66.29.129.121 Open in urlscan Pro
66.29.129.121 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Submission: On June 28 via manual (June 28th 2023, 4:34:49 am UTC) from ID — Scanned from DE

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 25 domains to perform 99 HTTP transactions. The main IP is 66.29.129.121, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 66.29.129.121.

This is the only time 66.29.129.121 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
14	66.29.129.121 66.29.129.121	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 3	185.94.236.246 185.94.236.246	42567 (MOJHOST-EU) (MOJHOST-EU)
1 23	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.29.129.145 66.29.129.145	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2 10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	45.131.145.132 45.131.145.132	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:311... 2606:4700:3110::6812:3015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3038::6815:eb94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	23.109.82.96 23.109.82.96	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:311... 2606:4700:311f::6812:3f7c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e0:... 2606:4700:e0::ac40:6c19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2604:9e00:1:1... 2604:9e00:1:129::2:b10	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	149.56.240.129 149.56.240.129	16276 (OVH) (OVH)
1	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	139.45.197.167 139.45.197.167	9002 (RETN-AS) (RETN-AS)
1	174.137.133.17 174.137.133.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
99	25

14 66.29.129.121 (United States)

ASN22612 (NAMECHEAP-NET, US)

66.29.129.121	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.236.246 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

imgavtub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zimpolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.29.129.145 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-3431.avtub.cc

avtub.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

shavetape.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.adforcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.131.145.132 (Bucharest, Romania)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

creative.avtub.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.avtub.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:3015 (United States)

ASN13335 (CLOUDFLARENET, US)

video.ktkjmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb94 (United States)

ASN13335 (CLOUDFLARENET, US)

thumb.tapecontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.82.96 (Netherlands)

ASN7979 (SERVERS-COM, US)

lh.limosiwooable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf25 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:311f::6812:3f7c (United States)

ASN13335 (CLOUDFLARENET, US)

img.strpst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6c19 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:b10 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.acertb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

feeloshu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.popmonetizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.167 (United Kingdom)

ASN9002 (RETN-AS, GB)

qr-captcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.zeusadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	imgavtub.com imgavtub.com — Cisco Umbrella Rank: 225409	512 KB
9	avtub.chat creative.avtub.chat — Cisco Umbrella Rank: 260402 go.avtub.chat — Cisco Umbrella Rank: 242293	88 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	406 KB
6	qr-captcha.com qr-captcha.com — Cisco Umbrella Rank: 490951	21 KB
6	strpst.com img.strpst.com — Cisco Umbrella Rank: 8408	87 KB
6	shavetape.cash shavetape.cash	303 KB
4	adforcast.com 2 redirects a.adforcast.com — Cisco Umbrella Rank: 91821	2 KB
4	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 26454 i.jads.co — Cisco Umbrella Rank: 43662	109 KB
3	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 9422	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10	29 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12114 s4.histats.com — Cisco Umbrella Rank: 11961	5 KB
2	zimpolo.com 1 redirects zimpolo.com — Cisco Umbrella Rank: 93159	909 B
2	tapecontent.net thumb.tapecontent.net — Cisco Umbrella Rank: 107892	73 KB
2	avtub.red avtub.red — Cisco Umbrella Rank: 320558	1 MB
1	zeusadx.com xml.zeusadx.com — Cisco Umbrella Rank: 95069	165 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9450	505 B
1	popmonetizer.net xml.popmonetizer.net — Cisco Umbrella Rank: 89459	165 B
1	feeloshu.com feeloshu.com — Cisco Umbrella Rank: 188155	2 KB
1	acertb.com 1 redirects xml.acertb.com — Cisco Umbrella Rank: 89338	210 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 32649
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3245	74 KB
1	acscdn.com acscdn.com — Cisco Umbrella Rank: 78079	40 KB
1	limosiwooable.com lh.limosiwooable.com — Cisco Umbrella Rank: 97868	1 KB
1	ktkjmp.com video.ktkjmp.com — Cisco Umbrella Rank: 12579	666 B
0	superchat.live Failed superchat.live Failed
99	25

	Domain	Requested by
21	imgavtub.com	66.29.129.121
6	qr-captcha.com	feeloshu.com qr-captcha.com
6	img.strpst.com	66.29.129.121
6	shavetape.cash	66.29.129.121 shavetape.cash
5	www.gstatic.com	shavetape.cash www.google.com www.gstatic.com
5	go.avtub.chat	creative.avtub.chat 66.29.129.121
4	a.adforcast.com	2 redirects shavetape.cash
4	creative.avtub.chat	66.29.129.121 creative.avtub.chat
3	mc.yandex.com	1 redirects shavetape.cash
3	www.google.com	shavetape.cash www.gstatic.com www.google.com
3	poweredby.jads.co	1 redirects 66.29.129.121 poweredby.jads.co
2	fonts.gstatic.com	www.google.com
2	zimpolo.com	1 redirects shavetape.cash
2	thumb.tapecontent.net	shavetape.cash
2	avtub.red	66.29.129.121
1	xml.zeusadx.com
1	my.rtmark.net	feeloshu.com
1	i.jads.co	poweredby.jads.co
1	s4.histats.com	s10.histats.com
1	xml.popmonetizer.net	shavetape.cash
1	feeloshu.com	shavetape.cash
1	xml.acertb.com	1 redirects
1	youradexchange.com	acscdn.com
1	s10.histats.com	66.29.129.121
1	mc.yandex.ru	shavetape.cash
1	acscdn.com	shavetape.cash
1	lh.limosiwooable.com	shavetape.cash
1	video.ktkjmp.com	creative.avtub.chat
0	superchat.live Failed	creative.avtub.chat
99	29

This site contains no links.

Subject Issuer	Validity	Valid
imgavtub.com GTS CA 1P5	`2023-05-15` - `2023-08-13`	3 months	crt.sh
avtub.red cPanel, Inc. Certification Authority	`2023-06-03` - `2023-09-01`	3 months	crt.sh
shavetape.cash GTS CA 1P5	`2023-06-27` - `2023-09-25`	3 months	crt.sh
creative.avtub.chat R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
go.avtub.chat R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
video.ktkjmp.com Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
tapecontent.net GTS CA 1P5	`2023-06-25` - `2023-09-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
lh.limosiwooable.com R3	`2023-06-05` - `2023-09-03`	3 months	crt.sh
acscdn.com GTS CA 1P5	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
zimpolo.com GTS CA 1P5	`2023-05-04` - `2023-08-02`	3 months	crt.sh
adforcast.com GTS CA 1P5	`2023-06-23` - `2023-09-21`	3 months	crt.sh
img.strpst.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
youradexchange.com GTS CA 1P5	`2023-06-21` - `2023-09-19`	3 months	crt.sh
feeloshu.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.popmonetizer.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
qr-captcha.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.zeusadx.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-23` - `2023-10-23`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Frame ID: BC324351F4A8A1C112C8E386907E4A22
Requests: 41 HTTP requests in this frame

Frame: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Frame ID: 28B647B85D8DC44691D378C848EF9204
Requests: 17 HTTP requests in this frame

Frame: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d
Frame ID: 9075862175823A7D8C830D48A35ED413
Requests: 17 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=1010922
Frame ID: 1E2A22E9C439F654671835E1622B3554
Requests: 1 HTTP requests in this frame

Frame: http://poweredby.jads.co/adshow.php?adzone=1010922
Frame ID: 287D1CD7AB68C38C53D05F73039416C7
Requests: 2 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: A07A102C093F565F437DDBC674521AE1
Requests: 2 HTTP requests in this frame

Frame: https://qr-captcha.com/?t=0&ymid=697778390010441844
Frame ID: 379603AFE56BA4479629F649961FBC6B
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oi0lhjju0gmh
Frame ID: 03128AFF9E8C675F522B1EF2D392A13F
Requests: 7 HTTP requests in this frame

Frame: https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
Frame ID: E92D4C9F2DB176CD25143A44CB3BB3A5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

99
Requests

77 %
HTTPS

52 %
IPv6

25
Domains

29
Subdomains

25
IPs

7
Countries

3195 kB
Transfer

5843 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 72

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935 HTTP 302
https://feeloshu.com/4/5908725

Request Chain 73

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 78

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A454%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A95055361926%3Ahid%3A673864865%3Az%3A0%3Ai%3A20230628043410%3Aet%3A1687926851%3Ac%3A1%3Arn%3A110004205%3Arqn%3A1%3Au%3A1687926851737596518%3Aw%3A1070x602%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C42%2C97%2C52%2C0%2C0%2C%2C320%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1687926849707%3Arqnl%3A1%3Ast%3A1687926851%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A454%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A95055361926%3Ahid%3A673864865%3Az%3A0%3Ai%3A20230628043410%3Aet%3A1687926851%3Ac%3A1%3Arn%3A110004205%3Arqn%3A1%3Au%3A1687926851737596518%3Aw%3A1070x602%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C42%2C97%2C52%2C0%2C0%2C%2C320%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1687926849707%3Arqnl%3A1%3Ast%3A1687926851%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 99

https://a.adforcast.com/load HTTP 302
https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132

99 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html Show response
66.29.129.121/ 53 KB
11 KB 334ms
169ms Document
text/html 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

