urlscan.io logo urlscan.io
SecurityTrails logo

buboob.com Open in urlscan Pro
2606:4700:3030::6815:2b6e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buboob.com/mama-ogra-sliv/
Effective URL: https://buboob.com/mama-ogra-sliv/
Submission Tags: falconsandbox
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 42 HTTP transactions. The main IP is 2606:4700:3030::6815:2b6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is buboob.com.
TLS certificate: Issued by GTS CA 1P5 on December 12th 2023. Valid for: 3 months.
This is the only time buboob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:303... 13335 (CLOUDFLAR...)
1 193.200.64.24 6681 (GIVEME-CLOUD)
1 185.75.253.87 48684 (VIKINGHOST)
4 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 193.200.64.162 6681 (GIVEME-CLOUD)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.254.122.37 29789 (REFLECTED)
7 195.85.23.226 209242 (CLOUDFLAR...)
4 66.254.122.21 29789 (REFLECTED)
1 193.200.65.68 6681 (GIVEME-CLOUD)
6 193.200.65.12 6681 (GIVEME-CLOUD)
42 11
16    2606:4700:3030::6815:2b6e (United States)

ASN13335 (CLOUDFLARENET, US)
buboob.com
1    193.200.64.24 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cs05.etarg.network
roomrentpast.com
1    185.75.253.87 (Netherlands)

ASN48684 (VIKINGHOST, NL)
bngdin.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    193.200.64.162 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
jkha742.xyz
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    66.254.122.37 (United States)

ASN29789 (REFLECTED, US)
i.bngdin.com
7    195.85.23.226 (Czech Republic)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: net-226-23-lotuna.net
i.wlicdn.com
4    66.254.122.21 (United States)

ASN29789 (REFLECTED, US)
v.bngdin.com
1    193.200.65.68 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network
adtcodepurpel.com
6    193.200.65.12 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: cs01.etarg.ru
cs10.adtcodepurpel.com
Apex Domain
Subdomains		 Transfer
16 buboob.com
buboob.com
552 KB
7 adtcodepurpel.com
adtcodepurpel.com — Cisco Umbrella Rank: 501586
cs10.adtcodepurpel.com — Cisco Umbrella Rank: 730737
527 KB
7 wlicdn.com
i.wlicdn.com — Cisco Umbrella Rank: 53078
66 KB
6 bngdin.com
bngdin.com — Cisco Umbrella Rank: 270278
i.bngdin.com — Cisco Umbrella Rank: 322299
v.bngdin.com — Cisco Umbrella Rank: 367653
827 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8902
3 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4182
57 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 jkha742.xyz
jkha742.xyz — Cisco Umbrella Rank: 185245
193 B
1 roomrentpast.com
roomrentpast.com — Cisco Umbrella Rank: 302517
2 KB
42 9
Domain Requested by
16 buboob.com 1 redirects buboob.com
7 i.wlicdn.com bngdin.com
6 cs10.adtcodepurpel.com buboob.com
5 mc.yandex.com 3 redirects buboob.com
4 v.bngdin.com bngdin.com
3 mc.yandex.ru 1 redirects buboob.com
1 adtcodepurpel.com buboob.com
1 i.bngdin.com bngdin.com
1 fonts.googleapis.com buboob.com
1 jkha742.xyz buboob.com
1 bngdin.com buboob.com
1 roomrentpast.com buboob.com
42 12

This site contains links to these domains. Also see Links.

Domain
rt.leakmycam.com
vk.com
www.tiktok.com
www.twitch.tv
adtcodepurpel.com
Subject Issuer Validity Valid
buboob.com
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
roomrentpast.com
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
bngdin.com
GoGetSSL RSA DV CA		 2023-03-15 -
2024-03-15		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
jkha742.xyz
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
i.bngdin.com
GoGetSSL RSA DV CA		 2023-03-15 -
2024-03-15		 a year crt.sh
i.wlicdn.com
E1		 2023-10-29 -
2024-01-27		 3 months crt.sh
v.bngdin.com
GoGetSSL RSA DV CA		 2023-03-15 -
2024-03-15		 a year crt.sh
adtcodepurpel.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://buboob.com/mama-ogra-sliv/
Frame ID: A0C292A8213E629B5D1FD2F9CE906CCC
Requests: 29 HTTP requests in this frame

Frame: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Frame ID: CB02219ED904411EB014BB30A72DF0EF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Голая Мама Огра слив декольте - Mamaogra порно

Page URL History Show full URLs

  1. http://buboob.com/mama-ogra-sliv/ HTTP 301
    https://buboob.com/mama-ogra-sliv/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

