bustygirls4u.com Open in urlscan Pro
54.67.52.246 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hjelmeland.fronteiras.eu/
Effective URL:
https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_conte...
Submission: On March 24 via api (March 24th 2023, 11:26:38 am UTC) from US — Scanned from US

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 52 HTTP transactions. The main IP is 54.67.52.246, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is bustygirls4u.com. The Cisco Umbrella rank of the primary domain is 641381.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time bustygirls4u.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2606:4700:303... 2606:4700:3030::ac43:955b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 10	54.67.52.246 54.67.52.246	16509 (AMAZON-02) (AMAZON-02)
6	143.204.146.27 143.204.146.27	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
2	52.9.93.60 52.9.93.60	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2003	15169 (GOOGLE) (GOOGLE)
52	8

31 2606:4700:3030::ac43:955b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hjelmeland.fronteiras.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.67.52.246 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-52-246.us-west-1.compute.amazonaws.com

bustygirls4u.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.146.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-27.ewr52.r.cloudfront.net

cdn3reference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.93.60 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-93-60.us-west-1.compute.amazonaws.com

retarget2core.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	fronteiras.eu 1 redirects hjelmeland.fronteiras.eu	438 KB
10	bustygirls4u.com 1 redirects bustygirls4u.com — Cisco Umbrella Rank: 641381	30 KB
6	cdn3reference.com cdn3reference.com — Cisco Umbrella Rank: 349470	183 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	retarget2core.com retarget2core.com — Cisco Umbrella Rank: 394075	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10045	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	879 B
52	8

	Domain	Requested by
31	hjelmeland.fronteiras.eu	1 redirects hjelmeland.fronteiras.eu
10	bustygirls4u.com	1 redirects hjelmeland.fronteiras.eu bustygirls4u.com
6	cdn3reference.com	bustygirls4u.com cdn3reference.com
2	fonts.gstatic.com	fonts.googleapis.com
2	retarget2core.com	cdn3reference.com bustygirls4u.com
2	counter.yadro.ru	1 redirects
1	www.googletagmanager.com	bustygirls4u.com
1	fonts.googleapis.com	cdn3reference.com
52	8

This site contains no links.

Subject Issuer	Validity	Valid
*.fronteiras.eu GTS CA 1P5	`2023-03-17` - `2023-06-15`	3 months	crt.sh
bustygirls4u.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
cdn3reference.com Amazon RSA 2048 M02	`2023-02-15` - `2024-03-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
retarget2core.com Amazon RSA 2048 M01	`2023-02-10` - `2023-10-11`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Frame ID: 9791DFEEFC5DE5F2716AC86A9F1336A1
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hjelmeland.fronteiras.eu/ HTTP 301
https://hjelmeland.fronteiras.eu/ Page URL
https://bustygirls4u.com/tds/ae?tdsId=s3719tka_r&tds_campaign=s3719tka&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a71897709... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

719 kB
Transfer

976 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hjelmeland.fronteiras.eu/ HTTP 301
https://hjelmeland.fronteiras.eu/ Page URL
https://bustygirls4u.com/tds/ae?tdsId=s3719tka_r&tds_campaign=s3719tka&utm_sub=opnfnl&s1=ps&utm_source=int&affid=457f5686&subid=NOLD180521&clickid=2gcdlkn3i52j2 HTTP 302
https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hjelmeland.fronteiras.eu/ HTTP 301
https://hjelmeland.fronteiras.eu/

Request Chain 30

https://counter.yadro.ru/hit;fronteiraseu?r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%20Ned%20Episoder%20Av%20Dragon%20Ball%20Z%20P%E5%20Latin%20Spansk;0.4841029137074362 HTTP 302
https://counter.yadro.ru/hit;fronteiraseu?q;r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%20Ned%20Episoder%20Av%20Dragon%20Ball%20Z%20P%E5%20Latin%20Spansk;0.4841029137074362

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
hjelmeland.fronteiras.eu/
Redirect Chain

http://hjelmeland.fronteiras.eu/
https://hjelmeland.fronteiras.eu/

58 KB
23 KB

385ms
312ms

Document
text/html

2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a731cec18f94d42b326dc43866739f9766ff86f5250b35e08cfa6e0050395fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ace8f46bffb19d3-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 11:26:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0%2BWQ7OEBKoyih%2FR5l73aSL2OBOfwsUf%2BCoDfnooHP25K12FF9AeCMTzruqeYUUoiKWQHJ4xuviZLLu%2BfDW6voj2EwfW3jlNM2iaUTUyXcDkjGgG4yhrVg%2BV8fzsGT2Ly0XYMAh3lFUyic6opsXXEu7Kr8kofow%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 7ace8f450c914362-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 24 Mar 2023 11:26:31 GMT
Expires: Fri, 24 Mar 2023 12:26:31 GMT
Location: https://hjelmeland.fronteiras.eu/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPY6mPB%2B1juim9qBvMk1wL3GaTJOFVLSsMRB2NDRDOTW5WhRPQWY8DCfM47yyn%2BVsSprmAy5Vg%2FMCf7i%2FCA17lAe%2BOyJGEZc7UmnYLWyBLAgrqsGEPO4XFXvp8I8lL4gXYJlYLtR8M6klN9vHoTIcgTk3w%2BdXrc%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/ 61 KB
13 KB 215ms
212ms Stylesheet
text/css 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/style.css
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ad70fb9df129e14a83ce5f643b1f5062a724a44e572e0aa51e514211abc5e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2017 18:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a0f2a9f-f433"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhWDYxbcEtwKMw63SmSs7f426xZ4o9XVmJ669V8OnmY7nS%2FM1B8c3Ew91lpl30uC8mB5hTN1xW%2B%2BNaCSew%2BuDvwJhDP7fNFslXR3%2BI5QtZTViPkDEkVQsK6D3UP0Mu2Bp9RmpJG8d5solmyMSiHAaiJw%2Bs1yv5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7ace8f48d95719d3-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.js
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/jquery/ 95 KB
34 KB 304ms
302ms Script
application/javascript 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/jquery/jquery.js
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 23 May 2016 07:00:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5742aa8e-17ba0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wT4d3OqjdAaXhvLlgPWmBHRHmruJqCXm9Y2nigbLCAiuc6zhvHxHkR0agoneeacN9KKNADU1OldnIsgAwcd7MPHgG2q1FHP%2FT2LffdDDrS5UGhwkuHJN7f7eGCHeajw5LFHWLK%2FDyAZnQGLYnsfFZMjvX26l%2FE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ace8f48d95819d3-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/jquery/ 10 KB
4 KB 210ms
208ms Script
application/javascript 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 20 May 2016 04:11:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"573e8e70-2748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dmg5cnm0OvlRyeL7cj7EjOr2lAu5SJVSo4l09bFcOY%2FF72XmXMmJVQBO2rbO9eBHURupsMukOerSlThgw8fKcJvgOSnXE%2BGOasY%2FKDRnQof%2BfqNoIC0IRDbS4yqvRuouebNcZVk4XH0%2FKlHXR1xwL5MxxeDKzI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ace8f48d95919d3-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 stor-%C3%A6rlig-bytte-pon-seks-video-jente-fanget-tumblr.jpg
hjelmeland.fronteiras.eu/imgs/1/2/35/0c/99/0c359992856d58ddcc100bb1c349f9e2/ 6 KB
7 KB 248ms
228ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/2/35/0c/99/0c359992856d58ddcc100bb1c349f9e2/stor-%C3%A6rlig-bytte-pon-seks-video-jente-fanget-tumblr.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 136438, 260689
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6237
x-77-nzt: A5ySIQGG1j/vUfoDANRmOAkg+pHv9hQCAI/0OsjHBo2h
x-cache-lb: HIT, HIT
last-modified: Fri, 30 Sep 2016 10:37:45 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f0576f48be8881d64ccba8713
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPQQHsOiKhsOslgD%2FdJc4xYw9lbZCV1R3kZqkvj89xiHPkuA%2BUy3OatNBMo3y%2BrGsupKDsjdwpGhgMo4DGLOh3z5zdX9UxU1uJ8t2cj7qfnvJtJ8Wjt0k%2FN%2FDvPeK233SltyXjVNaT6vWk0QP33kVC%2F1GlmlvPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e1a8c6f-EWR