21eeef70cd3c30908f900f700725aa710c28444b310319f4fdb6862ca07b1642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 04:34:09 GMT
Expires: Mon, 29 Oct 1923 20:30:00 GMT
Last-Modified: Wed, 28 Jun 2023 01:11:06 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
X-Server-Powered-By: Engintron
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK g05ft.css
66.29.129.121/wp-content/cache/wpfc-minified/6onddxx5/ 95 KB
13 KB 169ms
168ms Stylesheet
text/css 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/cache/wpfc-minified/6onddxx5/g05ft.css

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

aedaaa674ee2b65204a2982354ebf1d005aef71bdbcf86c13e998be29640b717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jun 2023 15:37:35 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK g05ft.css
66.29.129.121/wp-content/cache/wpfc-minified/f0zcrcub/ 119 KB
27 KB 333ms
168ms Stylesheet
text/css 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/cache/wpfc-minified/f0zcrcub/g05ft.css

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

6131f5efdbe799b465cc5e477c0a68dfcab8cc2eb157aacca5086e0cfa18e074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jun 2023 15:37:35 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK g05ft.js Show response
66.29.129.121/wp-content/cache/wpfc-minified/llfm7cvl/ 101 KB
35 KB 336ms
171ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/cache/wpfc-minified/llfm7cvl/g05ft.js

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

5a2f0cd843b9846f3e5107296d6958755b079d1cc774af8271a9cf5b4bbbb80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jun 2023 15:37:35 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK Logo-AVTub-Media.png
66.29.129.121/wp-content/uploads/2022/06/ 3 KB
4 KB 331ms
165ms Image
image/png 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://66.29.129.121/wp-content/uploads/2022/06/Logo-AVTub-Media.png

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

6372a51ef2a263502ea2191c0e9ac7a0d9822f9e81a068a7c5431368cff6e8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Sun, 27 Aug 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:40:01 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3226
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

78ms
25ms

Script
application/x-javascript

185.94.236.246
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: HTTP/1.1
Server: 185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 04:34:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2023 20:12:17 GMT
Server: nginx
ETag: W/"6442ee21-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Wed, 28 Jun 2023 04:34:09 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 webbotuna.jpg
imgavtub.com/wp-content/uploads/desktop/ 22 KB
22 KB 90ms
27ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/desktop/webbotuna.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4f4d694ba25d4aa468b4a0129e6ac15535854cf09a40acfb72854a30f0dcf4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329
alt-svc: h3=":443"; ma=86400
content-length: 22200
last-modified: Wed, 21 Jun 2023 14:51:19 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHkYcBXYrLc3rXgxHyzGqtYk71WcOu%2FJ%2FEbKv2%2BilHcJOqCPZn46vqA%2B9WZps8fFmm32a8I%2BXweufzRo0LDVRLfgKmiXrTxyc%2Bxcre%2Fkk4CAm%2FZTdn0piu0DBNZV51eOqOE%2F5m1zm9SWmtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373b1f341941-FRA
expires: max-age=A10368000, public

GET
H2 200 level4d.webp
avtub.red/assets/desktop2023/ 854 KB
855 KB 518ms
165ms Image
image/webp 66.29.129.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avtub.red/assets/desktop2023/level4d.webp

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.29.129.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

nc-ph-3431.avtub.cc

Software

nginx /

Resource Hash

f71bad2e2d0028b647b3caa2c41e530ce279f5131460c28b52dab5b6b6423034

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 27 Aug 2023 04:34:10 GMT
date: Wed, 28 Jun 2023 04:34:10 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
last-modified: Sat, 20 May 2023 14:53:56 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 874220
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: UPDATING

GET
H2 200 yoi4d03.webp
avtub.red/assets/desktop2023/ 262 KB
263 KB 846ms
494ms Image
image/webp 66.29.129.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avtub.red/assets/desktop2023/yoi4d03.webp

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

66.29.129.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

nc-ph-3431.avtub.cc

Software

nginx /

Resource Hash

36fd1f0a18265880f34538080f0566b1d68971e4d63dfffcd20e1bdefd6081e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 27 Aug 2023 04:34:10 GMT
date: Wed, 28 Jun 2023 04:34:10 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
last-modified: Fri, 31 Mar 2023 11:11:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 268444
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: UPDATING

GET
H/1.1 200
OK px.gif
66.29.129.121/wp-content/themes/kingtube/assets/img/ 1 KB
1 KB 164ms
164ms Image
image/gif 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://66.29.129.121/wp-content/themes/kingtube/assets/img/px.gif

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Sun, 27 Aug 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1 200
OK video.min.js Show response
66.29.129.121/wp-content/themes/kingtube/vendor/videojs/ 475 KB
134 KB 172ms
172ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/vendor/videojs/video.min.js?ver=7.4.1

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

18d3e7ea0772f549390980173ed79cc0324a1bacd04f322b664f97f251383253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1 200
OK videojs-quality-selector.min.js Show response
66.29.129.121/wp-content/themes/kingtube/vendor/videojs/ 21 KB
8 KB 166ms
166ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/vendor/videojs/videojs-quality-selector.min.js?ver=1.1.2

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK navigation.js Show response
66.29.129.121/wp-content/themes/kingtube/assets/js/ 4 KB
2 KB 167ms
166ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/assets/js/navigation.js?ver=1.0.0

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

885845403cad2b1e4dea133e2c03cadbf4f89c02fee19d33adbfd89eb16d27e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1 200
OK main.js Show response
66.29.129.121/wp-content/themes/kingtube/assets/js/ 35 KB
10 KB 332ms
167ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/assets/js/main.js?ver=1.3.4

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

919a1650792edc4d16b0e455bc5a85524563e655826653ce554229d22444e77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
66.29.129.121/wp-content/themes/kingtube/assets/js/ 683 B
888 B 330ms
165ms Script
application/javascript 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/assets/js/skip-link-focus-fix.js?ver=1.0.0

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Fri, 28 Jul 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H2 200 SSPD-130_Tsukasa_Aoi.MP4.mp4 Show response
shavetape.cash/e/QXekmMpObWF006l/ Frame 28B6 913 KB
221 KB 149ms
97ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7b7cdda96164a66719f53dc754eb7de5bcd505c47c02126ceb7720c5b0beb0

Request headers

Referer: http://66.29.129.121/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: BYPASS
cf-ray: 7de3373b09c292c3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 04:34:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZpmm%2FtsYcVqrSSOPDWrdkkrBDrnNTEBPLE%2Bq2BfLrz%2FmDRCs66zIxbpGkuX3Pj8kmOq9AGL3GXDkq49tGW3UqIKT4uu1hypG0B767BeRHOnhroM4%2FK3WGzKaXwHIJsv4zt9u%2Bagc91BtwrXbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Universal Show response
creative.avtub.chat/widgets/v4/ Frame 9075 852 B
1 KB 100ms
26ms Document
text/html 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy nginx /

Resource Hash

f42e9c9b1a1ed49015453967641155f18bbfb4aebab15a87d177961ad4e3777c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 max-age=15768000

Request headers

Referer: http://66.29.129.121/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=10
content-length: 852
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:09 GMT
etag: "648f0709-354"
expires: Wed, 28 Jun 2023 04:34:19 GMT
last-modified: Sun, 18 Jun 2023 13:30:49 GMT
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 } { "url": "https://go.avtub.chat/report", "max_age": 1048576 }
server: Caddy nginx
strict-transport-security: max-age=15768000 max-age=15768000

GET
H/1.1 200
OK fontawesome-webfont.woff2
66.29.129.121/wp-content/themes/kingtube/assets/stylesheets/font-awesome/fonts/ 75 KB
76 KB 312ms
174ms Font
application/font-woff2 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-content/themes/kingtube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/wp-content/cache/wpfc-minified/f0zcrcub/g05ft.css

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://66.29.129.121/wp-content/cache/wpfc-minified/f0zcrcub/g05ft.css
Origin: http://66.29.129.121
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: Sun, 27 Aug 2023 04:34:09 GMT
Date: Wed, 28 Jun 2023 04:34:09 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Jun 2022 04:29:25 GMT
Server: nginx
Content-Type: application/font-woff2
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block
X-Nginx-Upstream-Cache-Status: HIT

GET
H2 200 main.3776e808206b67b18442.css
creative.avtub.chat/widgets/v4/Universal/ Frame 9075 13 KB
4 KB 28ms
27ms Stylesheet
text/css 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.css

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 04:34:09 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
last-modified: Sun, 18 Jun 2023 13:32:07 GMT
server: Caddy, nginx
etag: W/"648f0757-3454"
vary: Accept-Encoding
report-to: { "url": "https://go.avtub.chat/report", "max_age": 1048576 }
content-type: text/css
cache-control: max-age=10
expires: Wed, 28 Jun 2023 04:34:19 GMT

GET
H2 200 main.3776e808206b67b18442.js Show response
creative.avtub.chat/widgets/v4/Universal/ Frame 9075 270 KB
78 KB 36ms
35ms Script
application/javascript 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

fa90fa264ed69923390314efae2b3c8a4290f40c51759173acea7d30782c668a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 04:34:09 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
last-modified: Sun, 18 Jun 2023 13:32:07 GMT
server: Caddy, nginx
etag: W/"648f0757-43813"
vary: Accept-Encoding
report-to: { "url": "https://go.avtub.chat/report", "max_age": 1048576 }
content-type: application/javascript; charset=utf-8
cache-control: max-age=10
expires: Wed, 28 Jun 2023 04:34:19 GMT