27 %
IPv6

9
Domains

12
Subdomains

11
IPs

5
Countries

2032 kB
Transfer

2851 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buboob.com/mama-ogra-sliv/ HTTP 301
    https://buboob.com/mama-ogra-sliv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10216.YT5_fkwufzG1hia3z3qSH9R0VgpSZBFxplbp9aJ4c8OlScxhzH62TSt7B8popnSh.29UI724PBWtluVw_e4NabmRzz4w%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10216.jqjtbrXEJ6-Jdw0ixwr1a02QUpIuk4dadSluENuhIWv1maQJIouJC_OtEy8lOSPqMd1Etavwm10jZh_sDOB_MLCOkjabMWviSJOFfLdkHW1I1OPZ-YU39f7RG34asZP_ElFKcKKqc0zkS-3RylpUGsx6JEO5kPTKNDu2KUAwvdctH7p-0uJBq8j_dMEzTw90fO6EPV84O7qjEStFfM9wGeEUgWxYw1CRaA90bJ8mPnQ%2C.Zrf0rdp_l54LQbUa5pPdRC9vOfw%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10216.shEGroq0ltBJPSj1NUXix3xn6Izt6sXBC7GE7TQfFJdvW3hWoo4DyMiOW4FPu0lUbLgOEwpe9_PwEKw6LGShHP6PrB3sdtD5ZYn3s7GE7RHBzxw1uIYzWHsWChQ36pAabVGzTLa1YAydeiWZCpe6n-KPt11oOtyl_wMrMqe5aDbM2X8ksRh6e9h9T4dA00AVqFtLGQ4YYxkODOrt-qzGbw%2C%2C.yrN3R5nXs2rfKpHmu6Yhdkis2Pw%2C
Request Chain 33
  • https://mc.yandex.com/watch/50862965?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A739920401756%3Ahid%3A797172740%3Az%3A60%3Ai%3A20231213144923%3Aet%3A1702475363%3Ac%3A1%3Arn%3A305466462%3Arqn%3A1%3Au%3A1702475363308851002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C26%2C78%2C16%2C64%2C0%2C%2C151%2C2%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1702475362716%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702475364%3At%3A%D0%93%D0%BE%D0%BB%D0%B0%D1%8F%20%D0%9C%D0%B0%D0%BC%D0%B0%20%D0%9E%D0%B3%D1%80%D0%B0%20%D1%81%D0%BB%D0%B8%D0%B2%20%D0%B4%D0%B5%D0%BA%D0%BE%D0%BB%D1%8C%D1%82%D0%B5%20-%20Mamaogra%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
  • https://mc.yandex.com/watch/50862965/1?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A739920401756%3Ahid%3A797172740%3Az%3A60%3Ai%3A20231213144923%3Aet%3A1702475363%3Ac%3A1%3Arn%3A305466462%3Arqn%3A1%3Au%3A1702475363308851002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C26%2C78%2C16%2C64%2C0%2C%2C151%2C2%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1702475362716%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702475364%3At%3A%D0%93%D0%BE%D0%BB%D0%B0%D1%8F%20%D0%9C%D0%B0%D0%BC%D0%B0%20%D0%9E%D0%B3%D1%80%D0%B0%20%D1%81%D0%BB%D0%B8%D0%B2%20%D0%B4%D0%B5%D0%BA%D0%BE%D0%BB%D1%8C%D1%82%D0%B5%20-%20Mamaogra%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buboob.com/mama-ogra-sliv/
Redirect Chain
  • http://buboob.com/mama-ogra-sliv/
  • https://buboob.com/mama-ogra-sliv/
121 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4bb22f155f9c430eb7d67181b3200faf00abda8d172e3bab2eb2ae405f26f4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
834eab898db1bb5f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 13:49:22 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Wed, 06 Dec 2023 23:48:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5Eb0LtKkckeuxvC7xXGQCrnRCHzzcZuOrwBws744KDCRGlqKClgVgyqhBNylU2MWzClIGS88OkSwmDPIf59wMBzOfIJl6ZxvfRbPbyKzY4XWhpVcL5MzPFY6%2FPv7fwvK8pS1BDLJIyv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
834eab89392f0a4b-AMS
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 13 Dec 2023 13:49:22 GMT
Location
https://buboob.com/mama-ogra-sliv/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7968yB0%2B%2BzTuJ6mEqL%2BiwDlMXHh9ZmqBhHdkVB%2BCy7HkZJI8FkmwVHwwVo5I19%2BbjVG0cU2Swn%2BpxW2ILL4namO58UxoKmYL%2BtzRuLAVzOE7JuGR4AUYvILSdYJcwzqWWupaJFpO2EP"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
a4kqn.css
buboob.com/wp-content/cache/wpfc-minified/d2lm7mtp/ 		332 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buboob.com/wp-content/cache/wpfc-minified/d2lm7mtp/a4kqn.css
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfae25efa7f4c7a393619c43fa95e7497a3a65fee5e327f49a52055065b2e549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2023 08:00:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587789
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GPd73LZjPa8qjVNycLNiSCbidKaGnk%2BK%2BlIzmjvFc6NU9S8gwN99osR%2FDTzw6j9ExCkMuaZKxdR2z3OiQsd3zStdKw1r8V6x3CoKz9KVGD5EDgUUuqHw7OlWp3yXPwHKufcp2Z1pYvY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
cf-ray
834eab8abf09bb5f-FRA
alt-svc
h3=":443"; ma=86400
expires
max-age=A10368000, public
cropped-logo-new.png
buboob.com/wp-content/uploads/2023/08/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2023/08/cropped-logo-new.png
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83b2599b0675fc31d4a81798e5d358fa09a5ec1d902814a6812e9faa8d587cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 08:33:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587788
