Last-Modified
Sat, 11 Dec 2021 03:03:44 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: nudeposingsexy.blogspot.com
URL: http://nudeposingsexy.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nudeposingsexy.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 16 Oct 2022 20:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6620
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 04:49:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Mon, 16 Oct 2023 20:06:46 GMT
css
fonts.googleapis.com/ 		374 B
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Carter+One
Requested by
Host: nudeposingsexy.blogspot.com
URL: http://nudeposingsexy.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b82583f6ab80c987432f6349b7d4ee779d6b7b14492f2d0166c69d21ce47eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nudeposingsexy.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Mon, 17 Oct 2022 07:10:13 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Mon, 17 Oct 2022 07:10:13 GMT
cookienotice.js
nudeposingsexy.blogspot.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nudeposingsexy.blogspot.com/js/cookienotice.js
Requested by
Host: nudeposingsexy.blogspot.com
URL: http://nudeposingsexy.blogspot.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nudeposingsexy.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:10:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 17 Oct 2022 05:52:40 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
2026
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Mon, 24 Oct 2022 07:10:13 GMT
1583485740-widgets.js
www.blogger.com/static/v1/widgets/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1583485740-widgets.js
Requested by
Host: nudeposingsexy.blogspot.com
URL: http://nudeposingsexy.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://nudeposingsexy.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 00:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56805
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 02:49:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Tue, 17 Oct 2023 00:05:04 GMT
kaiz_70821099.rm
lashunda.mleot9.ga/
Redirect Chain
  • http://goo.gl/1uySXJ
  • https://goo.gl/1uySXJ
  • http://lashunda.mleot9.ga/kaiz_70821099.rm
545 B
883 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lashunda.mleot9.ga/kaiz_70821099.rm
Requested by
Host: nudeposingsexy.blogspot.com
URL: http://nudeposingsexy.blogspot.com/
Protocol
HTTP/1.1
Server
195.20.48.134 , Netherlands, ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://nudeposingsexy.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
545
Content-Type
text/html;charset=UTF-8
Date
Mon, 17 Oct 2022 07:10:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx
X-Server
ip-172-31-1-132

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-OPG9tRxnsSbZUt0xrKi2Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Mon, 17 Oct 2022 07:10:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
http://lashunda.mleot9.ga/kaiz_70821099.rm
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Primary Request &_=1665990614964
girlsandtheir.webcam/ 		10 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://girlsandtheir.webcam/&_=1665990614964
Requested by
Host: lashunda.mleot9.ga
URL: http://lashunda.mleot9.ga/kaiz_70821099.rm
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:3b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3403ab7ecbef9cb9e451bb4555ebaef8812dbc48663366fda6817c67370ec943

Request headers

Referer
http://lashunda.mleot9.ga/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
CF-Cache-Status
DYNAMIC
CF-RAY
75b736a04fa39a2f-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Oct 2022 07:10:15 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhMNk1LxEQSvWLm0esK9Y3Ge%2FIEds9SeOvdLAwC7KsOQ8IPYEBZD4UHHZVID%2BaRK%2BQ0ApXqFE3l1ln170iwneaKqSm%2FPFJzrG1ByFEmp3mE0ov2dNUOvVoMXGaxIW4HN6pcYArJ5RvXiaKafkRwEa0m%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hel4OIsxsF0dpCGxWT1hxvCq/RGSCW/yM25CeXpKmr22/EXjwTzZU9uOr+TUHko86GnJFbX4ieawB5Lx7UIzSg==
X-Buckets
bucket011
X-Language
german
X-Template
tpl_CleanPeppermintBlack_twoclick
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
caf.js
www.google.com/adsense/domains/ 		145 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/domains/caf.js
Requested by
Host: girlsandtheir.webcam
URL: http://girlsandtheir.webcam/&_=1665990614964
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
283b2a6688d19df843723d28bc2d90fdf47fd497eb8f1d78a8a4ce58b54916d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:10:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="ads-afs-ui"