GET
H2 200 adgpt.js Show response
shavetape.cash/ Frame 28B6 20 B
393 B 30ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/adgpt.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:09 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Mar 2023 18:04:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4675
etag: "64232c29-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLTemSqWuisZnEJ0VJ96269%2B1pvl2XBWUusqacDu9pUEv80AJQkaXRle8GKkWG8BepB3ZrIcDPLwXASGMmgXN2uGdQ2vF8nt1%2FfOQnQiBa9oRU4bHuNeBlSu249xIyilbbElNEaI%2BeYfjkecuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7de3373baa2c92c3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20

GET adshow.php
poweredby.jads.co/ Frame 1E2A 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 287D 3 KB
2 KB 603ms
578ms Document
text/html 185.94.236.246
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://poweredby.jads.co/adshow.php?adzone=1010922
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Server: 185.94.236.246 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: c8a22d8fbcd0e099dd1f2693420144e4a87dadebdd60e6b11fd7c287f3ee0292

Request headers

Referer: http://66.29.129.121/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 04:34:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H2 200 en.json Show response
creative.avtub.chat/widgets/v4/Universal/lang/ Frame 9075 172 B
231 B 30ms
30ms Fetch
application/json 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://creative.avtub.chat/widgets/v4/Universal/lang/en.json

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Jun 2023 04:34:09 GMT
strict-transport-security: max-age=15768000
last-modified: Sun, 18 Jun 2023 13:30:49 GMT
server: Caddy, nginx
etag: "648f0709-ac"
report-to: { "url": "https://go.avtub.chat/report", "max_age": 1048576 }
content-type: application/json
cache-control: max-age=10
accept-ranges: bytes
content-length: 172
expires: Wed, 28 Jun 2023 04:34:19 GMT

GET
H2 200 config Show response
go.avtub.chat/ Frame 9075 7 KB
2 KB 102ms
41ms Fetch
application/json 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.avtub.chat/config?url=https%3A%2F%2Fcreative.avtub.chat%2Fwidgets%2Fv4%2FUniversal%3FcampaignId%3Dwidget%26tag%3Dgirls%252Fasian%252Cgirls%252Fchinese%252Cgirls%252Fjapanese%26thumbsMargin%3D5%26hideButton%3D1%26hideTitle%3D1%26userId%3D31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

8259c3644caf2fd09052a55124ba089883412f8a39d133d1b6479b003397ec4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Caddy, nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.avtub.chat
access-control-allow-credentials: true

GET
H2 200 adsbygoogle.js Show response
video.ktkjmp.com/ Frame 9075 16 B
666 B 150ms
47ms Fetch
application/javascript 2606:4700:3110::6812:3015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.ktkjmp.com/adsbygoogle.js
Requested by: Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:3015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
cf-cache-status: HIT
x-amz-request-id: NSW452AY65T29TVM
age: 1247
alt-svc: h3=":443"; ma=86400
content-length: 16
x-amz-id-2: YX0pOvxmBLo1VyA5iWWC3KRX9f95q5KzyjZCcDPsw6dVoxWXBxuyQ8e/TkhhDX0Du0v1d9ZTPug=
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
etag: "3d7f7a60216d40dea48e495fef6903c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://creative.avtub.chat
cache-control: public, max-age=7200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7de3373cdd15778f-LHR
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
expires: Wed, 28 Jun 2023 06:34:10 GMT

GET
H3 200 jquery.min.js Show response
shavetape.cash/js/ Frame 28B6 86 KB
31 KB 27ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 501
etag: W/"5fd64104-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onJaiY2MU8YKXXJtNXLtcO%2BzXxUtfuhQr9u5dVXhfCiHW6sp3ePBDP4AbQKtdjJFZNNGJjYSM318K3QJ3pAvvvqHs07fdVooF%2FECMIZsMnr2ocz794iii%2FPvp84pnMAvHmH76r4OzlWaUBu1TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7de3373c6f4ebb9b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 player.ec3b7d.css
shavetape.cash/scss/ Frame 28B6 31 KB
6 KB 54ms
54ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/scss/player.ec3b7d.css
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25030a9d025c1e8c6d1bc7a95152b7265ef6eade6ed5d568b4631b828dc5e0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Mar 2022 01:25:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7080
etag: W/"622bf673-7b0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkTMJIZrnkT7ZZQcj9SwXoL1iWFG1govM7fHWmwoZpkP0Ty4OGktAwME7zODf%2F8QkVzgEdZdemYgCoEzGGNVZJE%2F4eg%2BSK8zlrE%2BCv2z7Jbt5Z3%2FyMb1d3ptiHM1F72%2BQrlcKUrLlj3x47Slug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7de3373c6f51bb9b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bzAxZr0d44sPVpK.jpg
thumb.tapecontent.net/thumb/QXekmMpObWF006l/ Frame 28B6 68 KB
69 KB 103ms
29ms Image
image/jpeg 2606:4700:3038::6815:eb94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tapecontent.net/thumb/QXekmMpObWF006l/bzAxZr0d44sPVpK.jpg
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc577bfc3f61550d7a72f6867ca1151050e3ad935687f8b6b26039af1c40e3ef

Request headers

Referer: https://shavetape.cash/
Origin: https://shavetape.cash
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40803
content-disposition: inline; filename="bzAxZr0d44sPVpK.jpg"
alt-svc: h3=":443"; ma=86400
content-length: 69757
last-modified: Tue, 06 Jul 2021 00:17:54 GMT
server: cloudflare
etag: 41e7caf914b5
allow: OPTIONS, GET, HEAD, POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zlumta7PCKxNcQY0Jz25Jyd%2FV3g8FovfsmGoFP3ZiMX%2FBoDr2T8hxKglLM3euOOaemPqqsRByJEWSbTm6bkr402upkB60ht1dUzkg5wP8yH2fX5%2F9gGb51F9CigJ%2BUPDnGjEt6kLPWm4KOV0bAAiTuNoM7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
cache-control: public, max-age=259200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7de3373cef7018b7-FRA
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
expires: Wed, 28 Jun 2023 05:43:39 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 28B6 884 B
906 B 100ms
42ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0442005abdb312a39349653fbee57235fedce3438bc24f5ef43d0975985c677

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Wed, 28 Jun 2023 04:34:10 GMT

GET
H/1.1 200
OK 58191 Show response
lh.limosiwooable.com/gYdKnf9ZCZ8QXhl9/ Frame 28B6 6 B
1 KB 137ms
34ms Script
application/javascript 23.109.82.96
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://lh.limosiwooable.com/gYdKnf9ZCZ8QXhl9/58191

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.82.96 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://shavetape.cash
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires

GET
H2 200 ippg.js Show response
acscdn.com/script/ Frame 28B6 120 KB
40 KB 85ms
27ms Script
application/javascript 2606:4700:e6::ac40:cf25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acscdn.com/script/ippg.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd24852e5205f003235e4bb5419435b4839f8e81c3ca29c4e1391f45b5a5e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1094
x-guploader-uploadid: ADPycdt7T01dcRPqaaCL9MN8kM8jkgrWizHqpXv7Fn7hBQAyTTJsA-I5K-yn1t3XRrXS31wrnMoNjX9p6fVMF4iFEWzufg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 May 2023 12:30:59 GMT
server: cloudflare
etag: W/"9fe719dd6f79fe55a5eb8bb18d8ebb9b"
vary: Accept-Encoding
x-goog-hash: crc32c=awDDpA==, md5=n+cZ3W95/lWl64uxjY67mw==
x-goog-generation: 1685449858943240
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VARUkcHrSYWC3q4BN89y0wyk94MNStpKKSflk3lihyXypvJk1VoI04cvhmkIO%2FHTwnKbpgD6WJXSEwd2A%2BZ1ceFKja2Jv4y90e8URyG8mJ29tvt9u1ITWAFftzc77okq5iGTpK9ffqw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 123143
cf-ray: 7de3373ccfdd1e1c-FRA
expires: Wed, 28 Jun 2023 05:11:02 GMT

GET
H3 200 player.ec3b7e.js Show response
shavetape.cash/js/ Frame 28B6 145 KB
41 KB 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/player.ec3b7e.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 09:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2975
etag: W/"601bbf3c-2423f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nqr2rBn2%2BmQffjmNgxKwri8sbPhFVbhcEBKPQR7VzeFPYkvw7eco39uIAUI3kjV8%2BJvuseybFuQrD3jIQsmqxiVPXhpCKfjYD7CybGGRLjeL2bFTG3GyCjfJgSxzkXpIXN0HTHa6K9%2BZqkLIHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7de3373cd80ebb9b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 models Show response
go.avtub.chat/api/ Frame 9075 9 KB
2 KB 90ms
35ms Fetch
application/json 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.avtub.chat/api/models?tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&forceClient=1&stripcashR=0&limit=6&usePreroll&webp=1

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

8d88a6e546d4a9ccbff42c60b1ec7ad16cd083296c89fd65aeebb1265721fbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Caddy, nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://creative.avtub.chat
access-control-allow-credentials: true

