urlscan.io logo urlscan.io
SecurityTrails logo

https.waphall.com Open in urlscan Pro
54.36.158.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://soo.gd/teens-bfwd
Effective URL: http://https.waphall.com/
Submission: On October 30 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 44 HTTP transactions. The main IP is 54.36.158.42, located in France and belongs to OVH, FR. The main domain is https.waphall.com.
This is the only time https.waphall.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.36.158.42 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.243.59.12 39572 (ADVANCEDH...)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 178.33.123.218 16276 (OVH)
1 31.192.112.221 48684 (VIKINGHOST)
1 2620:116:800d... 16509 (AMAZON-02)
1 172.104.29.90 63949 (LINODE-AP...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2 2600:9000:20d... 16509 (AMAZON-02)
5 66.254.122.110 29789 (REFLECTED)
1 2 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
44 22
1    2606:4700:3031::6812:3a9c (United States)

ASN13335 (CLOUDFLARENET, US)
soo.gd
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
pagead2.googlesyndication.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
42e64602b1137c9049b0223e2ec6ae28.safeframe.googlesyndication.com
1    54.36.158.42 (France)

ASN16276 (OVH, FR)
PTR: lb.xtgem.com
https.waphall.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl14439257.profitablegate.com
2    2606:4700:3034::ac43:bbbc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popmyads.com
popmyads.com
2    2606:4700:3036::6818:72e2 (United States)

ASN13335 (CLOUDFLARENET, US)
widget.supercounters.com
5    178.33.123.218 (France)

ASN16276 (OVH, FR)
PTR: d2.xtgem.com
6.thumbs.xtstatic.com
enif.images.xtstatic.com
cif.images.xtstatic.com
xtgem.com
1    31.192.112.221 (Netherlands)

ASN48684 (VIKINGHOST, NL)
bngpt.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    172.104.29.90 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com
www.supercounters.com
1    2606:4700::6812:6528 (United States)

ASN13335 (CLOUDFLARENET, US)
camnude.chaturbate.com
2    2606:4700:e4::ac40:a716 (United States)

ASN13335 (CLOUDFLARENET, US)
creative.clbjmp.com
2    2600:9000:20d7:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    66.254.122.110 (Amsterdam, Netherlands)

ASN29789 (REFLECTED, US)
i.bongacash.com
2    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2606:4700::6810:7544 (United States)

ASN13335 (CLOUDFLARENET, US)
i.bimbolive.com
Domain Requested by
5 i.bongacash.com bngpt.com
i.bongacash.com
https.waphall.com
2 pixel.quantserve.com 1 redirects https.waphall.com
2 rules.quantcount.com 1 redirects https.waphall.com
2 xtgem.com https.waphall.com
2 creative.clbjmp.com https.waphall.com
2 widget.supercounters.com https.waphall.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 i.bimbolive.com https.waphall.com
1 camnude.chaturbate.com https.waphall.com
1 www.supercounters.com widget.supercounters.com
1 cif.images.xtstatic.com https.waphall.com
1 enif.images.xtstatic.com https.waphall.com
1 edge.quantserve.com https.waphall.com
1 bngpt.com https.waphall.com
1 6.thumbs.xtstatic.com https.waphall.com
1 popmyads.com https.waphall.com
1 cdn.popmyads.com 1 redirects
1 pl14439257.profitablegate.com https.waphall.com
1 https.waphall.com soo.gd
1 42e64602b1137c9049b0223e2ec6ae28.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagmanager.com soo.gd
1 www.googletagservices.com soo.gd
1 soo.gd
44 28
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-19 -
2021-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
bngpt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-24 -
2021-03-24		 a year crt.sh
*.highwebmedia.com
DigiCert ECC Secure Server CA		 2019-10-02 -
2021-10-04		 2 years crt.sh
*.xtgem.com
Let's Encrypt Authority X3		 2020-10-30 -
2021-01-28		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.bongacash.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-05 -
2021-06-03		 a year crt.sh

This page contains 14 frames:

Primary Page: http://https.waphall.com/
Frame ID: 9EEA2F808020213DCEACD9C97D4362BB
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B0A4DF2EF83447B7337BBC986C748C2B
Requests: 1 HTTP requests in this frame

Frame: http://enif.images.xtstatic.com/tp.gif
Frame ID: A98C77DB4726A776F8A328CC67A07970
Requests: 1 HTTP requests in this frame

Frame: http://cif.images.xtstatic.com/tp.gif
Frame ID: BD8E42EA02087AB7F1BCC2FDAD5DCE0E
Requests: 1 HTTP requests in this frame

Frame: https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Frame ID: 338AED682E1F9C224CDD370102E684DD
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/v3.html
Frame ID: 422A5E63244C77AA8963C859945AF94F
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: 772B99CE33C366671CCF5E4D1E4F4CBB
Requests: 1 HTTP requests in this frame

Frame: https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Frame ID: 6897719277B815E2F54DE023EC3E67C1
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/v3.html
Frame ID: C4CE4B9F94EBA65846598ABE99252991
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: 25E0300472F9BE2E74EEFA700339C985
Requests: 1 HTTP requests in this frame