GET
H3 200 lesbisk-sex-i-amsterdam-amateur-sex-videos-dogging-bergen-toon-porn-videos-norske-jenter-har-se.jpg
hjelmeland.fronteiras.eu/imgs/1/13/6f/89/92/896f920a0e0e7e36e8b416bab8b131ad/ 6 KB
7 KB 364ms
345ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/13/6f/89/92/896f920a0e0e7e36e8b416bab8b131ad/lesbisk-sex-i-amsterdam-amateur-sex-videos-dogging-bergen-toon-porn-videos-norske-jenter-har-se.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6120
x-77-nzt: A5ySIQFkvRChisclwVNqM6GP9DrYlD9EoQ
x-cache-lb: MISS, MISS
last-modified: Mon, 05 Apr 2021 22:31:39 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f5581f08be8881d64d2668213
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPcx9adFNoyKJdxN2%2F7UAxMgS3f00MEusaxwA950vk25beFbIezbBWYuhtJClDzcJK9lWv5ayRBZwNkQ%2BewKm%2Fi8VxbetqXNlOJ0Zi2BfW5UcP%2BfjD%2BuqUNsv6bUk4meG5OAKCdZw3TbEXSEQl%2Fu459%2B%2FzJr55s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e1c8c6f-EWR

GET
H3 200 store-booticicas-ts-escort-norway-sex-kontakt-norg-nakne-jenter-%C3%A5-f%C3%B8lge-p%C3%A5-snapchat.jpg
hjelmeland.fronteiras.eu/imgs/1/22/3a/c2/1e/c23a1e06e46834a81cc2080ad1297321/ 35 KB
36 KB 336ms
318ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/22/3a/c2/1e/c23a1e06e46834a81cc2080ad1297321/store-booticicas-ts-escort-norway-sex-kontakt-norg-nakne-jenter-%C3%A5-f%C3%B8lge-p%C3%A5-snapchat.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwgVDim4uOJlr76QTJuJzPwOFQduyJDPlWTelSELDS3q3bEsoT5ua0y3Fy69rqjKWaCVQEMC2pSJ78qujupU9hHJzbZXk%2BizoQ0jgevNhOBYHpF5uGSOgriRvL%2FIV7yDO8SrFc4vjYuBqbCYrWIg6%2FbeC1rL4V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e1d8c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 sex-film-b%C3%B8sse-czech-escort-guid-sexfantasier-kvinner-naiv-super-sammendra-independent-escort-netherlands-match-personals.jpg
hjelmeland.fronteiras.eu/imgs/1/15/df/a7/3b/a7df3beedc87930dc56b6e9d0906ceae/ 35 KB
36 KB 389ms
372ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/df/a7/3b/a7df3beedc87930dc56b6e9d0906ceae/sex-film-b%C3%B8sse-czech-escort-guid-sexfantasier-kvinner-naiv-super-sammendra-independent-escort-netherlands-match-personals.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LsZLj0okAOp5yuqWWo8m6rHCTuhMggP0YPy%2BAP39GvoWgiC8Heb3UlyqaT1%2FVJePqWRt25%2FWMmPwOoITyuV65IhxQY3U7sEP%2Bislr9xYJoLSmuqWgUhT%2BPjvNAKBTu26MEVlSz70ERDO%2FXKrSgBdj3j%2BYiH%2Frk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e1f8c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 vil-knulle-homoseksuell-pikk-i-pik-sexy-korsetter-massagese-ekaterina-alekseeva-naken.jpg
hjelmeland.fronteiras.eu/imgs/1/22/f9/0e/10/0ef9109d6f78471ab3f79b45c026f656/ 8 KB
8 KB 307ms
290ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/22/f9/0e/10/0ef9109d6f78471ab3f79b45c026f656/vil-knulle-homoseksuell-pikk-i-pik-sexy-korsetter-massagese-ekaterina-alekseeva-naken.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7767
x-77-nzt: A5ySIQHGXuahnJIhJwaOq6GP9Drd4ER+oQ
x-cache-lb: MISS, MISS
last-modified: Fri, 09 Dec 2016 01:35:41 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f5c80ef8be8881d644cce8113
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQi1EddRy23FBMJc%2Bywm25xisLzRE52oexLN3P1I2K3dADyjqqC4Es%2FvQfmpkvJvE4nJa6mzdLDJpkWvvj5dl3RQgX8J33M2FipNWxLIaAZBykjlraeAD57Ez2Nk5F8QEKk17egowElWxJhVzlTAJTsKioFAfGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e218c6f-EWR