GET
H3 200 player.svg
shavetape.cash/ Frame 28B6 5 KB
3 KB 24ms
24ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/player.svg
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/js/player.ec3b7e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 18:16:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2974
etag: W/"5fc6889b-15ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bgi3gVT9lM4z57xnSV4cWEytbnWeUPOeJ%2F8oMzLPeag6S7JLGogIPrhqXnkGgwEBxurJUB8HkXXB5xQOyHkvuD7IkQ6GB2L%2F2CSBQ0ryIsTMZLkTyxQhaYNTprH%2BfhKaC3HrbO3XEodZlQhY1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=259200
cf-ray: 7de3373d586bbb9b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 28B6 4 KB
2 KB 74ms
27ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/js/player.ec3b7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 04:34:10 GMT

GET
H3 200 vxzx3gAoWgI41lx.png
thumb.tapecontent.net/channellogo/ Frame 28B6 4 KB
4 KB 72ms
29ms Image
image/png 2606:4700:3038::6815:eb94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tapecontent.net/channellogo/vxzx3gAoWgI41lx.png
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:eb94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc43892dde655c96cdd8f2c78c4912486d1768e4f3f7e3dc7b3d010f35108397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158957
content-disposition: inline; filename="vxzx3gAoWgI41lx.png"
alt-svc: h3=":443"; ma=86400
content-length: 3653
last-modified: Tue, 20 Jun 2023 07:20:55 GMT
server: cloudflare
etag: 6a91ce280747
allow: OPTIONS, GET, HEAD, POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfDVqeHuheeD2bH7%2BCGVpkj4cETh%2F1xNvMkIsk8NVcjoBgLQi24oAab%2BwD8JpmE2rLOAvkehqMtIT19%2BgOxjRuuaYOcbPP5piiSbghpGHW4KvKtbj1VBjy6pAMSVtF8fUcnGE7Q9%2BahzPHW0PyqF7KLNHWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
cache-control: public, max-age=259200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7de3373dafa61c79-FRA
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
expires: Thu, 29 Jun 2023 07:21:04 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 28B6 214 KB
74 KB 242ms
117ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-1249b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74907
expires: Wed, 28 Jun 2023 05:34:10 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 28B6 430 KB
173 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shavetape.cash/
Origin: https://shavetape.cash
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H2 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame A07A 239 B
591 B 133ms
70ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de3373df92c9bdd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cq5JjkS771R773RQcoU3vcNZQt8qYBMH%2FScm99wEnn%2F355xIyK5gitpuBpiBWlmTTEm6DA4CZgpuJx%2FOa4E06gQ2kSktwbPO23tkWxfQzvlFb%2FgHbZ4SOKIs2ktaTWOJPnlGUX5IVdMQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame 3796 233 B
596 B 110ms
46ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de3373e0f6e9b70-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmM90cV33HEXhHvg2Ls%2FA7bEfFf4qavCh33x9k0HunMtLmhJ2fz7wrjR%2BpfOKT6gsau2Ofvj%2B6zLT13ASMgiwkgAZVJu03ubtCvGpH%2B9g73tE%2F%2FKubhwEJKKDVbozpyeeoFwgdaYHVg3I1GAk00%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
BLOB 200
OK a9ef2550-381a-4ac0-b2a4-de32625ee13e
http://66.29.129.121/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://66.29.129.121/a9ef2550-381a-4ac0-b2a4-de32625ee13e
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 81ms
37ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:16 GMT
Server: cloudflare
Age: 46941
ETag: "-375139978"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7de3373e5ee03735-FRA
Content-Length: 4547

GET
H2 200 118460832_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 8 KB
8 KB 128ms
38ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/118460832_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac4e0b959e8a32dd6bc031fe49d92736ff3f8b0615d22b24d251e0bb674bbc1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:36 GMT
server: cloudflare
age: 25
etag: "789c1de7b97cceb49be5f897f01a8bb5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd6b24e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 7944

GET
H2 200 112594207_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 11 KB
11 KB 177ms
87ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/112594207_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56207b9b2cf2d4dcbd989263a6cabe5b90f9751c73e6210fe32746c2b5a67e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:35 GMT
server: cloudflare
age: 50
etag: "9384b592e78879dc2d3a9647a7060be8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd6c24e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 11494

GET
H2 200 117601898_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 25 KB
25 KB 146ms
56ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/117601898_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ba86bb9faea1a66b251938f0397a3a770d8bf27f87621ede0cade71af1fb3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:44 GMT
server: cloudflare
age: 32
etag: "aa931f23a48887130da442c86219dd5e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd6d24e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 25372

GET
H2 200 117978234_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 16 KB
16 KB 176ms
87ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/117978234_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0992c99d1e488db0b9d6870d86b1f48d95afe7a4c708b74ff7ef4fd95ad4a487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:27 GMT
server: cloudflare
age: 38
etag: "63de949062d98d6d8b7b03869b62c71d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd6f24e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 16172

GET
H2 200 115956223_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 9 KB
9 KB 177ms
87ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/115956223_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba75456c77b1ac67e0b1473935400525584cc706b1fb865eaf0c86977b6db63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:51 GMT
server: cloudflare
age: 25
etag: "c74b808371d20d1d88ec51eb207717df"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd7324e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 9072

GET
H2 200 94932814_webp
img.strpst.com/thumbs/1687926780/ Frame 9075 17 KB
17 KB 171ms
81ms Image
image/webp 2606:4700:311f::6812:3f7c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.strpst.com/thumbs/1687926780/94932814_webp
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:311f::6812:3f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84cb69cf14b75df345d0d72c6e8b2f8ab98db2f5ae7f7259bbdccd561e18e015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jun 2023 04:32:23 GMT
server: cloudflare
age: 38
etag: "fd1f650aaa3598bd0417eaf71a18064b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800, s-maxage=1800
accept-ranges: bytes
cf-ray: 7de3373edd7124e3-LHR
alt-svc: h3=":443"; ma=86400
content-length: 17772

GET
H2 200 abc.gif
go.avtub.chat/ Frame 9075 103 B
103 B 39ms
38ms Image
image/gif 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.avtub.chat/abc.gif?campaignId=widget&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d&modelsLimit=6&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=6&segment=hls-newAPI&landing=WidgetV4Universal&referrer=http%3A%2F%2F66.29.129.121%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A276.4000015258789%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A103.70000076293945%2C%22duration%22%3A28.39999771118164%2C%22transferSize%22%3A4440%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A103.79999923706055%2C%22duration%22%3A87%2C%22transferSize%22%3A80338%7D%5D&mh=2026025813

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creative.avtub.chat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
server: Caddy, nginx
content-length: 103
content-type: image/gif

POST
H/1.1 200
OK admin-ajax.php Show response
66.29.129.121/wp-admin/ 15 B
714 B 263ms
263ms XHR
application/json 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-admin/admin-ajax.php

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/wp-content/cache/wpfc-minified/llfm7cvl/g05ft.js

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

506bcda264baca0702046997a26356c3ba1643e079a8481ee1a3d9078cdacb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff, nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding, Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://66.29.129.121
Cache-Control: no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 SSIS-724-e1687520657142.jpg
imgavtub.com/wp-content/uploads/2023/06/ 23 KB
24 KB 28ms
26ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/SSIS-724-e1687520657142.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9231df27aec97bf0661deb2c1e2c963b62701bc7f84b429880ddb41870906aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 23716
last-modified: Fri, 23 Jun 2023 11:44:17 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAuypcBedr37muiDBb5QO7WXkONyj46s%2BDSnExx2ZBheC26DIL5RMjizVIK9FrXj%2BDFHE1mgpMpfMrlde8zlMGMXXbhEfsz%2BSrms5Fk8QcJUVH0reue4zRxkeuXMhDthxtKLuNMuJ7cs6z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f01941-FRA
expires: max-age=A10368000, public

GET
H2 200 SSIS-687-e1687520523880.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 54ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/SSIS-687-e1687520523880.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b74990ecd401fa9dece31bd5d26f1d8c9c06fe77c15dd6a2a07756f16c3756d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24073
last-modified: Fri, 23 Jun 2023 11:42:03 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAJQvfwx%2FLUS2tsk8Qb9fxupZlV7x9Q1k4ynCbUzr9iJ%2F6FxJYU7cyVYWbjqzHgAf815NRYffUVGFJtzz%2BgBtizwOAOiyvIaUH9T%2Bvq93bbBrfKuEyaxE1KYcnRSKahW6nrjBOSQ%2BEfkccU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f11941-FRA
expires: max-age=A10368000, public

GET
H2 200 ADN-471-e1687518103438.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 54ms
51ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/ADN-471-e1687518103438.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b587ceaa736f21fc3f5d1bcf68ed4ec5ad11154e4d3d5af5df7e71fdff7719

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24620
last-modified: Fri, 23 Jun 2023 11:01:43 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRU55maw2VR%2F1k0osYOFcoorJAZKw0C49h83KrNAzcoJvuSGYF2cwwScPMJ4Fbn7tcpUW69J0Az4MDcgJGf8kI0z%2B61BdJebCbxPBesEL0MvQg8UUF6100A4MqiAQbUhW8tsEutgNmnAPMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f41941-FRA
expires: max-age=A10368000, public