Frame: https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Frame ID: F50004AA65DD57A347EFCCE3DED9160F
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/v3.html
Frame ID: 6992B724010AE91C347FCB9928E970CE
Requests: 1 HTTP requests in this frame

Frame: https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Frame ID: 65A5573BE98674028A6E892968E95AEA
Requests: 1 HTTP requests in this frame

Frame: https://creative.clbjmp.com/widgets/v3.html
Frame ID: 44CEDB252976767AD83E3A57F38C733A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://soo.gd/teens-bfwd Page URL
  2. http://https.waphall.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

44
Requests

61 %
HTTPS

67 %
IPv6

21
Domains

28
Subdomains

22
IPs

4
Countries

295 kB
Transfer

772 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://soo.gd/teens-bfwd Page URL
  2. http://https.waphall.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://cdn.popmyads.com/pma.js HTTP 301
  • https://popmyads.com/x/pma
Request Chain 34
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js HTTP 301
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Request Chain 38
  • http://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=waphall.com;je=0;sr=1600x1200x24;dst=1;et=1604072832420;tzo=-60;ogl=type.website%2Ctitle.topmodel%20-%20Free%20Adult%20Live%20Webcams!%2Cdescription.Enjoy%20free%20chat%20and%20live%20webcam%20broadcasts%20from%20amateurs%20and%20exhibitionists%20arou HTTP 301
  • https://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=waphall.com;je=0;sr=1600x1200x24;dst=1;et=1604072832420;tzo=-60;ogl=type.website%2Ctitle.topmodel%20-%20Free%20Adult%20Live%20Webcams!%2Cdescription.Enjoy%20free%20chat%20and%20live%20webcam%20broadcasts%20from%20amateurs%20and%20exhibitionists%20arou

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
teens-bfwd
soo.gd/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soo.gd/teens-bfwd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:3a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e072b760556d7a92141fd39868a4b20775d90a3614b2b8b5fc1158e2d22b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
soo.gd
:scheme
https
:path
/teens-bfwd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 30 Oct 2020 15:47:10 GMT
content-type
text/html; Charset=UTF-8;charset=UTF-8
set-cookie
__cfduid=dc47f32ae8f201184445fd8ce56bed6191604072830; expires=Sun, 29-Nov-20 15:47:10 GMT; path=/; domain=.soo.gd; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
cache-control
no-cache, must-revalidate, max-age=0
pragma
no-cache
x-robots-tag
noindex, nofollow
i-am
Alpha
strict-transport-security
max-age=31536000; includeSubdomains;
cf-cache-status
DYNAMIC
cf-request-id
061bca0ce6000096c2a0844000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zmLC%2Fum4boE5%2BaxTtHbZRGvvu9v8MPHAcL8AbD9c5TQ6kvxBUGSiPA9KdveNhedj3BtEhFqFla%2F%2FU3PMlsti2gZ1MZKKoth8ad4CsqsVwPh%2FoKE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ea645f4a90e96c2-FRA
content-encoding
br
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: soo.gd
URL: https://soo.gd/teens-bfwd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc583b22fd998d0d6d0a6648c2269c3a3a4f96eb6d413bb2ca2f6edaf33bbdbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"678 / 325 of 1000 / last-modified: 1604056334"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17895
x-xss-protection
0
expires
Fri, 30 Oct 2020 15:47:10 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-2
Requested by
Host: soo.gd
URL: https://soo.gd/teens-bfwd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4f53d8c6de0b7cdc669e240865ffd0ec3fa96391b3a58a7048531016461f0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38202
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Oct 2020 15:47:10 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
7065
date
Fri, 30 Oct 2020 13:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 30 Oct 2020 15:49:25 GMT
pubads_impl_2020102701.js
securepubads.g.doubleclick.net/gpt/ 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Oct 2020 08:51:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98225
x-xss-protection
0
expires
Fri, 30 Oct 2020 15:47:10 GMT
collect
www.google-analytics.com/j/ 		1 B
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=348254076&t=pageview&_s=1&dl=https%3A%2F%2Fsoo.gd%2Fteens-bfwd&ul=en-us&de=UTF-8&dt=teens-bfwd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=131596658&gjid=1918457538&cid=225485671.1604072831&tid=UA-31510493-2&_gid=610759786.1604072831&_r=1&gtm=2oual2&z=1179397020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 15:47:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://soo.gd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=soo.gd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=soo.gd
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		418 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3687592809778666&correlator=3143919889686391&output=ldjh&impl=fif&eid=21068118%2C21068385&vrg=2020102701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201030&iu_parts=5837603%2CSGD_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1604072830&dt=1604072830866&dlt=1604072830623&idt=225&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1216140633&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsoo.gd%2Fteens-bfwd&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x423&msz=0x0&ga_vid=225485671.1604072831&ga_sid=1604072831&ga_hid=348254076&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://soo.gd
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42e64602b1137c9049b0223e2ec6ae28.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://42e64602b1137c9049b0223e2ec6ae28.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
Primary Request Cookie set /
https.waphall.com/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://https.waphall.com/
Requested by
Host: soo.gd
URL: https://soo.gd/teens-bfwd
Protocol
HTTP/1.1
Server
54.36.158.42 , France, ASN16276 (OVH, FR),
Reverse DNS
lb.xtgem.com
Software
/
Resource Hash
5f666ff6e65f4f04bc582e17d44ccd198a30148a6e0c73fc71b8d467755e1ffc