ETag
"17515258604098475718"
Vary
Accept-Encoding
Report-To
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Expires
Mon, 17 Oct 2022 07:10:15 GMT
style.css
d38psrni17bvxu.cloudfront.net/themes/assets/ 		829 B
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/assets/style.css
Requested by
Host: girlsandtheir.webcam
URL: http://girlsandtheir.webcam/&_=1665990614964
Protocol
HTTP/1.1
Server
2600:9000:2250:ba00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 07:34:23 GMT
Content-Encoding
gzip
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Last-Modified
Tue, 12 May 2020 14:25:52 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
84952
ETag
W/"5ebab1f0-33d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
rKezomLvj8ZOLKZ8GYbDFrg6sJRlDv_VLZ4OECjR1KosNtavo0qEvw==
style.css
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
Requested by
Host: girlsandtheir.webcam
URL: http://girlsandtheir.webcam/&_=1665990614964
Protocol
HTTP/1.1
Server
2600:9000:2250:ba00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d9d67a9789d5456d07acf0c92b41d2b31e269939d490d522dba8a99f3aa61c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:34:11 GMT
Content-Encoding
gzip
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
2164
ETag
W/"62b4441b-555"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
1yq3VZUptbVSLn44Wt84ULQ5n1mCWZap-VrcSWOcKyCeYqFuSEukpA==
js3caf.js
d38psrni17bvxu.cloudfront.net/scripts/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Requested by
Host: girlsandtheir.webcam
URL: http://girlsandtheir.webcam/&_=1665990614964
Protocol
HTTP/1.1
Server
2600:9000:2250:ba00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 02:32:48 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 14 Jan 2021 10:54:01 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
16647
ETag
"600022c9-1b58"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7000
X-Amz-Cf-Id
_EQTSEidbZM9lqBZ7MKicoIFFujfnE5XEWttE-17MR8WFgeiQhh-jA==
track.php
girlsandtheir.webcam/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://girlsandtheir.webcam/track.php?domain=girlsandtheir.webcam&toggle=browserjs&uid=MTY2NTk5MDYxNS4xNzU2OmEwMDRlOGNjZmI1ZGJlYThiNTU0Yjk4MGRkMDY0Nzc3MDdiMDM0NzdmMzEwNTY0NjExYTAyZmNmZWNkYTEwOTM6NjM0Y2ZmZDcyYWUxMA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:3b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/&_=1665990614964
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:10:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
cloudflare
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk9P0v%2Bdb8nVUSK%2FlSdjJek%2BC68QofdFnCQFax%2BSzDF8XpKhFiaxK4Hp7Pn6T2Ia%2Fq%2F0ATu5GWjKQViW8942YvSB5uBZ8qz6DGQXbjaNP2zIJvlWQKxsPyb5jBS7nZdED1gNsTYKn4zGeso06gER2asWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
75b736a1cac39a2f-FRA
ls.php
girlsandtheir.webcam/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://girlsandtheir.webcam/ls.php
Requested by
Host: girlsandtheir.webcam
URL: http://girlsandtheir.webcam/&_=1665990614964
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:3b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://girlsandtheir.webcam/&_=1665990614964
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 17 Oct 2022 07:10:15 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ZgLe6ThmBslyyiOT7urMThBzXc7RgCYSlzH7XmAj02ikdlg6C2cNLcO/+NKJt3wuuVuXcL0gftfeO0Q1il2dYw==
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
cloudflare
Access-Control-Max-Age
86400
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
http://girlsandtheir.webcam
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gn%2BekYGwZKtudiAekaSptMoUXPMDnjh8sywxca15xsMBX2xcK%2BLydmChtiy%2FT75Cvg9J5l5c4KyIpQezCCBR5OAaglYR1BVhgrRrugSlklLZM4GkgX1t6NSEKfiikhSesk910%2B6w3veNQTFviEbDJ1ye1g%3D%3D"}],"group":"cf-nel","max_age":604800}
X-Log-Success
634cffd714c8250e62138f0e
CF-RAY
75b736a21b4a9a2f-FRA
cookie.js
partner.googleadservices.com/gampad/ 		197 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=girlsandtheir.webcam&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99db96c0ef59030cd3bee0d7a7d38dad2cd62e79362427e5d6800ad1ff08f1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
arrows.png
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
Protocol
HTTP/1.1
Server
2600:9000:2250:ba00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sun, 16 Oct 2022 09:14:38 GMT
Via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
Last-Modified
Thu, 23 Jun 2022 10:44:43 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
78937
ETag