GET
H3 200 beste-sex-trekk-ny-video-sophie-dee-norske-eskortepiker-free-online-porn.jpg
hjelmeland.fronteiras.eu/imgs/1/15/c4/21/ff/21c4ff8ffd0b5acb10ae961df8731cd6/ 7 KB
7 KB 359ms
342ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/c4/21/ff/21c4ff8ffd0b5acb10ae961df8731cd6/beste-sex-trekk-ny-video-sophie-dee-norske-eskortepiker-free-online-porn.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6870
x-77-nzt: A5ySIQFILBuhisclxKyGk6GP9DrIsv2JoQ
x-cache-lb: MISS, MISS
last-modified: Thu, 16 Jul 2020 06:44:48 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f2489ed8be8881d64587c7f13
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNQvR8AZWjYCsgWTCVAwx0zBmaVkrkaxtYv4Qcy4Hhvqeci%2BvxeDfdJVgSPaR5zPi66gJGULKGPA80uaBYGoGR2J2s0%2F2w4qA83EvukuZHNfNVSOESHHtAEVqSDBBxdOgZHzSTw7qe%2B9L6Konudy1gwTkoa95ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e228c6f-EWR

GET
H3 200 betty-blue-t%C3%B8nsberg-free-sex-clips-lesbian-anal-hd-massasje-frogne-bridgit-mendler-bryster.jpg
hjelmeland.fronteiras.eu/imgs/1/15/ee/9c/0b/9cee0b5152a6eb23fb3459f86694d29e/ 35 KB
36 KB 373ms
357ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/ee/9c/0b/9cee0b5152a6eb23fb3459f86694d29e/betty-blue-t%C3%B8nsberg-free-sex-clips-lesbian-anal-hd-massasje-frogne-bridgit-mendler-bryster.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrzUH8pe7FVOD%2FX6KRqp0Z9SDXqHV2Qg0B0lZ%2F3qeACBJksSY4PuZTo%2FiuaLndQ81OkaTzWaE6AK47GIjkFfU6AHvZte%2BvgOguuvPpqWflfGJKTdVx7eXX7XWMfZcXqvLQnc7kpCDkvqoTNx4y2eTevD8gjpUIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e238c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 sex-on-webcam-eskorte-jenter-vestfold-alison-tyler-kjole-rette-nakne-menn-tumblr.jpg
hjelmeland.fronteiras.eu/imgs/1/15/17/96/e2/9617e2f8615bbaada114585e2225d643/ 5 KB
5 KB 243ms
227ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/17/96/e2/9617e2f8615bbaada114585e2225d643/sex-on-webcam-eskorte-jenter-vestfold-alison-tyler-kjole-rette-nakne-menn-tumblr.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 480715
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4727
x-77-nzt: A5ySIQGYCNjvy1UHANRmOAHdEFfBj/Q6yIm+rcE
x-cache-lb: MISS, HIT
last-modified: Sun, 18 Dec 2022 15:30:13 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f5a73ea8be8881d647f877e13
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IKCvqmILwGrCcUNORPKog9m6zej5JCwosIsftjYQFCt3CGZRFXgvcbYXRkbe%2BphmDGAd1Ko6STlEVatDrTv%2BG83ncRPl39%2Fq7txNvvWq%2BR2aLcfzcH6Ft%2BEN%2BGFXWKXOMpqh39Yd4hjVZWa2ePRrM9yFAkecPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e248c6f-EWR

GET
H3 200 b%C3%B8sse-flirt-dating-real-escorts-in-london-norske-jenter-nakne-norsk-tale-porn-kvinne-s%C3%B8ker-par-oslo-sex-guide.jpg
hjelmeland.fronteiras.eu/imgs/1/15/6f/5f/da/5f6fda58b51c9ecfb5752695bfe6d065/ 2 KB
3 KB 329ms
313ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/6f/5f/da/5f6fda58b51c9ecfb5752695bfe6d065/b%C3%B8sse-flirt-dating-real-escorts-in-london-norske-jenter-nakne-norsk-tale-porn-kvinne-s%C3%B8ker-par-oslo-sex-guide.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2361
x-77-nzt: A5ySIQEfzlehnJIhLm6ZTaGP9DrIzI7ZoQ
x-cache-lb: MISS, MISS
last-modified: Thu, 08 Dec 2022 14:29:05 GMT
server: cloudflare
x-77-nzt-ray: a2390d2fac83e98be8881d6408c47e13
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRidZqj0f3EctoDc1tt2hApq6Jgl6o68e9HKmR8NBVHCX6B%2BZEPnyig002nVUGSHDpd%2B4RsFQ6KXjd%2BLpM1NsvOaKgK6dJBe%2BSxbOECGay0hICtNsuhWOf8vzpf8siXB0qAdIlc21L0SBZ3IKpEXXhOWtoOkU8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e258c6f-EWR

GET
H3 200 www-diamant-jackson-com-knulle-trondheim-meet-and-fuck-homo-no-sign-u-assassins-trosbekjennelse-opprinnelse-cleopatra-naken.jpg
hjelmeland.fronteiras.eu/imgs/1/15/1d/f2/25/f21d2525766638b43da517036fe5eb6d/ 8 KB
9 KB 271ms
255ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/1d/f2/25/f21d2525766638b43da517036fe5eb6d/www-diamant-jackson-com-knulle-trondheim-meet-and-fuck-homo-no-sign-u-assassins-trosbekjennelse-opprinnelse-cleopatra-naken.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 797817, 299109
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8449
x-77-nzt: A5ySIQHL5yPvZZAEANRmOBXUxdT/eSwMAI/0Osh0jMTB
x-cache-lb: HIT, HIT
last-modified: Wed, 19 Oct 2016 15:43:31 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f1f79f68be8881d648a328b13
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efs%2FyZeFXPkVmP01sU1dwLRanKEIR5U7qNOzQV13Ez3Mf0ZBaakHYhd9FNPL7scMCzZHkKFjhW318YTMwZsdS5zpCog%2FmLUdN7OWTvT7FDPgtsrTgKJeWpbU6Q7ImAW%2BqpgL5HmWQVLWMOwcMZMnV6YRakvUjKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e268c6f-EWR