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMb10xqYIcLiTyUH7K7SfR6SxfRt4b5U1yD6V%2Fitlw%2FB4WyrfHHaxUUwYVM8nI2IyRPzuXudIl2Du%2FPTazdGWqwhZqHnlXkdCZHlpoNt60x2hQAq51%2BDXSidM5ghm8r3zbTaR5ZvtURD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8abf0abb5f-FRA
alt-svc
h3=":443"; ma=86400
content-length
44821
expires
max-age=A10368000, public
mamaogra-logo.jpg
buboob.com/wp-content/uploads/2023/03/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2023/03/mamaogra-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31122c9cc5173a34896b0e3b39169d190b6dfd52f5da98fb7d1724ee001a56e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:29:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
268547
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzrQSqp%2BJIu8eUZ5m2nVQnli9FLNzhPhg%2Fm29m4UDBTOLae63EOMo1Rd5wWo2bwQdOzjy0XjoLp0V9sRj5%2Bt6OI7eLPd9iK7jUJLV5LnhRvPp%2Bq6buv38CX%2FT80ZsL8pWfiZqm6uX4xz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8abf0cbb5f-FRA
alt-svc
h3=":443"; ma=86400
content-length
77139
expires
max-age=A10368000, public
blank.gif
buboob.com/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:39:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587789
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDegiiUP8Hpu2vCfS4fgi0YaJwTXsFaP2AvrPPv0bOZyBS%2BO5b6wXZu3Plzg%2FkapuARLlRspu8yYxKSyW%2FT9otiBjw8VF2Ci0%2FXBdvtEqze%2BmVHTG32rwXHsxAA4jckl7RNmPDOudO94"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8abf0dbb5f-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
max-age=A10368000, public
a4kqo.js
buboob.com/wp-content/cache/wpfc-minified/fqy6qkot/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buboob.com/wp-content/cache/wpfc-minified/fqy6qkot/a4kqo.js
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d972dacc6e27326f87a45808aa782ab9fc36fcf0cc5890da6d7c6fb95953eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2023 08:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTFrjb2l%2FtMPaEa5UcWNmISOG1AHHmzCiCaSvPla1yv%2BZAEMYWCMtXSpO%2BcgRNjdF4ktx0isZwhIQ00VrlNCTgONZYQMwXahspG7U96zxfCZY87mkbI%2FDgYeWKpJaluNFovU4DGDgXml"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
834eab8aeb1265bc-FRA
alt-svc
h3=":443"; ma=86400
expires
max-age=A10368000, public
/
roomrentpast.com/services/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roomrentpast.com/services/?id=146731
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.24 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs05.etarg.network
Software
nginx /
Resource Hash
78552f7f2326e8cc64b8334d1b571f1a411add0087a952ba583849670bf5a36a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
1613
Content-Type
text/javascript; charset=utf-8
a4kqo.js
buboob.com/wp-content/cache/wpfc-minified/ko2cu6bl/ 		129 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buboob.com/wp-content/cache/wpfc-minified/ko2cu6bl/a4kqo.js
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8ead4ade857e9081490dc3a5bb08bbff7d67a79dd7d1523a5717e075a2e6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 29 Oct 2023 08:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWavUsr%2BwtTnALz2G46hyuIFkW03eot9OqxVd5BmoY0x2f2mwj%2BwmCSPE8GAxA6JcJLU03F3Wqq%2F3evTJJGV0lQ5kiLcBfyvaKZcaXItgzqd%2BG2tY%2FUh2A0HJfB8sVK51pd1Dv37yZMf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
834eab8afb2665bc-FRA
alt-svc
h3=":443"; ma=86400
expires
max-age=A10368000, public
fontawesome-webfont.woff2
buboob.com/wp-content/themes/seoboost/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://buboob.com/wp-content/themes/seoboost/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: buboob.com
URL: https://buboob.com/wp-content/cache/wpfc-minified/d2lm7mtp/a4kqn.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://buboob.com/wp-content/cache/wpfc-minified/d2lm7mtp/a4kqn.css
Origin
https://buboob.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:39:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587684
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvrY%2BRkkY%2B1tx6oVaJIu3yJl5wMFLh4K5qFdfl%2BXO%2FRlOOGJaCf0jrCbhLLFlgN55US%2FncXcVRQ%2BJWfFjTi7HDScvaNxZZtl9CFR6aZ7RovOHqLRIercfW5PGmlozmavK4bwc7duDQJ8"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8afb2765bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
77160
expires
max-age=A10368000, public
promo.php
bngdin.com/ Frame CB02 		121 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.75.253.87 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
267bbc03ca051614860dea5ff4d511588b25be9123ecb6b269b5fd9289a50b77
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