Request headers

Host
https.waphall.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:10 GMT
Vary
Host,Accept-Encoding
Set-Cookie
_xta_uid=08d523d98061624c515c670e2d7fc821; expires=Sun, 30-Oct-2022 15:47:11 GMT; Max-Age=63072000; path=/; domain=.waphall.com; httponly _xta_vid=f7176d4d6955877efff37d456365ad89-1604072831; expires=Fri, 30-Oct-2020 16:17:11 GMT; Max-Age=1800; path=/; domain=.waphall.com; httponly
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Pragma
no-cache
Expires
Wed, 17 Sep 1975 21:32:10 GMT
Content-Encoding
gzip
Content-Length
5136
Content-Type
text/html;charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020102701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 30 Oct 2020 15:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6676
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102701.js?21068385
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Fri, 30 Oct 2020 15:47:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B0A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://soo.gd/teens-bfwd
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://soo.gd/teens-bfwd

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Fri, 30 Oct 2020 15:19:22 GMT
expires
Sat, 30 Oct 2021 15:19:22 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1669
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020102701&jk=3687592809778666&bg=!_f6l_t7NAAVp0lmVaVhYo9OPYu6B3AIAAABdUgAAAA0KAOrCDkKH_es0tWa7d1ywcdkXVjteaq7S50BpBGgeNzZuquCdkLP0vd8AQDHHwm31CyWzZ27hdAwR9CJ8AayC2FMhjH61VCOhtUYsgWKhWZWErp8l9sCUaFd8EE4KoHAdAtB53EB95nJVI1N1nqV7oKThO8r5vp5pRmBsXG6zt0HBg_Be2C07M4BXjlX0vvROfiCPkCl2c7XGsOvHjREeOvYnB96nI5e3n3I38JVwlycrSKzWF9ZwDWghGKJlU4uGZ6VzoSCNh74OU7zgyH_wc03kTzkuLcrtLHoKk-0rJhXSQhjZbsONaBDnSWqZAa2rtpRrln3TR_wNd4h9_kZn20JY9Cj8pCV79xQfSP4xM6skaktpmGeicGC0HPZ5g7tWBBuTvj6i9Q5T0Q2No9TAOxanSY_DTPMcjgDh6wavkc9Wqvpjs_FMTiSkUW4qFsnGQERSz_5-1OqbRLqx3mlLz-ChSywK_Y9vrbHrs9unOPpO5dor-_ZYuToOH8FzepRkDLY3e4U-d8DxKZANol4OMH6gcMJO1IfIlosZcJiuyFV6eGLJniCVDO4bo4mxVGXQZ5G7MAeY6viWvgmE_dtA8Bia3M7U_rqiDPhOZf2vBUEX0Y0zSmulsFwu23tdSHjqfwNinU6S_9n_zU5IkDh84umjeNa974ExlQz7Qp74P6I33iBn1Y77HeM0UxOI_4cFLLhCfl5KMxRtOnV_yuB9Bx-eePbzYjKofa9TzaL-1vCocQXWn5EQzd9xR-kLppiF2bPbY18Y67H0WWAjs9sCYHZWViwuZ8FA7Klc67jxShzkyMKvgelKmICG4_VW6EaKSK1g5h5GQfCVAA1mWec_GV1T_1CJlWteteMvfS5rYGQXAwh7Kj4q1EYlMO0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soo.gd/teens-bfwd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 15:47:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3efbff546964a07de65797225d48cedc.js
pl14439257.profitablegate.com/3e/fb/ff/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pl14439257.profitablegate.com/3e/fb/ff/3efbff546964a07de65797225d48cedc.js
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 30 Oct 2020 15:47:12 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pma
popmyads.com/x/
Redirect Chain
  • https://cdn.popmyads.com/pma.js
  • https://popmyads.com/x/pma
83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/x/pma
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SYSu8Y%2FMz3fg1N688gct9lJlZHZY%2B3gwGlwtVvTNhBo4klRkORxbT0ABIukvnZQVZouoc1bzjWompK2E52vHuchVj2N8tGCt1g7kJHJPD%2B51CbjEShBFnsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
status
200
cf-ray
5ea645ffddcbbed3-FRA
cf-request-id
061bca13e60000bed38b00f000000001