GET
H3 200 ian-somerhalder-dating-history-haugesund-kvinner-og-sex-escort-sites-gratis-chattesider-norge-naken-chat.jpg
hjelmeland.fronteiras.eu/imgs/1/15/89/16/3a/16893ac950348fa0b4004f01433fa340/ 35 KB
36 KB 333ms
318ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/89/16/3a/16893ac950348fa0b4004f01433fa340/ian-somerhalder-dating-history-haugesund-kvinner-og-sex-escort-sites-gratis-chattesider-norge-naken-chat.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCBzcI%2F0vfmAklncjE7sO9A0u1r1%2B%2Bts0cQmuKscTR9sDVQ04%2B529q%2B8TpjU3KFDJ9IXVqUZoT%2BdMlu4pETHeCSfI%2BkY%2BgQoPNv7FLxXvPn0pb91injUT7p4zHTIV15E7nIaemNLbcXYELacYFOYlsM885IdSqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e278c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 one-night-stand-with-god-akershus-hvordan-a-finne-en-jente-for-one-night-stand-leirvik-brazzers-k%C3%A5ret-til-beste-milfscene.jpg
hjelmeland.fronteiras.eu/imgs/1/15/fe/82/49/82fe49413ceb79e6c07dd2c6ec14c6c5/ 3 KB
4 KB 361ms
346ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/fe/82/49/82fe49413ceb79e6c07dd2c6ec14c6c5/one-night-stand-with-god-akershus-hvordan-a-finne-en-jente-for-one-night-stand-leirvik-brazzers-k%C3%A5ret-til-beste-milfscene.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3353
x-77-nzt: A5ySIQGeovWhisclNOdY3aGP9DrY71IvoQ
x-cache-lb: MISS, MISS
last-modified: Sat, 10 Dec 2022 00:58:51 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f0576f28be8881d6490a08413
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYUHBMgpDHx%2FcN6Byp51WhEFOlb5kwKpEkzxQCYrvpG27bpI2GjJV8lXqZUTXuZwPlNydkjs%2FWt0NL2uv2bG1xPdNbP8tfCHfkB3Rn7H0KR4f3JmZ%2BubiVRoUNwN%2BBg%2F80ErUbPwHJCeNcqrMO8Mv%2F44ynWc4Mg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e288c6f-EWR

GET
H3 200 naken-arabisk-dans-sexuelle-fantasier-massasje-og-eskorte-osl-k%C3%A5te-husm%C3%B8dre-free-fuck-finder.jpg
hjelmeland.fronteiras.eu/imgs/1/20/98/13/87/1398876f239aa50b340d9d5bf175d109/ 8 KB
9 KB 270ms
255ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/20/98/13/87/1398876f239aa50b340d9d5bf175d109/naken-arabisk-dans-sexuelle-fantasier-massasje-og-eskorte-osl-k%C3%A5te-husm%C3%B8dre-free-fuck-finder.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 3727119, 560431
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8182
x-77-nzt: A5ySIQE2eb7vL40IANRmOJnk3M7vD984AI/0OthXLAKh
x-cache-lb: HIT, HIT
last-modified: Thu, 22 Sep 2016 03:37:12 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f2a7d028ce8881d645caca613
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVUqxN8KTlv1zD4r5BkqThtXJgcUjHpgKTfUttBqGoBtYr3gxA9vg0F%2FLxXhUpiIKRuRgYUxFMVN7CfT4gru4bRdoCFKTIgFLRkSl6Sqtwhx3u%2FdTg%2B%2B9feoqIPa0ZxDXzJllZuUf1kSDfGxK47vlDgXL1fKs9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e298c6f-EWR

GET
H3 200 victoriamilan-no-eskorte-i-telemark-n%C3%A5r-jenter-spiller-strapon-escort-swingers-bod%C3%B8.jpg
hjelmeland.fronteiras.eu/imgs/1/15/82/be/5f/be825f2933891d4cba98b9a176609e48/ 5 KB
6 KB 359ms
346ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/82/be/5f/be825f2933891d4cba98b9a176609e48/victoriamilan-no-eskorte-i-telemark-n%C3%A5r-jenter-spiller-strapon-escort-swingers-bod%C3%B8.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5571
x-77-nzt: A5ySIQH6T7Kh1GY4DYmsoaGP9DrdstC9oQ
x-cache-lb: MISS, MISS
last-modified: Sat, 02 Jun 2018 13:07:59 GMT
server: cloudflare
x-77-nzt-ray: a2390d2fef831a8ce8881d6405a2e613
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hRmlSpQU8lCo%2BqNyLsHGYopwazcaGEtx0SC%2FD2H95RomCPSyp61vwpE51Y%2B%2BkmI9f%2BleUI4b0vWUh%2FkMv05Gbo%2FD609USojxATwjzS2wAvLPK1O2dz71S7CIRGC01wD%2FpSOIvA2qufsHPrWM%2BeHN%2FOBmyFDmv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e2b8c6f-EWR

GET
H3 200 xxx-legebes%C3%B8k-sexby-juarez-slangedekket.jpg
hjelmeland.fronteiras.eu/imgs/1/15/74/0a/d8/0a74d8c9bc169ddba6e4148c82ec14b2/ 6 KB
6 KB 360ms
347ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/74/0a/d8/0a74d8c9bc169ddba6e4148c82ec14b2/xxx-legebes%C3%B8k-sexby-juarez-slangedekket.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5895
x-77-nzt: A5ySIQFYoF6h1GY4FaarN6GP9DrYwGMBoQ
x-cache-lb: MISS, MISS
last-modified: Mon, 14 Sep 2020 02:27:48 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f5581f18be8881d64edaf8513
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgcI%2FsAA7vh63Dh2O%2B4ZXdpfjvwcj2N77rS9Dkgut%2FAPhvJjznFvX2jZZOMZVmUIrLM2UltpMdbEdSrg05dsVMP%2FhcDGeJsOm1QiWsHp1tYztrpusarTnogmlj2TpD0Yj38IMv%2FYO7zFvwp%2FDIV%2BtCHc78js24Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e2d8c6f-EWR