GET
H2 200 SSIS-719-e1687517792285.jpg
imgavtub.com/wp-content/uploads/2023/06/ 22 KB
22 KB 32ms
30ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/SSIS-719-e1687517792285.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a30c96ba74e17953b8c97620dc33fb09a6006af9867a1053fc68ac42c1c001

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 22245
last-modified: Fri, 23 Jun 2023 10:56:32 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxt5%2FDGPLU8XLggDANRgFST2JUv%2BHBm8d7aBGXgS%2F2jJdwG1C2GNwEvC2raCawcTUSipkpdopvSyEY0RvPyqxi4tY25glbvB0%2BNF0O5xZJgyHIBv0KFNbw%2BW%2BOmyWpPHVZRC%2BAEjEdZtjIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f51941-FRA
expires: max-age=A10368000, public

GET
H2 200 FSDSS-615-e1687517647233.jpg
imgavtub.com/wp-content/uploads/2023/06/ 22 KB
22 KB 54ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/FSDSS-615-e1687517647233.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b4f7785d4c603f7bcc72f13265ce9839b0d7c7c3be2c4b0beb224c874339ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 22480
last-modified: Fri, 23 Jun 2023 10:54:07 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAG3thz1hSxaSEhzeemjDmPrwqb9U2M1jjtvhIw45XT5ishXgpkV70obIW6X2yL9fiuiLBGmlW0nlOGeRVy1CrnQOvCcsxpCeplqKgO4b9Z2n7c1zFelqyDouzyxXLysHbQ5G9KVGcjvYmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f61941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUFE-467-e1687517422414.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 51ms
49ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUFE-467-e1687517422414.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6688ee4c007918a1f7b037b21ba2ee4bd68c61c0c8e91cc63a9871bb43015fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24593
last-modified: Fri, 23 Jun 2023 10:50:22 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRCxajv16gFSZuBEk5SLz2X3HMHEmGCbUpyoAHLqOjY5jH7wnncz39xfgx94CodEvv94HIVFyuEOGfGzt5S%2BrgUs3%2Fn3R4J%2FApvhAFCCD68f4Ze%2FPTMTtUhBCuPWyooaoHt7YFNfXtCR9ec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f71941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUFE-449-e1687517258738.jpg
imgavtub.com/wp-content/uploads/2023/06/ 25 KB
25 KB 36ms
34ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUFE-449-e1687517258738.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50d909d850d2cb2d3a40371933e8f15f60df8a1ef7bf7d01e10a87221e66b348

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 25393
last-modified: Fri, 23 Jun 2023 10:47:38 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcmw47xlx%2BuS%2BOrF9G0uL3ZIVp1rK2%2BKJKsijFia4DK5PNG8kvDYtdATnU364Dp08Q6QSMpqgKq5U25pnM2nh%2BAOCErWW8QFga%2BSTgcUEEKjiXH3Khq1A6XGAu1diyAt481g4M4nfSAttmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69f81941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUQ-230-e1687517052850.jpg
imgavtub.com/wp-content/uploads/2023/06/ 26 KB
26 KB 53ms
51ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUQ-230-e1687517052850.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871c2640efa970049a3a0e908f248b9756afa5d76251c61cee98c00e4395a58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 26181
last-modified: Fri, 23 Jun 2023 10:44:12 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijL243Rp%2FXrAn1EicHiEUboBXKvtIgxGYgtRVB78Uk0z%2FDTonAbfiyX%2FjZ8Bhv6NRN7LzmNTSIs724YwVncfovG9dZ2xpthFdEHTZVLZsc%2F7iW8qm40tJflgEb3VPvRIs%2BCXg7LKLe%2Buw5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69fa1941-FRA
expires: max-age=A10368000, public

GET
H2 200 IPX-939-e1687516858116.jpg
imgavtub.com/wp-content/uploads/2023/06/ 26 KB
26 KB 48ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/IPX-939-e1687516858116.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6424aa28643b172ff9803b606a9b03b5b9c4db222817fb5c6f0b0f6c498584e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 26134
last-modified: Fri, 23 Jun 2023 10:40:58 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc18Jqvp2szRzARfKW%2FCJGrw6T9DRGMGOulPRW%2B%2FDd2C7jMHC1mG%2BdiVDDcXZX1fZp0hQpogLBiYGJOpN%2BD4NL7ZTy6cbTHeHi5uQXNhRpkmAabg%2F4Jz5S%2BhobJFt4JZu0BoUNYUk3YW230%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69fc1941-FRA
expires: max-age=A10368000, public

GET
H2 200 ATID-556-e1687515404687.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 52ms
51ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/ATID-556-e1687515404687.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 760c719d3adc61af9f7577224fede14b9d258211edd9ed13185ca2cfe2acd1db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24721
last-modified: Fri, 23 Jun 2023 10:16:44 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGhUvSW9rxTc3Dmb6i14gScc2TofQOfZVsAsCW0V7S1ezCe57v7Pf13psXqskpp3pBUaXUn8AhpEqfl8a36Up2fwXEtJrSD0z40OOG7gPfxcm2CwUjtBoozd%2FSl%2BFbvi70ky7DNPi7eUJxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e69fd1941-FRA
expires: max-age=A10368000, public

GET
H2 200 MEYD-801-e1686823983484.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 54ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/MEYD-801-e1686823983484.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b4d9dd64f031a94ac8785d363a4713d83ad315bd0dc2149a976f529aeecdab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24438
last-modified: Thu, 15 Jun 2023 10:13:03 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koDnn2TkXJvMx%2BZrLnC2SRQDKXymd4u33qgrUCAzP3QkroznutqO5onM1%2F5h0ZWJoxsl918pImu2c8p1xivbEg%2BlVCJ97EVAXOVs4S7E%2Fl0gs33t8y7w6zZ7A9q12FIBc4tqJdMcUN6Y5%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a0f1941-FRA
expires: max-age=A10368000, public

GET
H2 200 ALDN-137-e1686823828589.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
25 KB 55ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/ALDN-137-e1686823828589.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e274fb53edc565250a43d62ce9c2e1669ce99fb405e260d993e048d90ab5ca02

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24935
last-modified: Thu, 15 Jun 2023 10:10:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcmjqU%2BCBrr%2FCxkQGcS5DLHXv197nwc3tAiBnQqTTr0BzSiefJoiDYGPoD%2FjJgwsqT0G3wQAoVWL7d5Iq%2BoBuhBQVHaKDfP2%2FiYAYnU1VKc3d4S1pNgbYy3nUq0wFHAbrzfp5w7MojYKNts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a101941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUQ-214-e1686823401579.jpg
imgavtub.com/wp-content/uploads/2023/06/ 25 KB
25 KB 55ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUQ-214-e1686823401579.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce43154a98d9858759c53137f7cb7202bfe1a1a617e1fed2eac6da1e6867b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 25321
last-modified: Thu, 15 Jun 2023 10:03:21 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yr3q%2FtuIKt2B8URfxBNcIfFT5Pp6tmjVr1fOZWXzRa61h%2FODcToX590AIwMHUvuFftHMglTt9P3PxBQYQkooOJ8OqTtf6KH972%2BZP8BcwBI%2FpYFb%2FUwMep3DpZj7AXZX9Pd%2FWEpqCo0lzE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a111941-FRA
expires: max-age=A10368000, public

GET
H2 200 HND-965-e1686823319620.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 55ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/HND-965-e1686823319620.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b5105ab8877910f6001afe130e0d5cd8dab76b8f31838e99d549a0efa0a1578

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24497
last-modified: Thu, 15 Jun 2023 10:01:59 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fs4hIcDUf4xc9Y79HQh7OsRZqH%2BL%2FzerbDhz4TDnMGud4276X3GWyIL%2F%2F2Bc9Dvn0GA0TnAQcmVIcwparRZ37hOtK6msPanywiqOAUwaxcZZV0tKXEs%2BTgS6fngVOLcVqKDbUr2bzkT4w3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a121941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUL-192-e1686738508489.jpg
imgavtub.com/wp-content/uploads/2023/06/ 24 KB
24 KB 56ms
55ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUL-192-e1686738508489.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b97cfe9863cd6e871988bb15cf6cccd583682c98b861702cc355a1cdcadc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 24641
last-modified: Wed, 14 Jun 2023 10:28:28 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTQRXEfS%2BjCRDvjJwvG2A5crEbDhWEYR0BKcTkFQ9xhMqnPLWTKmlxkukcN9Q4sMJhi6f0ITV8MTPKcutq39IhGyAOXQMPSI%2B%2FeBfnRlQCWPp8aVK3If2E4WeP7%2FG9ajg%2BqdEMNLmcQTHeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a131941-FRA
expires: max-age=A10368000, public

GET
H2 200 JUL-469-e1686738350106.jpg
imgavtub.com/wp-content/uploads/2023/06/ 26 KB
26 KB 54ms
52ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/JUL-469-e1686738350106.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f83190b7e2ac5c98d9c8527e7b5cc5e7a3905f5f90f33e2fa86780fe2b9e5fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 26393
last-modified: Wed, 14 Jun 2023 10:25:50 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7idNIX1MJWprSxkRs0Quyf%2FB%2FB3R%2Fd%2FULFjCLAx%2FTZPzpJuPKZ36pXn7qK9R8ukfal32uN0XXNJQ54UN45kfR%2BO0gtcZrqD1llwiELRlO4l%2Frs9PX3WubL3YLcXQa5vsAbhhr5gkYwNv6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a141941-FRA
expires: max-age=A10368000, public

