urlscan.io logo urlscan.io
SecurityTrails logo

app.afterush.com Open in urlscan Pro
2606:4700:3036::681b:bbed  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Submission: On October 25 via manual from LU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3036::681b:bbed, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.afterush.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2020. Valid for: a year.
This is the only time app.afterush.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    2606:4700:3036::681b:bbed (United States)

ASN13335 (CLOUDFLARENET, US)
app.afterush.com
api.afterush.com
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    37.48.65.182 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
extreme-ip-lookup.com
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
6 app.afterush.com app.afterush.com
ajax.cloudflare.com
4 pagead2.googlesyndication.com app.afterush.com
pagead2.googlesyndication.com
3 api.afterush.com app.afterush.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 extreme-ip-lookup.com app.afterush.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com app.afterush.com
1 code.jquery.com ajax.cloudflare.com
1 cdnjs.cloudflare.com ajax.cloudflare.com
1 stackpath.bootstrapcdn.com ajax.cloudflare.com
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com app.afterush.com
31 17

This site contains links to these domains. Also see Links.

Domain
afterush.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-05-31 -
2021-05-31		 a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
t1.extreme-dm.com
Let's Encrypt Authority X3		 2020-08-09 -
2020-11-07		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Frame ID: 7D1CE6F86C5C85223455A06098C7D0A1
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: C5570EAD4062CD358751A3201D612D0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8391764748302772&output=html&adk=1812271804&adf=3025194257&lmt=1603620741&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.afterush.com%2Fen%2Faudit%3Foverview%3Dtrue%3Flang%3Den%26domain%3Dhttps%3A%2F%2Fwww.xnx.cam%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603620741859&bpp=12&bdt=595&idt=57&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5980957276573&frm=20&pv=2&ga_vid=200813516.1603620741&ga_sid=1603620742&ga_hid=2035069048&ga_fc=0&iag=0&icsg=2752574&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21067204%2C21067467%2C21067603%2C44730557&oid=3&pvsid=4016109533806939&pem=920&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=80
Frame ID: CEC90C89DF04A58A204FD2B0F3E9094F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: 80417BD3E1039EA6D50EF409DF4B34A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

31
Requests

97 %
HTTPS

93 %
IPv6

14
Domains

17
Subdomains

16
IPs

3
Countries

953 kB
Transfer

3403 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request audit
app.afterush.com/en/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34d28c1177826142195d5eea2ade41e7f8f112337b259953a49fddc4f11f1368

Request headers

:method
GET
:authority
app.afterush.com
:scheme
https
:path
/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 25 Oct 2020 10:12:21 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd264ca33f78901a1416a9a8cceae0dd61603620741; expires=Tue, 24-Nov-20 10:12:21 GMT; path=/; domain=.afterush.com; HttpOnly; SameSite=Lax
content-disposition
inline; filename="index.html"
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0600d7b8090000c28b10191000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gzt0hT92wHz5umWQQDXY3Y%2BScfxaxOVSMIRYyjxZJPTJFWHQeVy9PTaT6uClJqP6OG6R4sFxg2VkXPag3X4NpFXzJ%2BGjIZXqa9MeN4GGEIjeeAEHQis4SNNMeTiq"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e7b28a00cc2c28b-FRA
content-encoding
br
2.b50ad75a.chunk.css
app.afterush.com/static/css/ 		146 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.afterush.com/static/css/2.b50ad75a.chunk.css
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5c43f7a0978cad19aa1dc2ad82caaeae4a23195f3dc4d2e3f66f44b20bcc1ee

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2e8fafb164b1f656e3b11392fea3f5aca78482e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YqFg81V3ytkIbJ%2BTeH2%2FNfk16MT%2Bwt9%2BqdtBzoBlrBx4up99c0Z%2FRppJeeGJYESjlykKtXq0tNaLbAj%2F%2Box%2FxZLW5GPU%2BlntRGMSkAIKAxRYgK%2BkOVyK%2FxhWUyLW"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=14400
content-disposition
inline; filename="2.b50ad75a.chunk.css"
cf-ray
5e7b28a0ee6bc28b-FRA
cf-request-id
0600d7b8940000c28b81138000000001
main.c9c77a34.chunk.css
app.afterush.com/static/css/ 		84 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.afterush.com/static/css/main.c9c77a34.chunk.css
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9afa4a57b7821d9003e99b21c024a25ec4802d157c369dadbab04898fefb96b