Redirect headers

date
Fri, 30 Oct 2020 15:47:11 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
307
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VvnvFLGfumFuSjQSQk1MHYI8aqJQ6yNBZsRW0tZyoDFfKfA7qUNp%2FHCj5C3lBpznPeuvSY6s3j3hdFvNbGaTaelqcOvp17wV6wiVwP1xshjY%2Fj5bK6EFUecp8BWq"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
location
https://popmyads.com/x/pma
cache-control
max-age=14400
cf-ray
5ea645ff8d89bed3-FRA
cf-request-id
061bca13bf0000bed3c6844000000001
online_i.js
widget.supercounters.com/ssl/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widget.supercounters.com/ssl/online_i.js
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:11 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
5608
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
061bca13a500003248f2338000000001
Last-Modified
Tue, 11 Jul 2017 06:49:04 GMT
Server
cloudflare
ETag
W/"596474e0-109e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QdWt0AVOhItdsiEqtxj%2BDJvhuoPAsJSD6dGo79EHdzdm7esc7mvYasdzr%2FGzJoeYNk3pfFo%2BqHtv1JT78B3R7Tc7Gxnu0a2nuUjWJ9cSM9c%2FDPTv%2FQYMeD11xhGb40tABm%2FMk%2FA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
5ea645ff6c503248-FRA
polaroid-78784.jpg
6.thumbs.xtstatic.com/100/50/-/614683ec63016195ee5da3c5f6860a01/backtooldschool.xtgem.com/images/blog/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://6.thumbs.xtstatic.com/100/50/-/614683ec63016195ee5da3c5f6860a01/backtooldschool.xtgem.com/images/blog/polaroid-78784.jpg
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
b71d62ebeba9b6387f4135e7778e58cc41a2c39f225291dd00fd9e4b526ff8e1

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
X-Ngz
1
Last-Modified
Tue, 05 Nov 2019 12:10:54 GMT
Age
0
ETag
"4b0-0"
Sent-XS
0.000
X-Cache
MISS
Content-Type
image/jpeg
Expires
Sun, 01 Nov 2020 15:47:12 GMT
Cache-Control
max-age=172800, pre-check=172800
Connection
close
Accept-Ranges
bytes
Content-Length
1200
X-Cache-Hits
0
promo.php
bngpt.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bngpt.com/promo.php?type=chat_head&c=291749&lang=&ch%5Bmodel_zone%5D=free&ch%5Blanding%5D=chat&ch%5Bleft%5D=95&ch%5Btop%5D=95&ch%5Banimation%5D=0&ch%5Btop_models%5D=1
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
31.192.112.221 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
56c72071541e81e27b842ffe2d60dcf3a58772ed95f658f79d8768a4b89832f8
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:13 GMT
content-encoding
gzip
server
nginx
status
200
strict-transport-security
max-age=0;
content-type
text/html; charset=UTF-8
access-control-allow-origin
cache-control
no-cache, public
x-bcs
ded7015
expires
Fri, 30 Oct 2020 15:47:12 GMT
quant.js
edge.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Content-Encoding
gzip
Etag
"O/+l6c17R2TQ0JQMJXOiXA=="
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 06 Nov 2020 15:47:12 GMT
tp.gif
enif.images.xtstatic.com/ Frame A98C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://enif.images.xtstatic.com/tp.gif
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
enif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://https.waphall.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Sun, 29 Nov 2020 15:47:12 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
tp.gif
cif.images.xtstatic.com/ Frame BD8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://cif.images.xtstatic.com/tp.gif
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
cif.images.xtstatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://https.waphall.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
ETag
"2a-59774aa04e000"
Content-Length
42
Cache-Control
max-age=2592000
Expires
Sun, 29 Nov 2020 15:47:12 GMT
Content-Type
image/gif
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
Connection
close
fc.php
www.supercounters.com/ 		29 B
279 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&url=http%3A%2F%2Fhttps.waphall.com%2F&sw=1600&sh=1200&rand=66
Requested by
Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Server
172.104.29.90 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.12.2 / PHP/7.2.0
Resource Hash
7c988ed081563264190dbd7d87a0eeb3dd87f0e2e53f7f7a3d75cd5ee3bc035b

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
X-Powered-By
PHP/7.2.0
Transfer-Encoding
chunked
Content-Type
application/x-javascript
/
camnude.chaturbate.com/tours/3/ Frame 338A 		0
0
v3.html
creative.clbjmp.com/widgets/ Frame 422A 		0
0
__xt_authbar
xtgem.com/ Frame 772B 		0
0
/
camnude.chaturbate.com/tours/3/ Frame 6897 		0
0
v3.html
creative.clbjmp.com/widgets/ Frame C4CE 		0
0
__xt_authbar
xtgem.com/ Frame 25E0 		0
0
/
camnude.chaturbate.com/tours/3/ Frame F500 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://bam.nr-data.net https://chaturbateapps.disqus.com https://*.disquscdn.com https://disqus.com https://certify-js.alexametrics.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://*.disquscdn.com ; img-src 'self' data: https://*.highwebmedia.com https://*stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://bam.nr-data.net https://*.disquscdn.com https://links.services.disqus.com https://referrer.disqus.com https://certify.alexametrics.com https://stats.g.doubleclick.net ; font-src 'self' data: https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://bam.nr-data.net https://*.chaturbate.com https://chaturbate.com wss://recommend.chaturbate.com:8443 https://www.google-analytics.com https://links.services.disqus.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.highwebmedia.com https://download.macromedia.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://disqus.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.highwebmedia.com ; report-uri https://report-uri.highwebmedia.com/r/t/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce

Request headers

:method
GET
:authority
camnude.chaturbate.com
:scheme
https
:path
/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://https.waphall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

status
200
date
Fri, 30 Oct 2020 15:47:13 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d3fd51dd64d22a96e96ba9944e68eb27e1604072832; expires=Sun, 29-Nov-20 15:47:12 GMT; path=/; domain=.chaturbate.com; HttpOnly; SameSite=Lax affkey=eJyrViopylayUlBS0lFQSkxLAzFTsoozc8pSi4xAYgUgESNDELMIxMwoKSmw0tcHUcV65YkFGYk5OXrJ+bn6IBUlIBXl+YmBIE5yLlivq6FTtrlSLQD6Khz9; expires=Sun, 29-Nov-2020 15:47:12 GMT; Max-Age=2592000; Path=/; SameSite=none; secure stcki="Grh5R1=0"; expires=Sun, 29-Nov-2020 15:47:12 GMT; Max-Age=2592000; Path=/; SameSite=none; secure sbr="sec:sbrc1dcf241-853a-4020-9e0d-a57c60d17548:1kYWcS:3c6ARWNRWnNcpfTqs8AJxTwkdaM"; expires=Wed, 26-Jul-2023 15:47:12 GMT; httponly; Max-Age=86313600; Path=/; SameSite=none; secure dwf_s_a=True; expires=Sun, 29-Nov-2020 15:47:12 GMT; Max-Age=2592000; Path=/; SameSite=none; secure whitelabels_hc=pending; Path=/; SameSite=none; secure __cf_bm=0e96abea624e480fdf53671ffc8ce09e848c2508-1604072833-1800-ASfCvGRCCfKXZIezG4sqcv0Uk1uMp9DpZDqHUrtBHBpvMCj+o9etT1FU4XW3qi+MLToCy/9lPFrTN4c+sQSaiP0=; path=/; expires=Fri, 30-Oct-20 16:17:13 GMT; domain=.chaturbate.com; HttpOnly; Secure; SameSite=None
cf-ray
5ea64601ccfadfa5-FRA
cache-control
no-cache
content-language
en
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding, Cookie, Accept-Language
cf-cache-status
DYNAMIC
cf-ctrl
Z
cf-request-id
061bca151a0000dfa579a0b000000001
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://ajax.googleapis.com https://cdn.exoticads.com https://js-agent.newrelic.com https://cdnjs.cloudflare.com https://www.google-analytics.com https://www.google.com/recaptcha/ https://www.google.com/cv/ https://www.gstatic.com/recaptcha/ https://www.gstatic.com/cv/ https://www.gstatic.com/eureka/ https://www.gstatic.com/cast/ https://bam.nr-data.net https://chaturbateapps.disqus.com https://*.disquscdn.com https://disqus.com https://certify-js.alexametrics.com ; style-src 'self' data: 'unsafe-inline' https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.googleapis.com https://*.disquscdn.com ; img-src 'self' data: https://*.highwebmedia.com https://*stream.highwebmedia.com https://*.chaturbate.com https://chaturbate.com https://www.google-analytics.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com https://cdnjs.cloudflare.com https://www.gstatic.com https://bam.nr-data.net https://*.disquscdn.com https://links.services.disqus.com https://referrer.disqus.com https://certify.alexametrics.com https://stats.g.doubleclick.net ; font-src 'self' data: https://*.highwebmedia.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; connect-src 'self' blob: blob https://*.highwebmedia.com wss://*.highwebmedia.com wss://*.highwebmedia.com:8443 https://bam.nr-data.net https://*.chaturbate.com https://chaturbate.com wss://recommend.chaturbate.com:8443 https://www.google-analytics.com https://links.services.disqus.com https://cbvideoupload.s3-accelerate.amazonaws.com https://stats.g.doubleclick.net https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; media-src 'self' https://*.highwebmedia.com https://*.chaturbate.com https://chaturbate.com mediasource: blob: data: https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com; object-src 'self' https://*.highwebmedia.com https://download.macromedia.com https://public.chaturbate.com https://s3pv.highwebmedia.com https://cbphotovideo.s3.amazonaws.com https://cbphotovideo-eu.s3.amazonaws.com https://public.chaturbate.com.s3.amazonaws.com https://wowdvr.s3.amazonaws.com https://cbvideoupload.s3.amazonaws.com ; frame-src 'self' https://*.chaturbate.com https://chaturbate.com https://*.highwebmedia.com https://adserver.exoticads.com https://www.google.com/recaptcha/ https://disqus.com ; child-src 'self' blob: blob ; worker-src 'self' blob: blob ; form-action 'self' https://*.chaturbate.com https://chaturbate.com https://*.stream.highwebmedia.com https://www.coinpayments.net https://wnu.com ; manifest-src 'self' https://*.highwebmedia.com ; report-uri https://report-uri.highwebmedia.com/r/t/csp/enforce;
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"default","max_age":2592000,"include_subdomains":true}
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://report-uri.highwebmedia.com/a/t/g"}],"include_subdomains":true}
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://report-uri.highwebmedia.com/r/t/xss/enforce
server
cloudflare
content-encoding
br
v3.html
creative.clbjmp.com/widgets/ Frame 6992 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.clbjmp.com/widgets/v3.html
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
creative.clbjmp.com
:scheme
https
:path
/widgets/v3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://https.waphall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

status
200
date
Fri, 30 Oct 2020 15:47:12 GMT
content-type
text/html
set-cookie
__cfduid=d264fd3c60f0d861c6ff9cbfda1dfcad11604072832; expires=Sun, 29-Nov-20 15:47:12 GMT; path=/; domain=.clbjmp.com; HttpOnly; SameSite=Lax; Secure
last-modified
Fri, 23 Oct 2020 15:34:42 GMT
expires
Fri, 30 Oct 2020 15:47:22 GMT
cache-control
max-age=10
pragma
public
report-to
{ "url": "https://go.stripchat.com/report", "max_age": 0 }
cf-cache-status
DYNAMIC
cf-request-id
061bca15070000d6f58227a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ea64601ac10d6f5-FRA
content-encoding
br
Cookie set __xt_authbar
xtgem.com/ Frame 65A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash

Request headers

Host
xtgem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://https.waphall.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
session=w3~hu88iooob2fp7mq03c5cvggnk1; expires=Sat, 31-Oct-2020 15:47:12 GMT; Max-Age=86400; path=/; domain=.xtgem.com; httponly __template=web; expires=Sun, 29-Nov-2020 15:47:12 GMT; Max-Age=2592000; path=/ __lang=us; expires=Sun, 29-Nov-2020 15:47:12 GMT; Max-Age=2592000; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2761
Content-Type
text/html; charset=UTF-8
Age
0
X-Cache
MISS
X-Cache-Hits
0
Accept-Ranges
bytes
close2.png
xtgem.com/images/ 		564 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xtgem.com/images/close2.png?v=0.01
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
178.33.123.218 , France, ASN16276 (OVH, FR),
Reverse DNS
d2.xtgem.com
Software
/
Resource Hash
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:46:58 GMT
X-Ngz
1
Last-Modified
Sat, 16 Nov 2019 11:03:28 GMT
Age
13
ETag
"234-59774aa04e000"
X-Cache
HIT
Content-Type
image/png
Expires
Sun, 29 Nov 2020 15:46:58 GMT
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
564
X-Cache-Hits
43
v3.html
creative.clbjmp.com/widgets/ Frame 44CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://creative.clbjmp.com/widgets/v3.html
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
creative.clbjmp.com
:scheme
https
:path
/widgets/v3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://https.waphall.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://https.waphall.com/

Response headers

status
200
date
Fri, 30 Oct 2020 15:47:12 GMT
content-type
text/html
set-cookie
__cfduid=d264fd3c60f0d861c6ff9cbfda1dfcad11604072832; expires=Sun, 29-Nov-20 15:47:12 GMT; path=/; domain=.clbjmp.com; HttpOnly; SameSite=Lax; Secure
last-modified
Fri, 23 Oct 2020 15:34:42 GMT
expires
Fri, 30 Oct 2020 15:47:22 GMT
cache-control
max-age=10
pragma
public
report-to
{ "url": "https://go.stripchat.com/report", "max_age": 0 }
cf-cache-status
DYNAMIC
cf-request-id
061bca15110000d6f55f087000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ea64601bc33d6f5-FRA
content-encoding
br
rules-p-0cfM8Oh7M9bVQ.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
  • https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
3 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 09:06:27 GMT
via
1.1 6fdf2ccc380f11286f9756c9578f26c6.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:40:53 GMT
server
AmazonS3
age
62997
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
IvRg-vA8u0FSEN5sA0J_MxKhv2i8C7xVETKOamMcOR7j2OmaCpwzxg==

Redirect headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
Via
1.1 2285d262a6b5edcf46f904cd07877cdd.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ZAG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-0cfM8Oh7M9bVQ.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
4BOvwghGWnfMzU21kU4mHQwv23xulsr0OLOnibZ3OL1UfdJdlfFRtA==
jquery-1.4.4.min.js
i.bongacash.com/chat_head/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/chat_head/jquery-1.4.4.min.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?type=chat_head&c=291749&lang=&ch%5Bmodel_zone%5D=free&ch%5Blanding%5D=chat&ch%5Bleft%5D=95&ch%5Btop%5D=95&ch%5Banimation%5D=0&ch%5Btop_models%5D=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.110 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=2592000
x-cdn-diag
fra1-11044-7-13593-h-0-0---;11023-14-39582----0-0-1
expires
Sat, 14 Nov 2020 07:18:53 GMT
e61c1c.png
widget.supercounters.com/images/online/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://widget.supercounters.com/images/online/e61c1c.png
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
5074
Connection
keep-alive
Content-Length
568
cf-request-id
061bca15990000324814acb000000001
Last-Modified
Fri, 21 Aug 2020 23:59:32 GMT
Server
cloudflare
ETag
"5f405fe4-238"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6%2F%2FRTHhrIJB9dpg7%2BSoia6iYyuSfjQcjSfF8YXyg%2BnCjY0yybMtYjL6U1f2P6eOpi8j6eSUL44x22UNF4JTZPmfGiZePMggacJQ4V%2BlJfrKc%2B8BD2moXXRxvIfxR%2F5hBGtHF7gE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5ea646028b7d3248-FRA
jquery.cookie.min.js
i.bongacash.com/chat_head/ 		932 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/chat_head/jquery.cookie.min.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?type=chat_head&c=291749&lang=&ch%5Bmodel_zone%5D=free&ch%5Blanding%5D=chat&ch%5Bleft%5D=95&ch%5Btop%5D=95&ch%5Banimation%5D=0&ch%5Btop_models%5D=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.110 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e50fc196e54238d5ff73f155ae2fdebaba3d3afcb6edd143fb535cb65cbe88c5