GET
H2 200 SSIS-400-e1686320880813.jpg
imgavtub.com/wp-content/uploads/2023/06/ 25 KB
25 KB 54ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/SSIS-400-e1686320880813.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b4d39644d52fbdf6ee33a3fd7634e690339446e406d7ac9444c2d86743378d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 25170
last-modified: Fri, 09 Jun 2023 14:28:00 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YX7BSFA%2BUdESggToU5H64XDC%2BNjhKf29rXQIiOx1IJpptf0zzGKwueyKV1q7YtQSldfM%2F4uEJ8u42rE%2F8qhDN6RYdKgQVo4u%2BPRtFWUEtLW2N4lIwVfisc2aAsZlASujXNPdIAs8FVaq8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a151941-FRA
expires: max-age=A10368000, public

GET
H2 200 IPZZ-046-e1686318997399.jpg
imgavtub.com/wp-content/uploads/2023/06/ 25 KB
25 KB 54ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/IPZZ-046-e1686318997399.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed86f2f3ea57cbd7006ec8ea8144339c295be9b608bfac424ac3576b906f10be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 25643
last-modified: Fri, 09 Jun 2023 13:56:37 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OO2bKQ6NknjL0lyqrULQlNc3Qi%2F93ApEW6TfExbxFnid1bkBBLMLDAtCzHpv2ZxuMEOSoqtDsYEEanoZOgR45x%2FKHEviCYTxbrYSEBMljvL1CytS%2FfzdFlPCkik8LbMmJIg5W9LGEchx7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a161941-FRA
expires: max-age=A10368000, public

GET
H2 200 ADN-448-e1686318865862.jpg
imgavtub.com/wp-content/uploads/2023/06/ 23 KB
23 KB 54ms
53ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/ADN-448-e1686318865862.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1bf25516f0e6b5e068fa157b41b93407986f41718181f8d053cbf78cb60320d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 23163
last-modified: Fri, 09 Jun 2023 13:54:25 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dBJH015RuV%2F760DnRdi7RNg24JH%2FF6CiK2e0afMbJffJbYzuleHyCgbdoyKotnhO6oYGiII0AE6GV%2BsEBWbdvp1lOctz8okNNXl%2FzxUX8HjmmlkkqampgyhcMML4OWE%2BprsaCzQaae4kZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a171941-FRA
expires: max-age=A10368000, public

GET
H2 200 VENU-915-e1686318723905.jpg
imgavtub.com/wp-content/uploads/2023/06/ 26 KB
26 KB 55ms
54ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgavtub.com/wp-content/uploads/2023/06/VENU-915-e1686318723905.jpg
Requested by: Host: 66.29.129.121
URL: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4482b6cbc143ded22585796ee0f070606d6288bdffe8beefa5e955f8b85b3bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 291
alt-svc: h3=":443"; ma=86400
content-length: 26405
last-modified: Fri, 09 Jun 2023 13:52:03 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2jaI1uz4zjse8xYBKp3QvvyZcpJUGJC1Z6wfodfksxFPGoe7m934llkOL7DBPJYRlFVdqbdWw%2FS4ZshcFXT2npl%2F7jwzXZORcktVUkyRoWH%2FyeBbezkeHfX9N2EgKdfor8qOHuYHD3FdWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7de3373e8a181941-FRA
expires: max-age=A10368000, public

GET
H2 204 push.php
youradexchange.com/script/ Frame 28B6 0
0 209ms
147ms Fetch 2606:4700:e0::ac40:6c19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/push.php?r=3104439&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2F66.29.129.121%2F&cbref=
Requested by: Host: acscdn.com
URL: https://acscdn.com/script/ippg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6c19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfUQQYwQGzPvav0NUmfbBmMh6KmLyYOrkRfqv2B4K7eZBNRzk6xw6VY%2B0PomaxjStYDTri4WD6n%2BJnbML82Cixc1nq%2F96gkNKhCuF52Rm0tFiUjg9FRb8Q4Tw1DCUb8oKWkXoMFuXddcnZv6kmHz49w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7de3373f08981d8c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0312 50 KB
28 KB 45ms
43ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oi0lhjju0gmh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

452123498c2780c80d5da8012fe901b32df9f8131053cc5c0da635fb0cc583d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pAzOqakEtTcYiF_XebzKCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28130
content-security-policy: script-src 'report-sample' 'nonce-pAzOqakEtTcYiF_XebzKCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 04:34:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

5908725 Show response
feeloshu.com/4/ Frame 3796
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
https://feeloshu.com/4/5908725

1 KB
2 KB

101ms
33ms

Document
text/html

139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://feeloshu.com/4/5908725
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 12f9024d761eadeaf696161158cf272bc05b3d08f172a688c366d9a9ffbb221a

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://a.adforcast.com
Referer: https://a.adforcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 28 Jun 2023 04:34:11 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://qr-captcha.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 43313723efeaaa0920f0cc59f35747d4

Redirect headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 04:34:11 GMT
Location: https://feeloshu.com/4/5908725
Pragma: no-cache
Server: nginx

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame A07A
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

350ms
109ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 04:34:10 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de3373fba5a9bdd-FRA
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:10 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y8YGl0VKoJwBwLlwhHS53otdUjsFPXuehwtboL08dsgtwb%2FzuJpIMMPGBf%2FKX5Ba6jJJpfffZNl%2FHGDpDFSdMmmXXwyyvLs2ESO7rQnIWN3MXOqLO9QUkJH6xT842h0nhH4v3aOxbsETw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 338ms
110ms Script
text/html 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4735590&@f16&@g1&@h1&@i1&@j1687926850509&@k0&@l1&@mOm-om%20Ngentot%20Tsukasa%20Aoi%20sampe%20puas%20-%20AVTub&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:129573327&@b3:1687926851&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F66.29.129.121%2Fom-om-ngentot-tsukasa-aoi-sampe-puas-61544.html&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: 14e2551da059af186e1ccd29766ba185055c2e615591ee4af7ff1aedc0ff6ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://66.29.129.121/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 0312 55 KB
24 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oi0lhjju0gmh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 00:44:03 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 0312 430 KB
173 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 21:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176663
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 18:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 21:08:38 GMT

GET
H/1.1 200
OK 131-1573234881-0400442001573234881.gif
i.jads.co/network/user1037/ Frame 287D 105 KB
105 KB 70ms
20ms Image
image/gif 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i.jads.co/network/user1037/131-1573234881-0400442001573234881.gif
Requested by: Host: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=1010922
Protocol: HTTP/1.1
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 7e4f32b8a7519aa3834b3245cc920f28722836af656145efd471316d7a221786

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
Last-Modified: Fri, 08 Nov 2019 17:41:21 GMT
ETag: "1573234881"
X-HW: 1687926850.dop210.fr8.t,1687926850.cds278.fr8.c
Content-Type: image/gif
Cache-Control: max-age=818160
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 107022

GET
H2

200

1 Show response
mc.yandex.com/watch/61426822/ Frame 28B6
Redirect Chain

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=che%...
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=ch...

447 B
530 B

61ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A454%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A95055361926%3Ahid%3A673864865%3Az%3A0%3Ai%3A20230628043410%3Aet%3A1687926851%3Ac%3A1%3Arn%3A110004205%3Arqn%3A1%3Au%3A1687926851737596518%3Aw%3A1070x602%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C42%2C97%2C52%2C0%2C0%2C%2C320%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1687926849707%3Arqnl%3A1%3Ast%3A1687926851%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ec59ef681a146014fd4b8a5f6f604262a986adffd4549baa34f2d6b87e76f149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 28-Jun-2023 04:34:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 04:34:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28-Jun-2023 04:34:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FQXekmMpObWF006l%2FSSPD-130_Tsukasa_Aoi.MP4.mp4&page-ref=http%3A%2F%2F66.29.129.121%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A454%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A95055361926%3Ahid%3A673864865%3Az%3A0%3Ai%3A20230628043410%3Aet%3A1687926851%3Ac%3A1%3Arn%3A110004205%3Arqn%3A1%3Au%3A1687926851737596518%3Aw%3A1070x602%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A10%2C42%2C97%2C52%2C0%2C0%2C%2C320%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1687926849707%3Arqnl%3A1%3Ast%3A1687926851%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 28-Jun-2023 04:34:10 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 28B6 43 B
114 B 63ms
59ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 26 Jun 2023 10:04:21 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64993875-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 28 Jun 2023 05:34:10 GMT

POST
H/1.1 200
OK admin-ajax.php Show response
66.29.129.121/wp-admin/ 25 B
722 B 258ms
257ms XHR
application/json 66.29.129.121
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://66.29.129.121/wp-admin/admin-ajax.php

Requested by

Host: 66.29.129.121
URL: http://66.29.129.121/wp-content/cache/wpfc-minified/llfm7cvl/g05ft.js