GET
H3 200 bilder-av-skuespilleren-naken-porno-hd-laste-ne-eks-gf-ass-bilde-sexy-husfilm.jpg
hjelmeland.fronteiras.eu/imgs/1/15/3d/8e/4a/8e3d4afeaee251a7ff0688cc66f94799/ 4 KB
5 KB 390ms
378ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/3d/8e/4a/8e3d4afeaee251a7ff0688cc66f94799/bilder-av-skuespilleren-naken-porno-hd-laste-ne-eks-gf-ass-bilde-sexy-husfilm.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4137
x-77-nzt: A5ySIQFqIpih1GY4FVwOI6GP9DrYuApuoQ
x-cache-lb: MISS, MISS
last-modified: Sat, 15 Dec 2018 03:51:17 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f1d7b0d8ce8881d64f510c113
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlAM14lOi7xfZfd6%2FF7bUevHKFP4nIAGivYuh6yZ5tzHnSqkJdUxI0HH5lzNkVOxI8%2BR%2FMb3bhV%2FnF3nyVvMX4eQ1NgNnq3YoPTktU%2FTongKxhW1H1pnsD1CJ8IncOd5h3l67LwCw1snoH8wGf5S7RNmhgojg3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e2e8c6f-EWR

GET
H3 200 rosa-rutete-skolejenteskj%C3%B8rt-shemale-escort-oslo-porno-norge-gratis-voksen-nettverkssider-halde.jpg
hjelmeland.fronteiras.eu/imgs/1/16/8d/fc/e1/fc8de1aac95f6ea7648c7bcf46784f1b/ 10 KB
11 KB 295ms
282ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/16/8d/fc/e1/fc8de1aac95f6ea7648c7bcf46784f1b/rosa-rutete-skolejenteskj%C3%B8rt-shemale-escort-oslo-porno-norge-gratis-voksen-nettverkssider-halde.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 1017327
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10432
x-77-nzt: A5ySIQEGblrv74UPANRmOJx2CyPBj/Q63Spc2cE
x-cache-lb: MISS, HIT
last-modified: Sat, 21 Dec 2019 21:41:05 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f8979128ce8881d644fdad413
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEkVNNpLz6Nt4eS06dWPgNej7UUEoxDbk4dAfQnYhHeIJWO8iRKu7k3n%2BEdcGjkEJvYedphx5ePhxRmuhrvlwe9v%2FRW90DBXqnkLt23NotvbJdQ7e5rIrJRVWOBXKCr%2BviuSYkkqFKIVjsy3Yt4OPFvGux8rgi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e308c6f-EWR

GET
H3 200 hot-lesbisk-sex-hund-kn%C3%B8tt-jenter-free-dating-websites-com-sandnes.jpg
hjelmeland.fronteiras.eu/imgs/1/15/e5/17/53/17e5538157cef8cddad09f8a8e358672/ 35 KB
36 KB 360ms
348ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/e5/17/53/17e5538157cef8cddad09f8a8e358672/hot-lesbisk-sex-hund-kn%C3%B8tt-jenter-free-dating-websites-com-sandnes.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlJaETmodPCm7VScoFgBAMhGYpbqMo45qjXjKiUBZL7yaFEPcHaEQcIvZF6a6FRWrJiJzvRmZ1zvtkIj%2BU3Ry4O5Uuem91QYw8Y9D72gDVkyKAzLeN6k5EPDQn4CuncbFmqQtC8SH%2BXv%2FBW4RGZppQXIhtzofj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e318c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 riko-tachibana-tube-siste-nytt-om-albanske-vip-er-katherine-mcphee-rumpe.jpg
hjelmeland.fronteiras.eu/imgs/1/15/b9/31/e8/31b9e867499a4eb1580d84f63fa2f539/ 8 KB
9 KB 268ms
256ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/b9/31/e8/31b9e867499a4eb1580d84f63fa2f539/riko-tachibana-tube-siste-nytt-om-albanske-vip-er-katherine-mcphee-rumpe.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 1812637, 446720
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8404
x-77-nzt: A5ySIQFplkbvANEGANRmOBU/vD3vnagbAI/0OtisZEfB
x-cache-lb: HIT, HIT
last-modified: Wed, 19 Oct 2016 06:58:41 GMT
server: cloudflare
x-77-nzt-ray: a2390d2ff875038ce8881d645404aa13
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyEi46rTu5IuToPT9MQIPfNGes3b9%2Bpd%2B6bKLB1TtVfieG207F38OE6NVxbOptrkJkX1ZdUUdX0vZrV%2B%2BOQ9avAbkDbMtXtcAxSbPLwxUqVPOTmM2NzT3zSnUNXJGwV8NbfGvxZJH12IH3RozAmeX9CJ0Il2CIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e338c6f-EWR

GET
H3 200 ms-doe-tisse-sm%C3%A5-pikk-svarte-gutter-datingsider-norge-thai-massasje-stavange.jpg
hjelmeland.fronteiras.eu/imgs/1/15/4f/11/55/114f5537d96be1ee1b7f174a88dbbfa4/ 35 KB
36 KB 367ms
356ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/4f/11/55/114f5537d96be1ee1b7f174a88dbbfa4/ms-doe-tisse-sm%C3%A5-pikk-svarte-gutter-datingsider-norge-thai-massasje-stavange.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0repkRacUn%2BPOEpa5q4nFfGfFvLl3gOqsv%2Fab4S5Tr3kQykBM0zow9R0dEs0ty3sN9d6Hje47HXhAKbeLFQjZM53Q5xn3avMbidjmdDPWpF0hiLTFoWX4CMQB7R0UopHJ12JgGpaDYOTKZMRxxozXsXDNJUIe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e348c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 melayu-homofil-tube-inntrenging-erte-porno-tumblr-homofil-trekant.jpg
hjelmeland.fronteiras.eu/imgs/1/15/c4/45/30/45c430d13753bc97c13aec96c259cb67/ 35 KB
36 KB 390ms
378ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hjelmeland.fronteiras.eu/imgs/1/15/c4/45/30/45c430d13753bc97c13aec96c259cb67/melayu-homofil-tube-inntrenging-erte-porno-tumblr-homofil-trekant.jpg
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
last-modified: Sat, 08 Aug 2020 11:13:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5f2e88c8-8ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tgYmsTivlRpTQebb7hClDAkZEwcCx%2F91i%2FcmKjxjyUrnegc%2FKVmADkHOVPHiDgK5KRV4%2BG7DxwRA8RsshNPcMxYo5J%2FYn9ioMNcQTBqJ%2BFuo8cTvzIL%2FSS%2F2bLaRoBTH4rMsrS4u4Cv4UmNkaTRFXzMx%2F6gRRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ace8f4b1e358c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36000