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=86236
status
200
content-disposition
inline; filename="main.c9c77a34.chunk.css"
cf-request-id
0600d7b8950000c28b0c8a0000000001
cf-bgj
minify
server
cloudflare
etag
W/"51ccaa919da79903d7c743c4af69a82be1b354cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RrIlfBWDGydGuQeHc5xLR3YbJCF8aR1fAs2hMF9vZRux9ubI6lkDln75X11Xga9co0Sx8SPHRFFzh0LLOWguIyuK%2BRlYLrvu9BPtYyG3badsqZLQ7jVhusmn0b6F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
5e7b28a0ee6cc28b-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://ajax.cloudflare.com/cdn-cgi/beacon/csp?req_id=5e7b28a0edef1782
status
200
cf-request-id
0600d7b89500001782093d9000000001
last-modified
Wed, 21 Oct 2020 15:36:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f90556f-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EHNZzg4Po%2BMeWawEHwbTgmRaNSNR9I452Ec0%2FFc5jIxJTf3yNNhsK2pjW%2F7MvdlcZWszZM8vQkD7qQukCxYk75OpYkq%2B6bqQwte5rftdu7nYb%2FMONrOFiSa9u2dTMCS%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5e7b28a0edef1782-FRA
expires
Tue, 27 Oct 2020 10:12:21 GMT
main.30d1d06e.chunk.js
app.afterush.com/static/js/ 		398 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.afterush.com/static/js/main.30d1d06e.chunk.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42e39dac5189536ed49f6c20c6c8d1ceee30d8a81aedd0e07b51e83a476eb8a

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"88000557427807084cf69b5a795b65648c6c61c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wm5lz3IBV4etk%2Bs0XUB5u6%2BKa7flEj13i9pJxxrQdbJChKCbYeiLSfb89ta2gm%2BP1a3IEPv3OIaCLSSadxQjIYCcu86%2FwXw%2FUjDypxMBHbLT4zOjoiofaJDYQvPr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
content-disposition
inline; filename="main.30d1d06e.chunk.js"
cf-ray
5e7b28a10e96c28b-FRA
cf-request-id
0600d7b8a60000c28b0c8a1000000001
2.bd9e4855.chunk.js
app.afterush.com/static/js/ 		2 MB
532 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.afterush.com/static/js/2.bd9e4855.chunk.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ad0018e6fb182a47c0a9819b1cdb611641b4ade5beb2a05e4e850f3da4901a5

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2037224
status
200
content-disposition
inline; filename="2.bd9e4855.chunk.js"
cf-request-id
0600d7b8a60000c28b21a08000000001
cf-bgj
minify
server
cloudflare
etag
W/"cf460e14655f0556018c849d6b88e9e3018a4b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B57w7WkMLrD6NxTlvpO4oZaR8BVV7Xq43O53%2FPo%2FlCE%2FhVHUaycQd17kE1iOpVNGgaYEZ9tTSay1ENC7%2FY1te4pnZX2Kh4cyq229NbmwqgRRlZ9u5jTxJFylYMgE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
5e7b28a10e9ac28b-FRA
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144512156-2
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd2f07c2a7d56a108807d0010d26868c6785507ad1a587c7ea7775a0b1b0217b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37945
x-xss-protection
0
last-modified
Sun, 25 Oct 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Oct 2020 10:12:21 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:57 GMT
status
200
etag
"1550076057"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15434
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
309448
x-via
cfworker/kv
status
200
content-length
6646
cf-request-id
0600d7b8a900002c2e30a12000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hjI0DBUBnRAnWtrME1yTIZ8VI52ZpdpP2oxIQqVyICrm%2FwTTM8A1yXFg7VF5q%2F9SWYG2KFNHvEOEIynt6g13nLOYgSUxPobMR%2FB4iBdvd0YV7tct1ltEg%2F%2FW%2BxBlbu2IOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e7b28a10e9b2c2e-FRA
expires
Fri, 15 Oct 2021 10:12:21 GMT
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
status
200
etag
W/"5a637bd4-1111d"
vary
Accept-Encoding
x-hw
1603620741.dop217.fr8.t,1603620741.cds239.fr8.hn,1603620741.cds274.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24038
css
fonts.googleapis.com/ 		1 KB
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans&display=swap
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/static/css/main.c9c77a34.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4aa922b08c30b8db88eeef4f800961122cf0671c79150b52c78a63f10d4781f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/static/css/main.c9c77a34.chunk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Oct 2020 10:12:21 GMT
server
ESF
date
Sun, 25 Oct 2020 10:12:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Oct 2020 10:12:21 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144512156-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3393
date
Sun, 25 Oct 2020 09:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Sun, 25 Oct 2020 11:15:48 GMT
collect
www.google-analytics.com/j/ 		1 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=2035069048&t=pageview&_s=1&dl=https%3A%2F%2Fapp.afterush.com%2Fen%2Faudit%3Foverview%3Dtrue%3Flang%3Den%26domain%3Dhttps%3A%2F%2Fwww.xnx.cam%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1681716923&gjid=1562711168&cid=200813516.1603620741&tid=UA-144512156-2&_gid=1322276829.1603620741&_r=1&gtm=2ouae1&z=338247534
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 10:12:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://app.afterush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
fonts.gstatic.com/s/nunitosans/v6/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v6/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://app.afterush.com
Referer
https://fonts.googleapis.com/css?family=Nunito+Sans&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:04:02 GMT
server
sffe
age
514302
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11488
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:39 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/static/js/main.30d1d06e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cd36fe8eff5415f14f9486ceea6c20c9c8adf692b712e0479c1f4e2ce574cca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45806
x-xss-protection
0
server
cafe
etag
2296708577634946242
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Oct 2020 10:12:21 GMT
afterush-logo-white.6ea81721.png
app.afterush.com/static/media/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.afterush.com/static/media/afterush-logo-white.6ea81721.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a4408f939fae4be2112c0cc1658779a7ddc855eaa31a2c95fdf8b7e9c49ff2