Protocol

HTTP/1.1

Server

66.29.129.121 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

Software

nginx /

Resource Hash

834da651ddf4f56b04c33b25be385a6b1180fe36990e02c25f90004038546d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://66.29.129.121/om-om-ngentot-tsukasa-aoi-sampe-puas-61544.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 28 Jun 2023 04:34:10 GMT
X-Server-Powered-By: Engintron
X-Content-Type-Options: nosniff, nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding, Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://66.29.129.121
Cache-Control: no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 view Show response
go.avtub.chat/thumbs/ Frame 9075 601 B
631 B 30ms
29ms Fetch
application/json 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.avtub.chat/thumbs/view

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

b1e0aab25365def3bcd38c40be0e72d9a4e7ede420f3070c9bbf02c37d52ecdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://creative.avtub.chat/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://creative.avtub.chat
date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
server: Caddy, nginx
content-length: 601
content-type: application/json

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0312 2 KB
2 KB 30ms
30ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 15:17:24 GMT
x-content-type-options: nosniff
age: 393406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 30 Jun 2023 15:17:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0312 15 KB
16 KB 81ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 358752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 00:54:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0312 15 KB
15 KB 86ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 29433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 20:23:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0312 102 B
133 B 41ms
41ms Other
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=IqA9DpBOUJevxkykws9RiIBs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=IqA9DpBOUJevxkykws9RiIBs&size=invisible&cb=oi0lhjju0gmh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 28 Jun 2023 04:34:10 GMT

GET follow-me
superchat.live/spl/ Frame 9075 0
0

POST
H2 204 checkDomainResult Show response
go.avtub.chat/ Frame 9075 0
16 B 28ms
28ms Fetch 45.131.145.132
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://go.avtub.chat/checkDomainResult

Requested by

Host: creative.avtub.chat
URL: https://creative.avtub.chat/widgets/v4/Universal/main.3776e808206b67b18442.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.131.145.132 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

Caddy, nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://creative.avtub.chat/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://creative.avtub.chat
date: Wed, 28 Jun 2023 04:34:10 GMT
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
server: Caddy, nginx

POST
H2 200 img.gif
my.rtmark.net/ Frame 3796 43 B
505 B 93ms
24ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=eb48f9d3ebbe44e7baffad1f5a045eec

Requested by

Host: feeloshu.com
URL: https://feeloshu.com/4/5908725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://feeloshu.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
qr-captcha.com/ Frame 3796 20 KB
5 KB 173ms
105ms Document
text/html 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/?t=0&ymid=697778390010441844

Requested by

Host: feeloshu.com
URL: https://feeloshu.com/4/5908725

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 04:34:11 GMT
etag: W/"50f6-188c4485de8"
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 animate.css
qr-captcha.com/Attention_files/ Frame 3796 78 KB
4 KB 122ms
105ms Stylesheet
text/css 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/Attention_files/animate.css

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=697778390010441844

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=697778390010441844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
content-encoding: br
etag: W/"1361f-188c4485de8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 qrcode.js Show response
qr-captcha.com/ Frame 3796 32 KB
9 KB 135ms
117ms Script
application/javascript 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://qr-captcha.com/qrcode.js

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=697778390010441844

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=697778390010441844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
content-encoding: br
etag: W/"80f0-188c4485de8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 new_free.svg
qr-captcha.com/Attention_files/ Frame 3796 2 KB
2 KB 106ms
104ms Image
image/svg+xml 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qr-captcha.com/Attention_files/new_free.svg

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=697778390010441844

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=697778390010441844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:11 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
etag: W/"609-188c4485de8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1545

GET
H2 200 loading.svg
qr-captcha.com/Attention_files/ Frame 3796 386 B
600 B 307ms
307ms Image
image/svg+xml 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qr-captcha.com/Attention_files/loading.svg

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=697778390010441844

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=697778390010441844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:12 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 16 Jun 2023 12:57:37 GMT
server: nginx
etag: W/"182-188c4485de8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 386

GET kkryk3xe0z
qr-captcha.com/w/ Frame 3796 0
0

GET
DATA 200
OK truncated
/ Frame 3796 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 bg.gif
qr-captcha.com/assets/ Frame 3796 152 B
152 B 74ms
74ms Image
text/html 139.45.197.167
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qr-captcha.com/assets/bg.gif

Requested by

Host: qr-captcha.com
URL: https://qr-captcha.com/?t=0&ymid=697778390010441844

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.167 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qr-captcha.com/?t=0&ymid=697778390010441844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:34:11 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3796 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b01826dd217251b917d4dc011b40b52b2b36991a16c9cb203952be805c369e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 31KJb9y Show response
a.adforcast.com/sub/ Frame E92D 234 B
576 B 72ms
72ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/31KJb9y
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/QXekmMpObWF006l/SSPD-130_Tsukasa_Aoi.MP4.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c00057ff8dae0cdcc3c4732a8130c8697a9db345b122493e7661f2c2254454

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de337638b38906c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxHywNesWiCpaSdtGCgYkOCRi6Un1Ay4%2FMgdgajNKhqYnZaG6%2BVUE%2FytyGhGcP4AjFCKH1hd4oXmIKHyB3WOBjb8lQqgAaoIWYnusoeDW2i2u7ZW30Fy5Sdr9hapGT25CP2B8bcsFxWU%2BfhSawg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

redirect Show response
xml.zeusadx.com/ Frame E92D
Redirect Chain

https://a.adforcast.com/load
https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132

0
165 B

402ms
113ms

Document
text/plain

174.137.133.17
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://a.adforcast.com
Referer: https://a.adforcast.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 28 Jun 2023 04:34:17 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de337669d00906c-FRA
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 04:34:16 GMT
location: https://xml.zeusadx.com/redirect?feed=537084&auth=jIoTIN&pubid=163132
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSRRQwHIiWCKSXFmFGSsS4wAmsOBmIrXE%2BPe%2BlD20kWkNEA8Th7EJERMIeeTAcVM9edMxdzTjX%2FI3l6CQK%2FYh2j0c8jvKBo1ukGED22wGX%2FaFGQUeYsZZ0GrgAT1yignIDf0Y5hGvKYETX1h9i8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: http://poweredby.jads.co/adshow.php?adzone=1010922

Domain: superchat.live
URL: https://superchat.live/spl/follow-me?checkUrl=1

Domain: qr-captcha.com
URL: https://qr-captcha.com/w/kkryk3xe0z

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lh.limosiwooable.com/	1970-01-20 12:53:33	Name: GL_UI4 Value: eJw9jd1Og0AUhPmnakEn4QF8BNZS6a3xIbwkh91TioXdZlkhvr0bE72aL5NvMkEQRNUjwjVLEH%2FREc9K1lSfuBGvUrXnU9MK2QpSrRDHl4OkA%2B7GpXPUT%2BwS7JaZrOvcmmA%2FsGY7yk4axQWevPXXXLXZdIK0t6RVgXT2xlQg763ZFrZVjETTzMjeL9b4TGf6NBaxEI3nUXsOa0RmqeLyHvnHqJUflntEoi7LLMDDbSJ3NnbuRpWFSAdLihG%2BYSfJ8WDsN3LFy9WZG2Am1f37v7%2FxJmpkitdR%2BnPjLmx%2FACxVTkg%3D
lh.limosiwooable.com/	1970-01-20 12:53:33	Name: GL_GI10 Value: eJwNw0EKwjAQBdDMX0QqVvjQA3iCQILQbkWlC09Ra5AumoRpUXp7ffCMMWgOxFR4DL513p9d8J0LgfImbndiTNz1UechbRStCU01ZfyfWD3i9o3P06Un0sLqmrVkHdZIKVaINVsQy6sxlI%2Fd%2FwCSZBZc
66.29.129.121/	1970-01-20 21:37:42	Name: HstCfa4735590 Value: 1687926850509
66.29.129.121/	1970-01-20 21:37:42	Name: HstCla4735590 Value: 1687926850509
66.29.129.121/	1970-01-20 21:37:42	Name: HstCmu4735590 Value: 1687926850509
66.29.129.121/	1970-01-20 21:37:42	Name: HstPn4735590 Value: 1
66.29.129.121/	1970-01-20 21:37:42	Name: HstPt4735590 Value: 1
66.29.129.121/	1970-01-20 21:37:42	Name: HstCnv4735590 Value: 1
66.29.129.121/	1970-01-20 21:37:42	Name: HstCns4735590 Value: 1
.shavetape.cash/	1970-01-20 21:37:42	Name: _ym_uid Value: 1687926851737596518
.shavetape.cash/	1970-01-20 21:37:42	Name: _ym_d Value: 1687926851
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1919586741687926850
.yandex.com/	1970-01-20 22:28:06	Name: i Value: tv1wt0D5yOWXLeMWeiXRKO4tJtrX6yCqiWqLne4m6t3241Q1NzZ3hboa0uSbEEEUQ3XBx78QQ2xDFpF/029SmcGTHYg=
.yandex.com/	1970-01-20 22:28:06	Name: yandexuid Value: 9185729911687926850
.yandex.com/	1970-01-20 21:37:42	Name: yuidss Value: 9185729911687926850
.yandex.com/	1970-01-20 21:37:42	Name: ymex Value: 1719462850.yc.1687926850#1719462850.yrts.1687926850#1719462850.yrtsi.1687926850
.shavetape.cash/	1970-01-20 12:53:18	Name: _ym_isad Value: 2
feeloshu.com/	1970-01-20 21:37:42	Name: OAID Value: eb48f9d3ebbe44e7baffad1f5a045eec
feeloshu.com/	1970-01-20 21:37:42	Name: oaidts Value: 1687926851
my.rtmark.net/	1970-01-20 21:37:42	Name: ID Value: eb48f9d3ebbe44e7baffad1f5a045eec