"62b4441b-2c6f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11375
X-Amz-Cf-Id
TzmWFzQVJWA4KC5AuBpZ257K7a954OpTD_EfuwAajkirTIO1zbPdrQ==
ads
afs.googlesyndication.com/afs/ Frame 1741 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://afs.googlesyndication.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2540080986034888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300934%2C17300936%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=1321665990615387&num=0&output=afd_ads&domain_name=girlsandtheir.webcam&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665990615391&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fgirlsandtheir.webcam%2F%26_%3D1665990614964&referer=http%3A%2F%2Flashunda.mleot9.ga%2F&adbw=master-1%3A530
Requested by
Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
gws /
Resource Hash
c252cf1521d50de4ad2e271a60039c4b4bea1a887bec7a3f397a74f065ce4dc2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://girlsandtheir.webcam/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-disposition
inline
content-encoding
br
content-length
2057
content-type
text/html; charset=UTF-8
date
Mon, 17 Oct 2022 07:10:15 GMT
expires
Mon, 17 Oct 2022 07:10:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
gws
x-xss-protection
0
caf.js
afs.googlesyndication.com/adsense/domains/ Frame 1741 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://afs.googlesyndication.com/adsense/domains/caf.js?pac=0
Requested by
Host: afs.googlesyndication.com
URL: https://afs.googlesyndication.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2540080986034888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300934%2C17300936%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=1321665990615387&num=0&output=afd_ads&domain_name=girlsandtheir.webcam&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665990615391&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fgirlsandtheir.webcam%2F%26_%3D1665990614964&referer=http%3A%2F%2Flashunda.mleot9.ga%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
sffe /
Resource Hash
98d08d8b64669a4bdbad4cc342a43cd94ea7e09ab9ed33de5722ff7e087531a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://afs.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 07:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"8030496508888920225"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Mon, 17 Oct 2022 07:10:15 GMT
search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1741 		391 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
Requested by
Host: afs.googlesyndication.com
URL: https://afs.googlesyndication.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2540080986034888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300934%2C17300936%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=1321665990615387&num=0&output=afd_ads&domain_name=girlsandtheir.webcam&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665990615391&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fgirlsandtheir.webcam%2F%26_%3D1665990614964&referer=http%3A%2F%2Flashunda.mleot9.ga%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://afs.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Oct 2022 11:40:04 GMT
age
70211
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
270
x-xss-protection
0
last-modified
Thu, 19 Dec 2019 14:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Mon, 17 Oct 2022 10:40:04 GMT
chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 1741 		200 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
Requested by
Host: afs.googlesyndication.com
URL: https://afs.googlesyndication.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2540080986034888&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300934%2C17300936%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r3%7Cs&nocache=1321665990615387&num=0&output=afd_ads&domain_name=girlsandtheir.webcam&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1665990615391&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=754&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fgirlsandtheir.webcam%2F%26_%3D1665990614964&referer=http%3A%2F%2Flashunda.mleot9.ga%2F&adbw=master-1%3A530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://afs.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Oct 2022 16:53:56 GMT
age
51379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
174
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 21:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="afs-native-asset-managers"
vary
Accept-Encoding
report-to