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
status
200
content-disposition
inline; filename="afterush-logo-white.6ea81721.png"
content-length
12619
cf-request-id
0600d7bac90000c28b323c0000000001
server
cloudflare
etag
"ed97dc1f4c337274922bcf560f6c17acd017ed81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4RmQujq1EM3e1BDBj5mHUwn%2BDGWDKiEsqp9WblWrHVVeXVSQdk6UYfI6czisduKTTW3pv%2Buff3jS6Oc5S7MmHUvJVjPYvvNDbSlpyrWsjjs4su3JCFOY8ywXT4PQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5e7b28a46c78c28b-FRA
json
extreme-ip-lookup.com/ 		372 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extreme-ip-lookup.com/json
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/static/js/2.bd9e4855.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.48.65.182 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f3a259edec8779527ce9a3dbd863f0ae0a3d3cc77c7e05e2960bd7deffa7311b

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 09:57:28 GMT
server
nginx
status
200
content-type
application/json; charset=utf-8;
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-headers
*
content-length
372
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
865242fc02249a9d817e5a6ccf3821e30caede1816e48f906dcba19bbc0dc07a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ 		230 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88452
x-xss-protection
0
server
cafe
etag
16783570891068550005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 25 Oct 2020 10:12:21 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame C557 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201021/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 24 Oct 2020 12:16:25 GMT
expires
Sat, 07 Nov 2020 12:16:25 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
78956
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=app.afterush.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=app.afterush.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CEC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8391764748302772&output=html&adk=1812271804&adf=3025194257&lmt=1603620741&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.afterush.com%2Fen%2Faudit%3Foverview%3Dtrue%3Flang%3Den%26domain%3Dhttps%3A%2F%2Fwww.xnx.cam%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603620741859&bpp=12&bdt=595&idt=57&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5980957276573&frm=20&pv=2&ga_vid=200813516.1603620741&ga_sid=1603620742&ga_hid=2035069048&ga_fc=0&iag=0&icsg=2752574&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21067204%2C21067467%2C21067603%2C44730557&oid=3&pvsid=4016109533806939&pem=920&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=80
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8391764748302772&output=html&adk=1812271804&adf=3025194257&lmt=1603620741&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fapp.afterush.com%2Fen%2Faudit%3Foverview%3Dtrue%3Flang%3Den%26domain%3Dhttps%3A%2F%2Fwww.xnx.cam%2F&ea=0&flash=0&pra=5&wgl=1&dt=1603620741859&bpp=12&bdt=595&idt=57&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5980957276573&frm=20&pv=2&ga_vid=200813516.1603620741&ga_sid=1603620742&ga_hid=2035069048&ga_fc=0&iag=0&icsg=2752574&dssz=13&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21067204%2C21067467%2C21067603%2C44730557&oid=3&pvsid=4016109533806939&pem=920&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=80
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 25 Oct 2020 10:12:22 GMT
server
cafe
content-length
444
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 25-Oct-2020 10:27:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Oct 2020 10:12:22 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5c33029f76f7fe3056328ac7203ea4633b8454632fc1cd50a81c6da4a2c6342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603453024747546"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27565
x-xss-protection
0
expires
Sun, 25 Oct 2020 10:12:21 GMT
demo
api.afterush.com/track/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.afterush.com/track/demo?refresh_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiSmpEQGRjXmVYZz11cVdkQWV3aX0tdDgxZ0ppO2JdTUVOTzYrSlBROENbI3ZKQ1RbZGUuanJWa25tclJaISFreVgxdi0uMCYlaClMczMyaTd6cTcpaWttazhCbjg3LjNLSn1LNCIsImlhdCI6MTYwMzYyMDc0MSwiZXhwIjoxNjAzNjIwOTIxfQ.j5oHuIcjjgQRJkidkDpQy9sJdrQHMYnswn6NsR0Pmeo
Protocol
H2
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.afterush.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Sun, 25 Oct 2020 10:12:22 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://app.afterush.com
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-headers
content-type
cf-cache-status
DYNAMIC
cf-request-id