Referer
https://buboob.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
cache-control
no-cache public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Dec 2023 13:49:23 GMT
expires
Wed, 13 Dec 2023 13:49:22 GMT
server
nginx
strict-transport-security
max-age=0;
x-bc-bl
102
x-bcs
ded7015
watch.js
mc.yandex.ru/metrika/ 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-dcfc"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56572
expires
Wed, 13 Dec 2023 14:49:23 GMT
onlyfans-leaks.jpg
buboob.com/wp-content/uploads/2022/03/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2022/03/onlyfans-leaks.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72e51965c43b57b1ead6ddf4d6e1320ba309b30d536978eb50a922e134832a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:36:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LRy3ChzHXrQ8hnkd2K747mE7KfX7yBZ%2FA0FkA8Qg6DTldL5ffUd2DFCM0RNlkGf1rvokwnjrg445XbgoU2HQw3EsZEa%2BJP%2FJbJ%2F0eXNHf19LZT03gEylXopMbWIuz9dUixLAaKqvQY5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5265bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
51091
expires
max-age=A10368000, public
sliv-dashi-doshik-logo.jpg
buboob.com/wp-content/uploads/2023/07/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2023/07/sliv-dashi-doshik-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b794df391ca0647a0107eb55023b665e3f5e9faff46a6355a96c824f05af6630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:28:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oCQrKzK81T3yQIHcaxS8WhK4fGDZIqOQ6pFMD%2BPakoewoUF5HdALS96S8XfTrVvrPWepwSAmIONIhPW5WI0e6EATd7jzK9ekYHuvWAzYUSLuGuu94YDskCQWn03g3xYG6KPPyb6TQhY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5565bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
42835
expires
max-age=A10368000, public
dora-logo.jpg
buboob.com/wp-content/uploads/2020/05/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2020/05/dora-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71977ab96280ca58ad17baba42546b601417dd0b9dc8b370c197fa874d83d0e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:35:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpZKPLNTwYQjJ7IHrP93UI6pylgyosmtAvlcMe5%2BnqOS59jjQEpeVS17iEOJRn%2F2X21XGjIWzt2KRIDFvptxllBYnVfo2PPhy1yfVXS8Us7JL5aHt88ACwkjtOtijzmvZ43u1eLEkCoR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5665bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
30993
expires
max-age=A10368000, public
klava-coca-naked-new-logo.jpg
buboob.com/wp-content/uploads/2020/10/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2020/10/klava-coca-naked-new-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ef75d263b8b2f2712c694c9441225eebbf5498c8c59af92396ea2edf2b7309b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:34:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587639
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il6%2Fecb777NgGH%2BRh5KmTCJSd79jIs3IHZoU6KClZrorzzm1zlIAzs7%2FaZcFaTKGoeLM4gBDdCGNKlnXuE6q0rTgtho%2BJn7auclnGL%2BuW6gVsxucHfJ5bi%2BGOSsR1yDplUJRjW3ZsQqC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5965bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
25475
expires
max-age=A10368000, public
annfigma-logo.jpg
buboob.com/wp-content/uploads/2023/02/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2023/02/annfigma-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d10bee02eddffef64661f837b9e2d8bc97247b321047e244c6c3eb8fee7102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:29:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587638
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBSeLvLMm4lmfL%2F8XGEiwGePF8Zj9s01lAOc2EGeiU7DznVxG7WFmcOkPsv4MiyPfkraUtuBOY6K9vuW8XQyshAnMO2bYe%2B4oRc6qG9lH6dZwLahAvXshBZbrctXB9WC%2BKqVgj1R56ro"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5b65bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
32822
expires
max-age=A10368000, public
Ayza-Anokhina-logo.jpg
buboob.com/wp-content/uploads/2019/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buboob.com/wp-content/uploads/2019/09/Ayza-Anokhina-logo.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4079622b3b80577d9b06431b5f10009d62b66f51dfe0ac43f0f0b36a43391e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/mama-ogra-sliv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
cf-cache-status
HIT
last-modified
Wed, 16 Aug 2023 16:30:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
587638
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VScZla2eR9q1AqHG2jQi4tj2taY2yMlUzukPg4axGEX5y3iW0H1Cl962HN7er2x8DaRB5WxmKlNau0jse1ns4x69vBeHGJ7EsWmEWIlBcqWdacVxzTu322ncOPvH2WJsMu%2FjF%2FbMaRCX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
834eab8b1b5d65bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
27569
expires
max-age=A10368000, public
/
jkha742.xyz/wcm/ 		0
193 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jkha742.xyz/wcm/?sh=buboob.com&sth=fe5b236d249054eb7c182c11091ec5c8&m=8d619a50b84e3a6d93bcf48b7b0dadf5&sid=398_787320_64048377&stime=378.20&curpage=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&rand=0.6383921478507262
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.64.162 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:49:23 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR CURa TIA"
content-type
text/plain;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-msr
TRUE
timing-allow-origin
*
content-length
0
expires
0
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin%3A400%2C500%26subset%3Dlatin%2Clatin-ext%7CMontserrat%3A300%2C400%2C500%26subset%3Dlatin%2Clatin-ext&subset=latin%2Clatin-ext
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8dc9266be6584c14fef825068f5158122e83bcc3b75cf6519d357b55a52d42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 13:49:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Dec 2023 13:49:23 GMT
admin-ajax.php
buboob.com/wp-admin/ 		7 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buboob.com/wp-admin/admin-ajax.php
Requested by
Host: buboob.com
URL: https://buboob.com/wp-content/cache/wpfc-minified/fqy6qkot/a4kqo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.6
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://buboob.com/mama-ogra-sliv/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.2.6