{"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type
image/svg+xml
cache-control
public, max-age=82800
accept-ranges
bytes
expires
Mon, 17 Oct 2022 15:53:56 GMT
track.php
girlsandtheir.webcam/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://girlsandtheir.webcam/track.php?domain=girlsandtheir.webcam&caf=1&toggle=answercheck&answer=yes&uid=MTY2NTk5MDYxNS4xNzU2OmEwMDRlOGNjZmI1ZGJlYThiNTU0Yjk4MGRkMDY0Nzc3MDdiMDM0NzdmMzEwNTY0NjExYTAyZmNmZWNkYTEwOTM6NjM0Y2ZmZDcyYWUxMA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:3b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/&_=1665990614964
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 07:10:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server
cloudflare
X-Custom-Track
answercheck
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0pGVT8L175BckLVEJwi6lZSKYUcW4K67FuLGWpDqXWzEzBC303lAQjTiSz22Vva2qqxdqp%2BbsyJOYlt%2F4juOhBCvmeZ%2FHVwzM0o1e%2FVCm1Vk%2FSckvaV%2Bw3h763kcGbc8Nxxa7P%2BEZUZgSM8BfQGpDvu1w%3D%3D"}],"group":"cf-nel","max_age":604800}
CF-RAY
75b736a40f3b9a2f-FRA
gen_204
www.google.com/afs/ 		0
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=i777apw6x3bo&aqid=1_9MY5jQH7-YmLAP6ri6yAw&psid=6016880802&pbt=bs&adbx=535&adby=93&adbh=485&adbw=530&adbah=156%2C156%2C156&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=480127119&csala=18%7C0%7C177%7C73%7C84&lle=0&llm=1000&ifv=1&usr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 17 Oct 2022 07:10:17 GMT
server
gws
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
www.google.com/afs/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/afs/gen_204?client=dp-teaminternet09_3ph&output=uds_ads_only&zx=wb42b9ho8a9y&aqid=1_9MY5jQH7-YmLAP6ri6yAw&psid=6016880802&pbt=bv&adbx=535&adby=93&adbh=485&adbw=530&adbah=156%2C156%2C156&adbn=master-1&eawp=partner-dp-teaminternet09_3ph&errv=480127119&csala=18%7C0%7C177%7C73%7C84&lle=0&llm=1000&ifv=1&usr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://girlsandtheir.webcam/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 17 Oct 2022 07:10:17 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation number| googleNDT_ number| googleAltLoader object| google function| showImprint function| showPolicy object| tcblock object| searchboxBlock boolean| isAdult string| xbase number| xt_auto_load string| ads string| pop_cats string| rxid object| pcrewAdloaded string| uniqueTrackingID string| search boolean| is_afs string| country string| themedata string| domain string| scriptPath string| adtest boolean| useFallbackTerms boolean| pageLoadedCallbackTriggered boolean| fallbackTriggered boolean| formerCalledArguments object| pageOptions function| x function| getXMLhttp function| ajaxQuery function| ajaxBackfill number| waitTime number| timeout number| waitStep function| listenFor1TierResponse object| xmlHttp function| loadFeed function| relatedCallback function| relatedFallback undefined| links function| ls function| __sasCookie

3 Cookies

Domain/Path Name / Value
lashunda.mleot9.ga/ Name: JSESSIONID
Value: 2BF8D31F31A1BAFC037CBF7187E8947F
.girlsandtheir.webcam/ Name: __gsas
Value: ID=c4fc83d49f662276:T=1665990615:S=ALNI_MabH4mjomAGNAToSL03zPwaQuT3Rw
.google.com/ Name: NID
Value: 511=WTmoiItmq4-kUMcBzwjnMNTvDGsqNNvY5rtjW2xIimi515IYfKtD9FwnWX_-YwMi-4dmnX27tck_82mFQ3mt6qlliPSerX_Jd7vGluwu_SdClqvBiVdQBIXJZ3aE_egWeEYbRevdVLALMoEkdGCugNFGkPPhvs6vDKgR5TVKgbE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googlesyndication.com
afs.googleusercontent.com
d38psrni17bvxu.cloudfront.net
fonts.googleapis.com
girlsandtheir.webcam
goo.gl
lashunda.mleot9.ga
nudeposingsexy.blogspot.com
partner.googleadservices.com
www.blogger.com
www.google.com
172.217.23.98
195.20.48.134
2600:9000:2250:ba00:1d:4618:5c80:21
2606:4700:3031::6815:3b44
2a00:1450:4001:802::2009
2a00:1450:4001:809::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
17c7a89bf169c2ee400e31b042cea68513f06b9cd7d1e8990dbec800f0d771c7
283b2a6688d19df843723d28bc2d90fdf47fd497eb8f1d78a8a4ce58b54916d0
3403ab7ecbef9cb9e451bb4555ebaef8812dbc48663366fda6817c67370ec943
5d9d67a9789d5456d07acf0c92b41d2b31e269939d490d522dba8a99f3aa61c1
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b
98d08d8b64669a4bdbad4cc342a43cd94ea7e09ab9ed33de5722ff7e087531a5
99db96c0ef59030cd3bee0d7a7d38dad2cd62e79362427e5d6800ad1ff08f1f0
9b82583f6ab80c987432f6349b7d4ee779d6b7b14492f2d0166c69d21ce47eba
9b9eeecaf85fafdc05fdb5af1839825d3c2dfa86d3fd3438c0c019f9ca7d747b
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
c252cf1521d50de4ad2e271a60039c4b4bea1a887bec7a3f397a74f065ce4dc2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855