0600d7bb6600003248d50ff000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=smmu98KzoEGY3AhckS7XLkv9J%2BcW8wlSmCQpP8d9hLVx9yVlG2%2FSESLETLNPFJe5N41TusuNZmRaBOv8ipuexcPxxaetOTeUWj5BBLbiVAG16lKG3n25xLwoBNSG"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e7b28a56ea43248-FRA
demo
api.afterush.com/track/ 		47 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afterush.com/track/demo?refresh_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoiSmpEQGRjXmVYZz11cVdkQWV3aX0tdDgxZ0ppO2JdTUVOTzYrSlBROENbI3ZKQ1RbZGUuanJWa25tclJaISFreVgxdi0uMCYlaClMczMyaTd6cTcpaWttazhCbjg3LjNLSn1LNCIsImlhdCI6MTYwMzYyMDc0MSwiZXhwIjoxNjAzNjIwOTIxfQ.j5oHuIcjjgQRJkidkDpQy9sJdrQHMYnswn6NsR0Pmeo
Requested by
Host: app.afterush.com
URL: https://app.afterush.com/static/js/2.bd9e4855.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a220d00d01df7704bf2966627183d5468b587ce132641d23c54473c51fe9dc0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 25 Oct 2020 10:12:22 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
vary
Origin
content-length
47
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2f-DqLbxLtzc8FWShZoDndeiqAZEo4"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qGQTdVfB3iwBvJTR%2BZOctVxWGwiSN%2Bl4JgPYsO2SRI2GBVuOm347YdvTeoaIDNPlUDuLNpiw5Eq8MJlSqvI6nSFYgcKnQ9O8uZdK8blLFCuVGPsW%2F1MFSl5PblTo"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.afterush.com
access-control-allow-credentials
true
cf-request-id
0600d7bbe000003248d2398000000001
cf-ray
5e7b28a638263248-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js?bust=exp%3D21067204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 25 Oct 2020 10:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601937181905197"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6302
x-xss-protection
0
expires
Sun, 25 Oct 2020 10:12:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame 8041 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/218/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Sun, 25 Oct 2020 09:56:08 GMT
expires
Mon, 25 Oct 2021 09:56:08 GMT
last-modified
Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
974
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=4016109533806939&bg=!RkWlRWXNAAVp0lmVaVhBH5RIEanIlgIAAABPUgAAAA0KAJ8A4k5CfXTPwvPkSmTfdGXqLhI4a7bDGhQPFWoAdkuWeIlDJOQyOL77MzQnsmohjqfNXBH8kxCYXEiVVrB3pjjpGC8XpiCShzNVzpj6L-VYoDqeOY-BHc1aldjaqOh4xrVRkLf9DgV5vUXi8AQmL6peCvadmXjjhBig8x1D_EpoJAB1gMN6ZNDdup8Zya9eUAQgACa4nW91yTXT-ZqUOqaZAalal7STXaIPwHo_aMnDV0mzxpl7SwLXRjHO1kt7M3ZlU97lZer70oB5u-r6uD9HN7Am9iatw-n3B_NptMA6ggGWz-Oc0Fr9gIFi8ZbcmZXKsBdfXvW62cPam1WBswnxyZivpu7H49TASG5tQ6FuMvaF6BidY1WW4BWqDjCZZ46EOEYNQlJ87CTVAo5A2N-wqpS5wPkQmoNQpD5T3Ni7GCMlZzkiQ79pbb3yikkUWpr92-OyEbY40jlNcP8Q254X3SuDxUtMM39y8euhMVFWz77UQBnkJdfFOp9pMa_Ry5Glbw6RUsrRNsspwAHshpt72SBNwB03YJNdMgGpRWvHj5foqtO4E2zIRVLav2SxzqwYVJg09t92hmlj3yi-F4CV12A2B1PTvIlzCjslAHWnBs5difKmaP228W1k4ir8ndgEBF1XAAxxI75DwRt8vRZYp_xx6tfL0wmvt-jWyLHqUlvxWOCeFvODNhJBzJp3k9V47KUSq4bRso9zcvLpm60BG_Buap-66Z7tuH6ggUAgzjveAIPEGclIgQX0iK67q0Tana80rE6wZ4RsUQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.afterush.com/en/audit?overview=true?lang=en&domain=https://www.xnx.cam/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Oct 2020 10:12:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audit
api.afterush.com/api/v1/ 		0
0
audit
api.afterush.com/api/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.afterush.com/api/v1/audit?refresh_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoicmYtUE1vcHRFIURIVk1tSFlWMltRRkZtZFFiMiNrOUpfZlI2QlN4NUlDa0Q3J2pTW0UkK116bTQhQE43NDBVfm5hbHVve3Qma0dXJGFRV0ZINScsJUBZX2RCbFhbRk8oUzBCQCIsImlhdCI6MTYwMzYyMDc0MiwiZXhwIjoxNjAzNjIwOTIyfQ.CWCqqccF3ARWD6R5iizhlQNiTG_iYlUIswZPo6xQiFY
Protocol
H2
Server
2606:4700:3036::681b:bbed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.afterush.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Sun, 25 Oct 2020 10:12:22 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://app.afterush.com
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-headers
content-type
cf-cache-status
DYNAMIC
cf-request-id
0600d7bc7c000032488c02f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jA9DWH18%2FSE1%2BgrS55CHj%2F5JdPVGf%2F8AX9%2FcTi%2Fo29JnC%2B8M%2FS%2FUr8oHGypmuJorROgqiycLvoUwoV9kMsbygf26BvJMLp41zpnnCketFD8rDR3TOrPlONkBdjiQ"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e7b28a72a473248-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.afterush.com
URL
https://api.afterush.com/api/v1/audit?refresh_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjoicmYtUE1vcHRFIURIVk1tSFlWMltRRkZtZFFiMiNrOUpfZlI2QlN4NUlDa0Q3J2pTW0UkK116bTQhQE43NDBVfm5hbHVve3Qma0dXJGFRV0ZINScsJUBZX2RCbFhbRk8oUzBCQCIsImlhdCI6MTYwMzYyMDc0MiwiZXhwIjoxNjAzNjIwOTIyfQ.CWCqqccF3ARWD6R5iizhlQNiTG_iYlUIswZPo6xQiFY