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://creative.avtub.chat/widgets/v4/Universal?campaignId=widget&tag=girls%2Fasian%2Cgirls%2Fchinese%2Cgirls%2Fjapanese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=31f4d4392459085e49a578c0991d85037d00150b5e64de5c5c6dac3af225317d Message: Access to fetch at 'https://superchat.live/spl/follow-me?checkUrl=1' from origin 'https://creative.avtub.chat' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://superchat.live/spl/follow-me?checkUrl=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://qr-captcha.com/assets/bg.gif Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adforcast.com
acscdn.com
avtub.red
creative.avtub.chat
feeloshu.com
fonts.gstatic.com
go.avtub.chat
i.jads.co
img.strpst.com
imgavtub.com
lh.limosiwooable.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
poweredby.jads.co
qr-captcha.com
s10.histats.com
s4.histats.com
shavetape.cash
superchat.live
thumb.tapecontent.net
video.ktkjmp.com
www.google.com
www.gstatic.com
xml.acertb.com
xml.popmonetizer.net
xml.zeusadx.com
youradexchange.com
zimpolo.com
poweredby.jads.co
qr-captcha.com
superchat.live
139.45.195.8
139.45.197.167
139.45.197.238
149.56.240.129
174.137.133.17
174.137.133.18
185.94.236.246
23.109.82.96
2604:9e00:1:129::2:b10
2606:4700:10::6814:41d
2606:4700:3038::6815:eb94
2606:4700:3110::6812:3015
2606:4700:311f::6812:3f7c
2606:4700:e0::ac40:6c19
2606:4700:e6::ac40:cf25
2a00:1450:4001:802::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a02:6b8::1:119
2a06:98c1:3120::3
2a06:98c1:3121::3
45.131.145.132
66.29.129.121
66.29.129.145
69.16.175.10
00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656
02b4f7785d4c603f7bcc72f13265ce9839b0d7c7c3be2c4b0beb224c874339ea
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0992c99d1e488db0b9d6870d86b1f48d95afe7a4c708b74ff7ef4fd95ad4a487
09b4d39644d52fbdf6ee33a3fd7634e690339446e406d7ac9444c2d86743378d
0b97cfe9863cd6e871988bb15cf6cccd583682c98b861702cc355a1cdcadc07b
0ba75456c77b1ac67e0b1473935400525584cc706b1fb865eaf0c86977b6db63
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
10a30c96ba74e17953b8c97620dc33fb09a6006af9867a1053fc68ac42c1c001
12f9024d761eadeaf696161158cf272bc05b3d08f172a688c366d9a9ffbb221a
14e2551da059af186e1ccd29766ba185055c2e615591ee4af7ff1aedc0ff6ba3
18d3e7ea0772f549390980173ed79cc0324a1bacd04f322b664f97f251383253
19c00057ff8dae0cdcc3c4732a8130c8697a9db345b122493e7661f2c2254454
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21eeef70cd3c30908f900f700725aa710c28444b310319f4fdb6862ca07b1642
25030a9d025c1e8c6d1bc7a95152b7265ef6eade6ed5d568b4631b828dc5e0db
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b01826dd217251b917d4dc011b40b52b2b36991a16c9cb203952be805c369e8
2b17f02db63529b2ba6fe67c320b69ff803b775b7bd6c70ce4809c5c660ab30b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
36b4d9dd64f031a94ac8785d363a4713d83ad315bd0dc2149a976f529aeecdab
36fd1f0a18265880f34538080f0566b1d68971e4d63dfffcd20e1bdefd6081e1
3bd24852e5205f003235e4bb5419435b4839f8e81c3ca29c4e1391f45b5a5e1f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4482b6cbc143ded22585796ee0f070606d6288bdffe8beefa5e955f8b85b3bc5
452123498c2780c80d5da8012fe901b32df9f8131053cc5c0da635fb0cc583d6
47ba86bb9faea1a66b251938f0397a3a770d8bf27f87621ede0cade71af1fb3d
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f83190b7e2ac5c98d9c8527e7b5cc5e7a3905f5f90f33e2fa86780fe2b9e5fc
506bcda264baca0702046997a26356c3ba1643e079a8481ee1a3d9078cdacb0d
50d909d850d2cb2d3a40371933e8f15f60df8a1ef7bf7d01e10a87221e66b348
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56207b9b2cf2d4dcbd989263a6cabe5b90f9751c73e6210fe32746c2b5a67e80
5a2f0cd843b9846f3e5107296d6958755b079d1cc774af8271a9cf5b4bbbb80e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5b5105ab8877910f6001afe130e0d5cd8dab76b8f31838e99d549a0efa0a1578
5ce43154a98d9858759c53137f7cb7202bfe1a1a617e1fed2eac6da1e6867b2a
6131f5efdbe799b465cc5e477c0a68dfcab8cc2eb157aacca5086e0cfa18e074
6372a51ef2a263502ea2191c0e9ac7a0d9822f9e81a068a7c5431368cff6e8c6
6641802b38de413be901d3ff3ae118ff845db8129b991ec526a269ec8cec38c5
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
760c719d3adc61af9f7577224fede14b9d258211edd9ed13185ca2cfe2acd1db
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7e4f32b8a7519aa3834b3245cc920f28722836af656145efd471316d7a221786
7e7b7cdda96164a66719f53dc754eb7de5bcd505c47c02126ceb7720c5b0beb0
81b587ceaa736f21fc3f5d1bcf68ed4ec5ad11154e4d3d5af5df7e71fdff7719
8259c3644caf2fd09052a55124ba089883412f8a39d133d1b6479b003397ec4a
82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5
834da651ddf4f56b04c33b25be385a6b1180fe36990e02c25f90004038546d16
84cb69cf14b75df345d0d72c6e8b2f8ab98db2f5ae7f7259bbdccd561e18e015
871c2640efa970049a3a0e908f248b9756afa5d76251c61cee98c00e4395a58d
885845403cad2b1e4dea133e2c03cadbf4f89c02fee19d33adbfd89eb16d27e2
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
8b74990ecd401fa9dece31bd5d26f1d8c9c06fe77c15dd6a2a07756f16c3756d
8d88a6e546d4a9ccbff42c60b1ec7ad16cd083296c89fd65aeebb1265721fbaa
919a1650792edc4d16b0e455bc5a85524563e655826653ce554229d22444e77c
9231df27aec97bf0661deb2c1e2c963b62701bc7f84b429880ddb41870906aa5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
a1bf25516f0e6b5e068fa157b41b93407986f41718181f8d053cbf78cb60320d
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac
ac4e0b959e8a32dd6bc031fe49d92736ff3f8b0615d22b24d251e0bb674bbc1e
aedaaa674ee2b65204a2982354ebf1d005aef71bdbcf86c13e998be29640b717
b1e0aab25365def3bcd38c40be0e72d9a4e7ede420f3070c9bbf02c37d52ecdb
b4f4d694ba25d4aa468b4a0129e6ac15535854cf09a40acfb72854a30f0dcf4e
bad26f37947717a5b9564dd23d44644d869182f7f9830bf5fae2dd26c16fa021
c0442005abdb312a39349653fbee57235fedce3438bc24f5ef43d0975985c677
c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430
c6424aa28643b172ff9803b606a9b03b5b9c4db222817fb5c6f0b0f6c498584e
c8a22d8fbcd0e099dd1f2693420144e4a87dadebdd60e6b11fd7c287f3ee0292
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cc577bfc3f61550d7a72f6867ca1151050e3ad935687f8b6b26039af1c40e3ef
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a
e274fb53edc565250a43d62ce9c2e1669ce99fb405e260d993e048d90ab5ca02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6688ee4c007918a1f7b037b21ba2ee4bd68c61c0c8e91cc63a9871bb43015fc
ec59ef681a146014fd4b8a5f6f604262a986adffd4549baa34f2d6b87e76f149
ed86f2f3ea57cbd7006ec8ea8144339c295be9b608bfac424ac3576b906f10be
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f42e9c9b1a1ed49015453967641155f18bbfb4aebab15a87d177961ad4e3777c
f71bad2e2d0028b647b3caa2c41e530ce279f5131460c28b52dab5b6b6423034
f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2
fa90fa264ed69923390314efae2b3c8a4290f40c51759173acea7d30782c668a
fc43892dde655c96cdd8f2c78c4912486d1768e4f3f7e3dc7b3d010f35108397

66.29.129.121 Open in urlscan Pro 66.29.129.121 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

99 Requests

77 %HTTPS

52 %IPv6

25 Domains

29 Subdomains

25 IPs

7 Countries

3195 kBTransfer

5843 kBSize

20 Cookies

0 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

66.29.129.121 Open in urlscan Pro
66.29.129.121 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

77 %
HTTPS

52 %
IPv6

25
Domains

29
Subdomains

25
IPs

7
Countries

3195 kB
Transfer

5843 kB
Size

20
Cookies

99 HTTP transactions
2 data transactions