GET
H3 200 fyll-hullene-hennes-nakne-bilder-salma-hayek-tantra-tempel-massasje-oslo-knulle-norske-jenter.jpg
hjelmeland.fronteiras.eu/imgs/1/13/33/41/99/413399fdada30bf2f8dff5741a1887af/ 7 KB
7 KB 294ms
284ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/13/33/41/99/413399fdada30bf2f8dff5741a1887af/fyll-hullene-hennes-nakne-bilder-salma-hayek-tantra-tempel-massasje-oslo-knulle-norske-jenter.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 2110796
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6873
x-77-nzt: A5ySIQEJDOLvTDUgAJySISeSuRTBj/Q62Ik4f8E
x-cache-lb: MISS, HIT
last-modified: Sat, 06 Apr 2019 18:47:23 GMT
server: cloudflare
x-77-nzt-ray: a2390d2ff37f428ce8881d64ffb18d14
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ESLpwju5QEpJE4a4sDciVG5PFqfINCJaiiuG6Df3OEW2b17mdyG34djRDYN%2F655DgdT3xxNgnC7kFS1aMFMD%2FAYNgFbTTA8H8LnmI1SWDHYvH1zNemHvtL8YMCpwtfuahbRqLvX%2BlaqRtvrKXBaoYLx3fl37xQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e368c6f-EWR

GET
H3 200 hentai-anal-ahegao-claire-holt-sex-fett-og-stygg.jpg
hjelmeland.fronteiras.eu/imgs/1/15/70/47/51/477051a4deb477b723f49689774169dc/ 8 KB
8 KB 295ms
285ms Image
image/jpeg 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hjelmeland.fronteiras.eu/imgs/1/15/70/47/51/477051a4deb477b723f49689774169dc/hentai-anal-ahegao-claire-holt-sex-fett-og-stygg.jpg

Requested by

Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 24 Mar 2023 11:26:32 GMT
cf-cache-status: MISS
x-age-lb: 4897419, 1983768
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-77-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7950
x-77-nzt: A5ySIQFN3CHvGEUeANRmOA1dYmbvi7pKAI/0OsjoEwn/d7gDAA
x-cache-lb: HIT, HIT
last-modified: Sat, 15 Oct 2016 14:35:17 GMT
server: cloudflare
x-77-nzt-ray: a2390d2f8976088ce8881d6466beb613
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXvAkPTcXMwPhsT%2FaMCfmr6i8LoggaYf12b%2F61JhvQE1z61RjAXv7Qf7K72dqbQNM1aQskAMGmqZAcdz9i0Erai0co%2FTGtZ6h0g0i8VBoFoea6f94DrFOlSiBa3%2F8%2Bt5iDV5%2B7SdcHgZ%2B6%2BA57MFiJWSaHBsUnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=10368000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7ace8f4b1e378c6f-EWR

GET
H3 200 main-navigation.js
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/js/ 410 B
759 B 208ms
207ms Script
application/javascript 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/js/main-navigation.js
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2017 18:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a0f2a9f-19a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6dM7aMPW6zxbWcOWAOgLijaxsQcxTu0SGaEU7zQQ086fWMcaBeqYkcolbwbcPY0hRJeXcidk7xPH7bUX%2Bhkk5oQZlZM2GxvV1x7P6xqwFrVGdgfe8sM9%2BBEZ8YjvSixisbl7MF0V3aJ6sVnN4hPAgqghlSmwos%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ace8f4a3d4d8c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skip-link-focus-fix.js
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/js/ 685 B
859 B 208ms
207ms Script
application/javascript 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-content/themes/oleinpress/js/skip-link-focus-fix.js
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2017 18:29:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a0f2a9f-2ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPBYqzhdpZbAb9q%2FYetTA9%2BnkbPwTMYHjd4rE2t7YDmg6IfRehA8f0U4S%2FlDJbkSrG1nP2Gc3nENZKgMGg0hxyPkbzxzsut6OpooBPdh%2BNJHATIMzBNgTyD1TdRlzI38Z8vP6ITQsOmcZiaBAPwuLaeOqltBIK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ace8f4adddf8c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 wp-embed.min.js
hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/ 1 KB
1 KB 212ms
208ms Script
application/javascript 2606:4700:3030::ac43:955b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hjelmeland.fronteiras.eu/templates/oleinpress18051/wp-includes/js/wp-embed.min.js
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:955b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2016 12:38:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58358dca-576"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pw6ELyBOIVXQYgF0WzNJPA%2BtSh8TMjhy1gOvSJWI0K4PWdEJDx5luO%2BuWTF7dw9%2BrVD01w4D1lJU7UIkXdRA0odXrJbQNIAMWoAnE9RIJgjSfW0UIOyVI92bovAvnFYmF%2F8hdqYjxVdtFKRri594uXVqmaSo61c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7ace8f4afe038c6f-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

hit;fronteiraseu
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;fronteiraseu?r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%20...
https://counter.yadro.ru/hit;fronteiraseu?q;r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%...

43 B
528 B

133ms
133ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;fronteiraseu?q;r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%20Ned%20Episoder%20Av%20Dragon%20Ball%20Z%20P%E5%20Latin%20Spansk;0.4841029137074362

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hjelmeland.fronteiras.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Mar 2023 11:26:32 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 23 Mar 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 24 Mar 2023 11:26:32 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;fronteiraseu?q;r;s1600*1200*24;uhttps%3A//hjelmeland.fronteiras.eu/;hSvarte%20Mennesker%20Trekant%20Porno%20Kontaktannonser%20Trondheim%20Mia%20Gundersen%20Nude%20Last%20Ned%20Episoder%20Av%20Dragon%20Ball%20Z%20P%E5%20Latin%20Spansk;0.4841029137074362
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 23 Mar 2022 21:00:00 GMT

GET
H/1.1

200
OK

Primary Request jump Show response
bustygirls4u.com/
Redirect Chain

https://bustygirls4u.com/tds/ae?tdsId=s3719tka_r&tds_campaign=s3719tka&utm_sub=opnfnl&s1=ps&utm_source=int&affid=457f5686&subid=NOLD180521&clickid=2gcdlkn3i52j2
https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b...