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| __cfQR function| $ function| jQuery function| Popper object| bootstrap function| gtag object| dataLayer object| webpackJsonp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| tmp function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| html2pdf function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG object| scCGSHMRCache object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts object| adsbygoogle boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_image_requests

1 Cookies

Domain/Path Name / Value
.afterush.com/ Name: __cfduid
Value: dd264ca33f78901a1416a9a8cceae0dd61603620741

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
api.afterush.com
app.afterush.com
cdnjs.cloudflare.com
code.jquery.com
extreme-ip-lookup.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
api.afterush.com
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2606:4700:3036::681b:bbed
2606:4700::6810:135e
2606:4700::6810:a823
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:816::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:824::200e
37.48.65.182
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
34d28c1177826142195d5eea2ade41e7f8f112337b259953a49fddc4f11f1368
3ad0018e6fb182a47c0a9819b1cdb611641b4ade5beb2a05e4e850f3da4901a5
4aa922b08c30b8db88eeef4f800961122cf0671c79150b52c78a63f10d4781f7
4cd36fe8eff5415f14f9486ceea6c20c9c8adf692b712e0479c1f4e2ce574cca
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77e75934de7a7d9b475ed5205181eed15c424e1ead2039ada5818432e841bc9f
7a220d00d01df7704bf2966627183d5468b587ce132641d23c54473c51fe9dc0
865242fc02249a9d817e5a6ccf3821e30caede1816e48f906dcba19bbc0dc07a
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
aba72d81572635fcc88d896e075e63d790f10cabc5401cf85b10ef5c9cc9608c
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
c5c43f7a0978cad19aa1dc2ad82caaeae4a23195f3dc4d2e3f66f44b20bcc1ee
c8a4408f939fae4be2112c0cc1658779a7ddc855eaa31a2c95fdf8b7e9c49ff2
c9afa4a57b7821d9003e99b21c024a25ec4802d157c369dadbab04898fefb96b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a259edec8779527ce9a3dbd863f0ae0a3d3cc77c7e05e2960bd7deffa7311b
f42e39dac5189536ed49f6c20c6c8d1ceee30d8a81aedd0e07b51e83a476eb8a
f5c33029f76f7fe3056328ac7203ea4633b8454632fc1cd50a81c6da4a2c6342
fd2f07c2a7d56a108807d0010d26868c6785507ad1a587c7ea7775a0b1b0217b