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=2592000
x-cdn-diag
fra1-11046-7-49398-h-0-0---;11023-16-39582----0-2-1
expires
Sat, 14 Nov 2020 07:18:53 GMT
pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=waphall.com;...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm...
  • https://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;c...
35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=waphall.com;je=0;sr=1600x1200x24;dst=1;et=1604072832420;tzo=-60;ogl=type.website%2Ctitle.topmodel%20-%20Free%20Adult%20Live%20Webcams!%2Cdescription.Enjoy%20free%20chat%20and%20live%20webcam%20broadcasts%20from%20amateurs%20and%20exhibitionists%20arou
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Oct 2020 15:47:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=1695741120;rf=0;uht=2;a=p-0cfM8Oh7M9bVQ;url=http%3A%2F%2Fhttps.waphall.com%2F;fpan=1;fpa=P0-733383734-1604072832420;ns=0;ce=1;qjs=1;qv=3364aec3-20201006003021;cm=;gdpr=0;ref=;d=waphall.com;je=0;sr=1600x1200x24;dst=1;et=1604072832420;tzo=-60;ogl=type.website%2Ctitle.topmodel%20-%20Free%20Adult%20Live%20Webcams!%2Cdescription.Enjoy%20free%20chat%20and%20live%20webcam%20broadcasts%20from%20amateurs%20and%20exhibitionists%20arou
Date
Fri, 30 Oct 2020 15:47:12 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Sat, 31 Oct 2020 15:47:12 GMT
jquery.image_player_001.js
i.bongacash.com/chat_head/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/chat_head/jquery.image_player_001.js
Requested by
Host: bngpt.com
URL: https://bngpt.com/promo.php?type=chat_head&c=291749&lang=&ch%5Bmodel_zone%5D=free&ch%5Blanding%5D=chat&ch%5Bleft%5D=95&ch%5Btop%5D=95&ch%5Banimation%5D=0&ch%5Btop_models%5D=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.110 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
ed8b9abe2e935073bb07cff3ed1694a24ef4c6c2631f7e74da113008a1ff869a

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=2592000
x-cdn-diag
fra1-11052-2-41541-h-0-0---;11023-18-39582----0-0-0
expires
Sat, 14 Nov 2020 07:18:54 GMT
css3.css
i.bongacash.com/chat_head/css/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.bongacash.com/chat_head/css/css3.css
Requested by
Host: i.bongacash.com
URL: https://i.bongacash.com/chat_head/jquery-1.4.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.110 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
aa0db434371dce1a606c2e12eb451739e1e416323e9e3f5d787101c59605ce65

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
content-encoding
gzip
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
x-cdn-diag
fra1-11025-3-33417-h-0-0---;11023-20-39582----0-1-1
expires
Sat, 14 Nov 2020 07:18:55 GMT
bongacams.png
i.bongacash.com/chat_head/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bongacash.com/chat_head/img/bongacams.png
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.110 Amsterdam, Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e9886419563cc54811bb27ad1335f6bbebbcd20121736964c86533285bd41789

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 15:47:12 GMT
last-modified
Tue, 18 Jun 2019 13:44:19 GMT
content-type
image/png
status
200
cache-control
max-age=2592000
x-cdn-diag
fra1-11045-7-56324-h-0-0---;11023-20-39582----0-2-0
accept-ranges
bytes
content-length
3397
expires
Sat, 14 Nov 2020 07:18:56 GMT
9c29c19331ec4de0ba5c146049174397_thumb_medium.jpg
i.bimbolive.com/02a/14c/083/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bimbolive.com/02a/14c/083/9c29c19331ec4de0ba5c146049174397_thumb_medium.jpg
Requested by
Host: https.waphall.com
URL: http://https.waphall.com/
Protocol
HTTP/1.1
Server
2606:4700::6810:7544 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17ae5666feb2f7c09e28e1ce3bac1d54e1c46114122664bb64ab7b98b3e4a222

Request headers

Referer
http://https.waphall.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 15:47:12 GMT
CF-Cache-Status
HIT
Age
293754
x-cache-0
1
Connection
keep-alive
Content-Length
16892
cf-request-id
061bca16ca00006467d99b5000000001
Last-Modified
Mon, 04 May 2020 05:47:04 GMT
Server
cloudflare
ETag
"5eafac58-41fc"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Thu, 26 Nov 2020 06:11:19 GMT
Cache-Control
max-age=604800
Accept-Ranges
bytes
CF-RAY
5ea6460478026467-FRA
Cf-Bgj
h2pri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
camnude.chaturbate.com
URL
https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Domain
creative.clbjmp.com
URL
https://creative.clbjmp.com/widgets/v3.html
Domain
xtgem.com
URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=
Domain
camnude.chaturbate.com
URL
https://camnude.chaturbate.com/tours/3/?c=142&campaign=ldZ4M&gender=f&disable_sound=0&p=1&tour=x1Rd&tag=young
Domain
creative.clbjmp.com
URL
https://creative.clbjmp.com/widgets/v3.html
Domain
xtgem.com
URL
https://xtgem.com/__xt_authbar?data=eyJ1cmwiOiJodHRwOlwvXC9odHRwcy53YXBoYWxsLmNvbVwvaW5kZXgiLCJsb2dnZWRfaW4iOmZhbHNlLCJkb21haW4iOiJodHRwcy53YXBoYWxsLmNvbSIsInBvc2l0aW9uIjp7ImFic29sdXRlIjoiZml4ZWQifX0=