5 KB
2 KB

238ms
237ms

Document
text/html

54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Requested by: Host: hjelmeland.fronteiras.eu
URL: https://hjelmeland.fronteiras.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 53d7429d975e573dfe7dc41d10637cdefab845a332c7ae8212af7b15cfc58bb5

Request headers

Referer: https://hjelmeland.fronteiras.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 11:26:33 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
Access-Control-Allow-Origin: *
Connection: keep-alive
Date: Fri, 24 Mar 2023 11:26:32 GMT
Location: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked

GET
H/1.1 200
OK intg.js Show response
bustygirls4u.com/bridge/ 269 B
738 B 81ms
80ms Script
application/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/intg.js?v=8
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 556f2a46047c9b8dedbae5ef8c59dc7ea04ff88e76d7dcda568f1eb2dce03548

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"10d-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 909a27429763e8456a1f0e05e05cff47.css
cdn3reference.com/landings/25948/css/ 3 KB
1 KB 184ms
85ms Stylesheet
text/css 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 5f78be3790c7cb92e01a0ba6a718b1faa824794285a905bb22759c9910fa8289

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Wed, 13 Oct 2021 07:37:43 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: W/"d79-5ce3709977fc0"
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: Qh9Ocf3L-Cttqi-zK5-qW3tEA8xmUQVTDGnVoHPBA9kwkROdcYEhJA==

GET
H2 200 logo.svg
cdn3reference.com/landings/25948/images/ 2 KB
1 KB 56ms
50ms Image
image/svg+xml 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25948/images/logo.svg
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 19046f256c8d29d3c23dd377dbb6725f9c6ed036f844f726168b69a916e0797c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 09:06:45 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: W/"967-5cdd3b2cb1340"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-id: Fx8tS39rNlGggqGxtjOZh_3ErYhpYjW2WhCsPUZ_1R8r5OxeFMORxg==

GET
H2 200 dc_img.js Show response
cdn3reference.com/js/ 488 B
635 B 66ms
51ms Script
application/javascript 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3reference.com/js/dc_img.js?v=8
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Thu, 29 Oct 2020 09:19:39 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: W/"1e8-5b2cbc78da216"
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: T1369XnlmSvv1thgyu5o6CQPRUGSPBYeJyqS08Y4G2zCGUHVqcGqug==

GET
H/1.1 200
OK ao_loader.js Show response
bustygirls4u.com/bridge/ 836 B
1002 B 83ms
81ms Script
application/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/ao_loader.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d5d65364c02602f4fae5c63195607cfff433ac59d4c7d756e4a0a2e6f33ccd19

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"344-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H/1.1 200
OK integration.js Show response
bustygirls4u.com/ 2 KB
1 KB 170ms
84ms Script
text/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/integration.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: fcf0beb000c0392cbbb45e40156c0ff5ce33ee2072bc2dd376e3acc0e89eda0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Express
ETag: W/"713-KaQGZfSM2+uTQY8Sm+tSBLT4Qso"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK crypto-4.1.1.js Show response
bustygirls4u.com/bridge/ 47 KB
17 KB 321ms
163ms Script
application/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/crypto-4.1.1.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eab5bd35e8ce36b0d7416bc35f8627b364d8574d8dd1247d791e2e7a6c2692b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"bde2-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H/1.1 200
OK frodi_data.js Show response
bustygirls4u.com/bridge/ 6 KB
3 KB 238ms
80ms Script
application/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/bridge/frodi_data.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/intg.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"19f8-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H/1.1 200
OK ao.js Show response
bustygirls4u.com/ 5 KB
3 KB 154ms
83ms Script
application/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/ao.js
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/ao_loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eeb4a4fab3f875c16469a1e65c04835d8134e06f8cb97ca723103e5c695cb374

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"1509-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
879 B 105ms
40ms Stylesheet
text/css 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Requested by

Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn3reference.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 11:05:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 11:26:33 GMT

GET
H/1.1 200
OK main.js Show response
bustygirls4u.com/ufis/ 199 B
533 B 116ms
116ms Script
text/javascript 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fbustygirls4u.com%2Fjump%3Ftds_campaign%3Db7867den%26utm_source%3Dint%26dci%3Da61ee3662cb1aefd27148a718977097f499ddc8d%26utm_content%3DNOLD180521%26tds_oid%3D25948%26tds_host%3Dbustygirls4u.com%26tds_cid%3Dacfe7eafba852b2e9a796ad4792842401e122053%26data2%3D2gcdlkn3i52j2%26tds_ao%3D1%26id%3D25948%26_tgUrl%3DaHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw%26tds_p_campaign%3Db3957mar%26tds_id%3Db7867den_jump_a_1594648707194%26s1%3Dps%26tds_ac_id%3Ds3719tka%26s3%3D%257Bsubid2%257D%26utm_campaign%3D457f5686&uaDataValues={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/integration.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 274fcd0183b956664a6e9d562c1a5f3906df998c40e66567788501e94cda4485

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Server: nginx
X-Powered-By: Express
ETag: W/"c7-sjTJ6eYeyc5uXZgUfKqK31UkKOM"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 199

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
50 KB 128ms
41ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

Requested by

Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdf3e44343ae0ddaba68a775110904a2ae8577f2dbb0868911f710e712a0a9ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51028
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Mar 2023 11:26:33 GMT

GET
H/1.1 200
OK fp_ec.js Show response
retarget2core.com/fp/ 1 KB
1 KB 359ms
85ms Script
application/javascript 52.9.93.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://retarget2core.com/fp/fp_ec.js
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/js/dc_img.js?v=8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.93.60 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-93-60.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Mar 2023 13:53:09 GMT
Server: nginx
ETag: W/"4bd-1870471f188"
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Robots-Tag: noindex

GET
H2 200 bg-light.svg
cdn3reference.com/landings/25948/images/ 697 B
761 B 60ms
48ms Image
image/svg+xml 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25948/images/bg-light.svg
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: ca8d40217145055e20d7865a39626a38ba1afa28740850d39a4a8e440417c5fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 09:06:45 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: W/"2b9-5cdd3b2cb1340"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-id: stMS17ko5njQcsP12kQlZxD-noMFk_hzQM96smQ1J_pdb2TSQxyiWw==

GET
H2 200 1-pc.png
cdn3reference.com/landings/25948/images/ 178 KB
178 KB 82ms
71ms Image
image/png 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25948/images/1-pc.png
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: e73431bf67a4ff323681902d7d21a14dd3139ab04d4f45bfe1d620e0c54aa753

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 09:06:45 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: "2c71a-5cdd3b2cb1340"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 182042
x-amz-cf-id: mWB1_o3pgkGlJQYA6dMSA4-3H4gxWwpwlrA4-LSr5xeBFgUX1QTX3A==