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://buboob.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2B94afOxiAYjk7CoqDZ6L0jduacZ4JNMLHOzcbr4XugUNrsi6Y4l3Ba4xSYIWoUHW7HNGq7sbJPSb4smgsecF6MkfMYZVyZx%2BYCs1V8e2aaZxeu9xTj54sBGr4O2RRxOACnRcfotFppR"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
834eab8b7be365bc-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery.tools.min.js
i.bngdin.com/dynamic_banner/ Frame CB02 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.bngdin.com/dynamic_banner/jquery.tools.min.js
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.37 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2019 10:15:17 GMT
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2592000
x-cdn-diag
fra1-11058-4-14009-h-0-0---;11025-10-8864----0-2-0
expires
Fri, 30 Dec 2022 23:15:50 GMT
50defd5afc8b20a7968ce4c32984e08b_thumb_medium.jpg
i.wlicdn.com/04f/349/0cf/ Frame CB02 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/04f/349/0cf/50defd5afc8b20a7968ce4c32984e08b_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
07684cfb99a56ad4ad3625ddf9944705eed2f9b265cb60cfdac9c39e25f9a581
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1967595
alt-svc
h3=":443"; ma=86400
content-length
7209
cf-bgj
h2pri
last-modified
Mon, 20 Nov 2023 19:14:43 GMT
server
cloudflare
etag
"655bb023-1c29"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-o3-p4
MISS
accept-ranges
bytes
cf-ray
834eab8c2c321976-FRA
expires
Wed, 20 Dec 2023 19:16:07 GMT
d800c0d7ed9c489547148860020f0d4e_thumb_medium.jpg
i.wlicdn.com/07a/3c1/292/ Frame CB02 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/07a/3c1/292/d800c0d7ed9c489547148860020f0d4e_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
120bd90180e14889311fd196547ac98b014b774fb9a42b7797387a9623040d58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1233852
x-o1-p6
HIT
alt-svc
h3=":443"; ma=86400
content-length
10120
cf-bgj
h2pri
last-modified
Sat, 15 Jul 2023 07:14:54 GMT
server
cloudflare
etag
"64b2476e-2788"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8c2c361976-FRA
expires
Tue, 12 Dec 2023 05:39:49 GMT
40b9b4f3c73db16dd4f44d74bfe91572_thumb_medium.jpg
i.wlicdn.com/019/11a/1b4/ Frame CB02 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/019/11a/1b4/40b9b4f3c73db16dd4f44d74bfe91572_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
f74d5bac5fe93b387d9909aef3afc8c212186a9aa8423d44d9969366c9168ada
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1056218
x-o1-p2
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
10048
cf-bgj
h2pri
last-modified
Fri, 13 Aug 2021 09:22:01 GMT
server
cloudflare
etag
"611639b9-2740"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8c4c6a1976-FRA
expires
Sat, 30 Dec 2023 04:52:37 GMT
c7d530bdaab7c6df3d9326df518d8375_thumb_medium.jpg
i.wlicdn.com/019/11a/3d5/ Frame CB02 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/019/11a/3d5/c7d530bdaab7c6df3d9326df518d8375_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
e912440737f6dbf56f50602a4b942936fe65da26676eb6dbc4a901abe18751aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
123666
x-o1-p2
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
11849
cf-bgj
h2pri
last-modified
Fri, 27 Jan 2023 09:49:12 GMT
server
cloudflare
etag
"63d39e18-2e49"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8c4c6e1976-FRA
expires
Sun, 07 Jan 2024 05:04:17 GMT
89c90d0e02dea70467901d16a44e3b74_thumb_medium.jpg
i.wlicdn.com/0b1/1bc/1f1/ Frame CB02 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/0b1/1bc/1f1/89c90d0e02dea70467901d16a44e3b74_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
b9004b0cbf2c144c253ef26de477e2da42daee27321d31d72d9b6e0df2f20b40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
439092
x-o1-p6
HIT
alt-svc
h3=":443"; ma=86400
content-length
7617
cf-bgj
h2pri
last-modified
Thu, 12 Oct 2023 11:51:18 GMT
server
cloudflare
etag
"6527ddb6-1dc1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8c6c8f1976-FRA
expires
Sun, 07 Jan 2024 11:51:05 GMT
03423445948149c6e7621f6b9f41f57b_thumb_medium.jpg
i.wlicdn.com/0b3/256/03a/ Frame CB02 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/0b3/256/03a/03423445948149c6e7621f6b9f41f57b_thumb_medium.jpg
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
d5837b35885adf8801ae263aaebb39182c7b348a8485953233f36c5c7cb7f113
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1158274
x-o1-p6
MISS
alt-svc
h3=":443"; ma=86400
content-length
8768
cf-bgj
h2pri
last-modified
Thu, 16 Nov 2023 05:22:21 GMT
server
cloudflare
etag
"6555a70d-2240"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8c99f11e56-FRA
expires
Sun, 17 Dec 2023 04:18:06 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10216.YT5_fkwufzG1hia3z3qSH9R0VgpSZBFxplbp9aJ4c8OlScxhzH62TSt7B8popnSh.29UI724PBWtluVw_e4NabmRzz4w%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10216.jqjtbrXEJ6-Jdw0ixwr1a02QUpIuk4dadSluENuhIWv1maQJIouJC_OtEy8lOSPqMd1Etavwm10jZh_sDOB_MLCOkjabMWviSJOFfLdkHW1I1OPZ-YU39f7RG34asZP_ElFKcKKqc0...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10216.shEGroq0ltBJPSj1NUXix3xn6Izt6sXBC7GE7TQfFJdvW3hWoo4DyMiOW4FPu0lUbLgOEwpe9_PwEKw6LGShHP6PrB3sdtD5ZYn3s7GE7RHBz...
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10216.shEGroq0ltBJPSj1NUXix3xn6Izt6sXBC7GE7TQfFJdvW3hWoo4DyMiOW4FPu0lUbLgOEwpe9_PwEKw6LGShHP6PrB3sdtD5ZYn3s7GE7RHBzxw1uIYzWHsWChQ36pAabVGzTLa1YAydeiWZCpe6n-KPt11oOtyl_wMrMqe5aDbM2X8ksRh6e9h9T4dA00AVqFtLGQ4YYxkODOrt-qzGbw%2C%2C.yrN3R5nXs2rfKpHmu6Yhdkis2Pw%2C
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10216.shEGroq0ltBJPSj1NUXix3xn6Izt6sXBC7GE7TQfFJdvW3hWoo4DyMiOW4FPu0lUbLgOEwpe9_PwEKw6LGShHP6PrB3sdtD5ZYn3s7GE7RHBzxw1uIYzWHsWChQ36pAabVGzTLa1YAydeiWZCpe6n-KPt11oOtyl_wMrMqe5aDbM2X8ksRh6e9h9T4dA00AVqFtLGQ4YYxkODOrt-qzGbw%2C%2C.yrN3R5nXs2rfKpHmu6Yhdkis2Pw%2C
date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Dec 2023 08:38:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65781bea-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 13 Dec 2023 14:49:23 GMT
stream_AshleyVasquez.mp4
v.bngdin.com/ Frame CB02 		257 KB
257 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.bngdin.com/stream_AshleyVasquez.mp4
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
43396f58d1680c0b297576331960c7a613c1c1ea5b04951a33e11591cdc22418