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| trustedTypes string| pmauid string| pmawid string| fq function| r1ff function| O7hh function| n3VV function| G7hh function| E188 function| H8OO function| R9RR function| L8OO object| _0x2a18 function| _0x5a85 string| a1818a object| PMAPOP number| realBrowser number| fqq object| _qevents boolean| cookies object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg number| len number| click_cnt function| ClickUnder function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| bcsInject function| bcchInit function| $ function| jQuery function| onResizeDebounced

10 Cookies

Domain/Path Name / Value
.chaturbate.com/ Name: __cf_bm
Value: 0e96abea624e480fdf53671ffc8ce09e848c2508-1604072833-1800-ASfCvGRCCfKXZIezG4sqcv0Uk1uMp9DpZDqHUrtBHBpvMCj+o9etT1FU4XW3qi+MLToCy/9lPFrTN4c+sQSaiP0=
camnude.chaturbate.com/ Name: dwf_s_a
Value: True
camnude.chaturbate.com/ Name: whitelabels_hc
Value: pending
.waphall.com/ Name: _xta_vid
Value: f7176d4d6955877efff37d456365ad89-1604072831
camnude.chaturbate.com/ Name: affkey
Value: eJyrViopylayUlBS0lFQSkxLAzFTsoozc8pSi4xAYgUgESNDELMIxMwoKSmw0tcHUcV65YkFGYk5OXrJ+bn6IBUlIBXl+YmBIE5yLlivq6FTtrlSLQD6Khz9
.waphall.com/ Name: __qca
Value: P0-733383734-1604072832420
camnude.chaturbate.com/ Name: sbr
Value: "sec:sbrc1dcf241-853a-4020-9e0d-a57c60d17548:1kYWcS:3c6ARWNRWnNcpfTqs8AJxTwkdaM"
camnude.chaturbate.com/ Name: stcki
Value: "Grh5R1=0"
https.waphall.com/ Name:
Value: test
.waphall.com/ Name: _xta_uid
Value: 08d523d98061624c515c670e2d7fc821

46 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: https://cdn.popmyads.com/pma.js(Line 1)
Message:
console.clear

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42e64602b1137c9049b0223e2ec6ae28.safeframe.googlesyndication.com
6.thumbs.xtstatic.com
adservice.google.com
adservice.google.de
bngpt.com
camnude.chaturbate.com
cdn.popmyads.com
cif.images.xtstatic.com
creative.clbjmp.com
edge.quantserve.com
enif.images.xtstatic.com
https.waphall.com
i.bimbolive.com
i.bongacash.com
pagead2.googlesyndication.com
pixel.quantserve.com
pl14439257.profitablegate.com
popmyads.com
rules.quantcount.com
securepubads.g.doubleclick.net
soo.gd
tpc.googlesyndication.com
widget.supercounters.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.supercounters.com
xtgem.com
camnude.chaturbate.com
creative.clbjmp.com
xtgem.com
172.104.29.90
178.33.123.218
192.243.59.12
216.58.212.162
2600:9000:20d7:ea00:6:44e3:f8c0:93a1
2606:4700:3031::6812:3a9c
2606:4700:3034::ac43:bbbc
2606:4700:3036::6818:72e2
2606:4700::6810:7544
2606:4700::6812:6528
2606:4700:e4::ac40:a716
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2001
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
31.192.112.221
54.36.158.42
66.254.122.110
05e072b760556d7a92141fd39868a4b20775d90a3614b2b8b5fc1158e2d22b09
17ae5666feb2f7c09e28e1ce3bac1d54e1c46114122664bb64ab7b98b3e4a222
48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc
56c72071541e81e27b842ffe2d60dcf3a58772ed95f658f79d8768a4b89832f8
5f666ff6e65f4f04bc582e17d44ccd198a30148a6e0c73fc71b8d467755e1ffc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c988ed081563264190dbd7d87a0eeb3dd87f0e2e53f7f7a3d75cd5ee3bc035b
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
921cb61c895e6dafdb1ecedc2ab4cb8c731fc7ed226b21dfbcfe6f8862aab270
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa0db434371dce1a606c2e12eb451739e1e416323e9e3f5d787101c59605ce65
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b71d62ebeba9b6387f4135e7778e58cc41a2c39f225291dd00fd9e4b526ff8e1
bc5dcb35fc074321d66b9d7809e286e4afe72c7b08d1e799672126c92150ecd3
c4f53d8c6de0b7cdc669e240865ffd0ec3fa96391b3a58a7048531016461f0a2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc583b22fd998d0d6d0a6648c2269c3a3a4f96eb6d413bb2ca2f6edaf33bbdbd
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e50fc196e54238d5ff73f155ae2fdebaba3d3afcb6edd143fb535cb65cbe88c5
e9886419563cc54811bb27ad1335f6bbebbcd20121736964c86533285bd41789
ed8b9abe2e935073bb07cff3ed1694a24ef4c6c2631f7e74da113008a1ff869a