Request headers

Referer
https://bngdin.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
last-modified
Tue, 12 Dec 2023 14:37:10 GMT
etag
"65787016-40262"
content-type
video/mp4
Content-Range
bytes 0-262753/262754
cache-control
max-age=21600
x-cdn-diag
fra1-11037-2-3486-h-0-0---;11028-6-3084895----0-0-0
x-circle-268
EXPIRED
Content-Length
262754
expires
Tue, 12 Dec 2023 21:12:33 GMT
stream_CarmellaAngel.mp4
v.bngdin.com/ Frame CB02 		225 KB
226 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.bngdin.com/stream_CarmellaAngel.mp4
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
d9177376b8b36894501e5b4964cb5d18d66d22572a6a8deab5b4c3abcdc8b691

Request headers

Referer
https://bngdin.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
last-modified
Tue, 12 Dec 2023 14:11:22 GMT
etag
"65786a0a-384d9"
content-type
video/mp4
Content-Range
bytes 0-230616/230617
cache-control
max-age=21600
x-cdn-diag
fra1-11028-1-772464-h-0-0---;11028-6-3084895----0-0-0
x-circle-268
HIT
Content-Length
230617
expires
Wed, 13 Dec 2023 02:25:03 GMT
stream_AriannaSins.mp4
v.bngdin.com/ Frame CB02 		76 KB
76 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.bngdin.com/stream_AriannaSins.mp4
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
015db083c17986eac060bbcef0c6dc470e5836df751e782ad0b581f8d93e0853

Request headers

Referer
https://bngdin.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
last-modified
Tue, 12 Dec 2023 20:32:07 GMT
etag
"6578c347-13060"
content-type
video/mp4
Content-Range
bytes 0-77919/77920
cache-control
max-age=21600
x-cdn-diag
fra1-11037-2-3487-h-0-0---;11028-6-3084895----0-0-0
x-circle-268
HIT
Content-Length
77920
expires
Wed, 13 Dec 2023 07:50:48 GMT
stream_Adallinee.mp4
v.bngdin.com/ Frame CB02 		202 KB
202 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.bngdin.com/stream_Adallinee.mp4
Requested by
Host: bngdin.com
URL: https://bngdin.com/promo.php?c=706504&type=dynamic_banner&new_banner=0&db%5Bwidth%5D=728&db%5Bheight%5D=572&db%5Btype%5D=live&db%5Bmodel_zone%5D=free&db%5Bheader%5D=0&db%5Bfooter%5D=none&db%5Bmlang%5D=0&db%5Bfullscreen%5D=&db%5Bmname%5D=1&db%5Bmlink%5D=1&db%5Bmstatus%5D=0&db%5Bmsize%5D=max&db%5Bmpad%5D=3&db%5Bmwidth%5D=60&db%5Bcolor_scheme%5D=default&db%5Bmborder%5D=solid&db%5Bmborder_color%5D=%23ffffff&db%5Bmborder_over_color%5D=%23a02239&db%5Bmshadow%5D=0&db%5Bmodels_by_geo%5D=0&db%5Bautoupdate%5D=1&db%5Btopmodels%5D=1&db%5Blanding%5D=chat&db%5Blogo_color%5D=default&db%5Blogo_align%5D=left&db%5Bbg_color%5D=%23eeeeee&db%5Bfont_family%5D=Arial&db%5Btext_align%5D=center&db%5Btext_color%5D=%23000000&db%5Blink_color%5D=%23a02239&db%5Beffect%5D=auto&db%5Beffect_speed%5D=optimal&db%5Bmode%5D=mode1&db%5Badaptive%5D=1&db%5Bslider%5D=0&db%5Bchat%5D=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
4cb085c37ff0e5738550a96e44f4c5803acde59ef30f40f8c750b104c8727f86

Request headers

Referer
https://bngdin.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
last-modified
Mon, 11 Dec 2023 16:36:00 GMT
etag
"65773a70-32687"
content-type
video/mp4
Content-Range
bytes 0-206470/206471
cache-control
max-age=21600
x-cdn-diag
fra1-11014-3-45915-h-0-0---;11028-6-3084895----0-0-1
x-circle-268
HIT
Content-Length
206471
expires
Tue, 12 Dec 2023 02:46:38 GMT
cyberious.js
adtcodepurpel.com/tanta/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adtcodepurpel.com/tanta/cyberious.js?24451&u=null&a=0.460808563761018
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.68 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
unallocated.giveme.network
Software
nginx /
Resource Hash
b815da1554a5bf9879e681024e99dc14322f1b88969f4e4e14a28a490af01e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
text/javascript; charset=utf-8
Date
Wed, 13 Dec 2023 13:49:23 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CURa TIA"
1
mc.yandex.com/watch/50862965/
Redirect Chain
  • https://mc.yandex.com/watch/50862965?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu%3...
  • https://mc.yandex.com/watch/50862965/1?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu...
439 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50862965/1?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A739920401756%3Ahid%3A797172740%3Az%3A60%3Ai%3A20231213144923%3Aet%3A1702475363%3Ac%3A1%3Arn%3A305466462%3Arqn%3A1%3Au%3A1702475363308851002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C26%2C78%2C16%2C64%2C0%2C%2C151%2C2%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1702475362716%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702475364%3At%3A%D0%93%D0%BE%D0%BB%D0%B0%D1%8F%20%D0%9C%D0%B0%D0%BC%D0%B0%20%D0%9E%D0%B3%D1%80%D0%B0%20%D1%81%D0%BB%D0%B8%D0%B2%20%D0%B4%D0%B5%D0%BA%D0%BE%D0%BB%D1%8C%D1%82%D0%B5%20-%20Mamaogra%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
12a135d6a17b7991d1fe2dd0477928fa2c773a8f4f48157d9438f7164c41a2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 13-Dec-2023 13:49:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://buboob.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Wed, 13-Dec-2023 13:49:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 13-Dec-2023 13:49:23 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/50862965/1?wmode=7&page-url=https%3A%2F%2Fbuboob.com%2Fmama-ogra-sliv%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3gtstpmsk4v16yqhe1wbp8d7%3Afp%3A347%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1190%3Acn%3A1%3Adp%3A0%3Als%3A739920401756%3Ahid%3A797172740%3Az%3A60%3Ai%3A20231213144923%3Aet%3A1702475363%3Ac%3A1%3Arn%3A305466462%3Arqn%3A1%3Au%3A1702475363308851002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C26%2C78%2C16%2C64%2C0%2C%2C151%2C2%2C%2C%2C%2C378%3Aco%3A0%3Acpf%3A1%3Ans%3A1702475362716%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1702475364%3At%3A%D0%93%D0%BE%D0%BB%D0%B0%D1%8F%20%D0%9C%D0%B0%D0%BC%D0%B0%20%D0%9E%D0%B3%D1%80%D0%B0%20%D1%81%D0%BB%D0%B8%D0%B2%20%D0%B4%D0%B5%D0%BA%D0%BE%D0%BB%D1%8C%D1%82%D0%B5%20-%20Mamaogra%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin
https://buboob.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 13-Dec-2023 13:49:23 GMT
3428412.jpg
cs10.adtcodepurpel.com/content/59113/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3428412.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
eefd87a6ed8b64dd32da7966852cec0503a1ca54ba758494ab054a6456e2888e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:20:25 GMT
Server
nginx
ETag
"65647b79-1b939"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
112953
3428412.gif
cs10.adtcodepurpel.com/content/59113/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3428412.gif
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
2ebbf999bd7f60f9e066af3c728c124067996a45d8eb2ea8e934514968ac15d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:20:25 GMT
Server
nginx
ETag
"65647b79-12b09"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
76553
3416109.jpg
cs10.adtcodepurpel.com/content/59113/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3416109.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
72f3531f435e7198604f3bf739d958491078d15d0e1ad0944227cb3f2c12955a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:25:50 GMT
Server
nginx
ETag
"65647cbe-1846a"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
99434
3416109.gif
cs10.adtcodepurpel.com/content/59113/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3416109.gif
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
20dce658fece670f55862c777c5e1f8b9de8a6e4a77ab3caf49d90f223513210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:25:50 GMT
Server
nginx
ETag
"65647cbe-13951"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
80209
3428409.jpg
cs10.adtcodepurpel.com/content/59113/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3428409.jpg
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
01c0c28c00b1582b00bb37747cc4c2aa6c41de971a493bba92c386bb239c7d82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:20:27 GMT
Server
nginx
ETag
"65647b7b-1a29b"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
107163
3428409.gif
cs10.adtcodepurpel.com/content/59113/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs10.adtcodepurpel.com/content/59113/3428409.gif
Requested by
Host: buboob.com
URL: https://buboob.com/mama-ogra-sliv/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.12 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
cs01.etarg.ru
Software
nginx /
Resource Hash
438033b1dd6c56f8ccff02e272703189203baf8865d5daacdc299898b8338727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buboob.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 13 Dec 2023 13:49:23 GMT
Last-Modified
Mon, 27 Nov 2023 11:20:27 GMT
Server
nginx
ETag
"65647b7b-bd4f"
Access-Control-Allow-Methods
OPTIONS, POST, GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Content-Length
48463
40b9b4f3c73db16dd4f44d74bfe91572_thumb_medium.jpg
i.wlicdn.com/019/11a/1b4/ Frame CB02 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.wlicdn.com/019/11a/1b4/40b9b4f3c73db16dd4f44d74bfe91572_thumb_medium.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
195.85.23.226 , Czech Republic, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
net-226-23-lotuna.net
Software
cloudflare /
Resource Hash
f74d5bac5fe93b387d9909aef3afc8c212186a9aa8423d44d9969366c9168ada
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bngdin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:49:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
361134
x-o1-p2
HIT
alt-svc
h3=":443"; ma=86400
content-length
10048
cf-bgj
h2pri
last-modified
Fri, 13 Aug 2021 09:22:01 GMT
server
cloudflare
etag
"611639b9-2740"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
834eab8fdfcb1e56-FRA
expires
Sat, 30 Dec 2023 04:52:37 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| Wpfcll function| wpfci object| originalsizes object| seoboostScreenReaderText object| Wtpsw undefined| $ function| jQuery object| _0xc93e function| _0xe0c string| e5b268a46f_country string| e5b268a46f_domain string| e5b268a46f_path string| e5b268a46f_file function| wtpsw_trending_slider_init function| wtpsw_trending_carousel_init object| bootstrap function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| Ya object| yaCounter50862965 function| e5b268a46f_cancel_bubbling function| efe5b268a46f number| m

19 Cookies

Domain/Path Name / Value
.i.wlicdn.com/ Name: __cf_bm
Value: 1P23ahCqMmcb8j_oQUT2lj8CG9fY_84K2ROHfva9izA-1702475363-1-AUD2Lf0bhA5IYUSkTDeEoFjrcV6/xQPYY+V7J8Z3if8BOJ4XRpNae356Q6p92qsC7J2xkTiKvaohMeGmaVltljg=
.buboob.com/ Name: _ym_uid
Value: 1702475363308851002
.buboob.com/ Name: _ym_d
Value: 1702475363
.yandex.com/ Name: i
Value: RXmYT09RLM7dETSMdkWAGPJYgW0OxlszbODX4cKtXhvJP3xcNo9KjvTjgfzFhFXEl+T/ja+CP624AzX+7LP0fGEbhw4=
.yandex.com/ Name: yandexuid
Value: 7382824691702475363
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 879018456fake
.buboob.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1714109175fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 7382824691702475363
.yandex.ru/ Name: yuidss
Value: 7382824691702475363
.yandex.ru/ Name: i
Value: RXmYT09RLM7dETSMdkWAGPJYgW0OxlszbODX4cKtXhvJP3xcNo9KjvTjgfzFhFXEl+T/ja+CP624AzX+7LP0fGEbhw4=
.yandex.ru/ Name: yp
Value: 1702561763.yu.3352452531702475363
.yandex.ru/ Name: ymex
Value: 1705067363.oyu.3352452531702475363
.adtcodepurpel.com/ Name: uuid
Value: 1702475286764254280
mc.yandex.com/ Name: yabs-sid
Value: 2424249511702475363
.yandex.com/ Name: yuidss
Value: 7382824691702475363
.yandex.com/ Name: ymex
Value: 1734011363.yrts.1702475363
.yandex.com/ Name: bh
Value: KgI/MA==

1 Console Messages

Source Level URL
Text
deprecation warning URL: https://buboob.com/mama-ogra-sliv/(Line 48)
Message:
Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adtcodepurpel.com
bngdin.com
buboob.com
cs10.adtcodepurpel.com
fonts.googleapis.com
i.bngdin.com
i.wlicdn.com
jkha742.xyz
mc.yandex.com
mc.yandex.ru
roomrentpast.com
v.bngdin.com
185.75.253.87
193.200.64.162
193.200.64.24
193.200.65.12
193.200.65.68
195.85.23.226
2606:4700:3030::6815:2b6e
2a00:1450:4001:831::200a
2a02:6b8::1:119
66.254.122.21
66.254.122.37
015db083c17986eac060bbcef0c6dc470e5836df751e782ad0b581f8d93e0853
01c0c28c00b1582b00bb37747cc4c2aa6c41de971a493bba92c386bb239c7d82
07684cfb99a56ad4ad3625ddf9944705eed2f9b265cb60cfdac9c39e25f9a581
0ef75d263b8b2f2712c694c9441225eebbf5498c8c59af92396ea2edf2b7309b
120bd90180e14889311fd196547ac98b014b774fb9a42b7797387a9623040d58
12a135d6a17b7991d1fe2dd0477928fa2c773a8f4f48157d9438f7164c41a2e2
20dce658fece670f55862c777c5e1f8b9de8a6e4a77ab3caf49d90f223513210
267bbc03ca051614860dea5ff4d511588b25be9123ecb6b269b5fd9289a50b77
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ebbf999bd7f60f9e066af3c728c124067996a45d8eb2ea8e934514968ac15d4
31122c9cc5173a34896b0e3b39169d190b6dfd52f5da98fb7d1724ee001a56e3
3c4079622b3b80577d9b06431b5f10009d62b66f51dfe0ac43f0f0b36a43391e
43396f58d1680c0b297576331960c7a613c1c1ea5b04951a33e11591cdc22418
438033b1dd6c56f8ccff02e272703189203baf8865d5daacdc299898b8338727
4cb085c37ff0e5738550a96e44f4c5803acde59ef30f40f8c750b104c8727f86
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
71977ab96280ca58ad17baba42546b601417dd0b9dc8b370c197fa874d83d0e5
72f3531f435e7198604f3bf739d958491078d15d0e1ad0944227cb3f2c12955a
78552f7f2326e8cc64b8334d1b571f1a411add0087a952ba583849670bf5a36a
7d972dacc6e27326f87a45808aa782ab9fc36fcf0cc5890da6d7c6fb95953eb8
a6d10bee02eddffef64661f837b9e2d8bc97247b321047e244c6c3eb8fee7102
aa4bb22f155f9c430eb7d67181b3200faf00abda8d172e3bab2eb2ae405f26f4
b794df391ca0647a0107eb55023b665e3f5e9faff46a6355a96c824f05af6630
b815da1554a5bf9879e681024e99dc14322f1b88969f4e4e14a28a490af01e4d
b9004b0cbf2c144c253ef26de477e2da42daee27321d31d72d9b6e0df2f20b40
bfae25efa7f4c7a393619c43fa95e7497a3a65fee5e327f49a52055065b2e549
c83b2599b0675fc31d4a81798e5d358fa09a5ec1d902814a6812e9faa8d587cb
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
d5837b35885adf8801ae263aaebb39182c7b348a8485953233f36c5c7cb7f113
d8dc9266be6584c14fef825068f5158122e83bcc3b75cf6519d357b55a52d42e
d9177376b8b36894501e5b4964cb5d18d66d22572a6a8deab5b4c3abcdc8b691
de8ead4ade857e9081490dc3a5bb08bbff7d67a79dd7d1523a5717e075a2e6b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e666784dfb5c0770b088874d0217b90b7404d14bd6149843f3b5952b9a5f9197
e72e51965c43b57b1ead6ddf4d6e1320ba309b30d536978eb50a922e134832a8
e912440737f6dbf56f50602a4b942936fe65da26676eb6dbc4a901abe18751aa
eefd87a6ed8b64dd32da7966852cec0503a1ca54ba758494ab054a6456e2888e
f74d5bac5fe93b387d9909aef3afc8c212186a9aa8423d44d9969366c9168ada
f8ed7cb7ac6dc9850cffba6d02a3e222269f9ac3cdde0cfbead7734149281f0f