GET
H2 200 bg-dark.svg
cdn3reference.com/landings/25948/images/ 669 B
754 B 57ms
51ms Image
image/svg+xml 143.204.146.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3reference.com/landings/25948/images/bg-dark.svg
Requested by: Host: cdn3reference.com
URL: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-27.ewr52.r.cloudfront.net
Software: nginx /
Resource Hash: 3d5060cc2213b60909ffd2cfc51b6c3f46c5b582a2779cfebdfa8b3e13fb3cc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn3reference.com/landings/25948/css/909a27429763e8456a1f0e05e05cff47.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 11:26:33 GMT
content-encoding: gzip
via: 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
last-modified: Fri, 08 Oct 2021 09:06:45 GMT
server: nginx
x-amz-cf-pop: EWR52-C2
etag: W/"29d-5cdd3b2cb1340"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=604800
x-amz-cf-id: gsn3XaHtudpPFuAdyjj2yfADcwnA75sJ2RNSvkECLSeZlw6xPRMTmw==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 97ms
25ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bustygirls4u.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:14:05 GMT
x-content-type-options: nosniff
age: 90748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:14:05 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 101ms
29ms Font
font/woff2 2607:f8b0:4006:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bustygirls4u.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:14:05 GMT
x-content-type-options: nosniff
age: 90748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:14:05 GMT

GET
H/1.1 200
OK ac3fc68831981c704535980c826941a5
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ 35 B
706 B 100ms
99ms Image
image/gif 52.9.93.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&j_type=open&jump=25948&jump_name=
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.93.60 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-93-60.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bustygirls4u.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 11:26:33 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: keep-alive
Timing-Allow-Origin: *

POST
H/1.1 200
OK interlayer Show response
bustygirls4u.com/tds/ 0
467 B 103ms
102ms XHR
text/plain 54.67.52.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bustygirls4u.com/tds/interlayer?handler=FrodiData
Requested by: Host: bustygirls4u.com
URL: https://bustygirls4u.com/bridge/frodi_data.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.52.246 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-52-246.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 24 Mar 2023 11:26:35 GMT
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Connection: keep-alive
Timing-Allow-Origin: *

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hjelmeland.fronteiras.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: epp2c3btiljsvinon306mh1e85
.hjelmeland.fronteiras.eu/	1970-01-20 10:35:43	Name: _subid Value: 2gcdlkn3i52j2
.hjelmeland.fronteiras.eu/	1970-01-20 10:35:43	Name: 13208 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEyXCI6MTY3OTY1NzE5MX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTY3OTY1NzE5MX0sXCJ0aW1lXCI6MTY3OTY1NzE5MX0ifQ.4Kgp24EALL8P8s9iyXcll_EW-wRa1uYfjwVqll78ODQ
.hjelmeland.fronteiras.eu/	1970-01-20 10:35:43	Name: _token Value: uuid_2gcdlkn3i52j2_2gcdlkn3i52j2641d88e7a7f161.39700306
.yadro.ru/	1970-01-20 19:19:01	Name: FTID Value: 1a7OZe30XJeW1a7OZe003VmD
.yadro.ru/	1970-01-20 19:19:01	Name: VID Value: 3f262y1chG8W1a7OZe003BCG
.bustygirls4u.com/	1970-01-20 19:19:53	Name: dci Value: a61ee3662cb1aefd27148a718977097f499ddc8d
bustygirls4u.com/	1970-01-20 10:41:29	Name: dm Value: fe450dd0d1dadc615429144d33241f42
.retarget2core.com/	1970-01-20 19:19:53	Name: dci Value: 713fcffd758f5f9008fd1a94f0b43a06cbd55598

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://bustygirls4u.com/jump?tds_campaign=b7867den&utm_source=int&dci=a61ee3662cb1aefd27148a718977097f499ddc8d&utm_content=NOLD180521&tds_oid=25948&tds_host=bustygirls4u.com&tds_cid=acfe7eafba852b2e9a796ad4792842401e122053&data2=2gcdlkn3i52j2&tds_ao=1&id=25948&_tgUrl=aHR0cHM6Ly9idXN0eWdpcmxzNHUuY29tL3Rkcy9hZS90Zy9zL2M0N2I3M2I4Njk3NGY5OTc1NmQyMWNlNzdjZDVkMjc4P19fdD0xNjc5NjU3MTkyNzY1Jl9fbD0zNjAw&tds_p_campaign=b3957mar&tds_id=b7867den_jump_a_1594648707194&s1=ps&tds_ac_id=s3719tka&s3=%7Bsubid2%7D&utm_campaign=457f5686(Line 7) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bustygirls4u.com
cdn3reference.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
hjelmeland.fronteiras.eu
retarget2core.com
www.googletagmanager.com
143.204.146.27
2606:4700:3030::ac43:955b
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4006:820::200a
52.9.93.60
54.67.52.246
88.212.202.52
19046f256c8d29d3c23dd377dbb6725f9c6ed036f844f726168b69a916e0797c
274fcd0183b956664a6e9d562c1a5f3906df998c40e66567788501e94cda4485
3d5060cc2213b60909ffd2cfc51b6c3f46c5b582a2779cfebdfa8b3e13fb3cc1
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
53d7429d975e573dfe7dc41d10637cdefab845a332c7ae8212af7b15cfc58bb5
544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658
556f2a46047c9b8dedbae5ef8c59dc7ea04ff88e76d7dcda568f1eb2dce03548
5a731cec18f94d42b326dc43866739f9766ff86f5250b35e08cfa6e0050395fd
5f78be3790c7cb92e01a0ba6a718b1faa824794285a905bb22759c9910fa8289
7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53
c0ad70fb9df129e14a83ce5f643b1f5062a724a44e572e0aa51e514211abc5e8
ca8d40217145055e20d7865a39626a38ba1afa28740850d39a4a8e440417c5fd
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d5d65364c02602f4fae5c63195607cfff433ac59d4c7d756e4a0a2e6f33ccd19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73431bf67a4ff323681902d7d21a14dd3139ab04d4f45bfe1d620e0c54aa753
eab5bd35e8ce36b0d7416bc35f8627b364d8574d8dd1247d791e2e7a6c2692b2
eeb4a4fab3f875c16469a1e65c04835d8134e06f8cb97ca723103e5c695cb374
fcf0beb000c0392cbbb45e40156c0ff5ce33ee2072bc2dd376e3acc0e89eda0c
fdf3e44343ae0ddaba68a775110904a2ae8577f2dbb0868911f710e712a0a9ae

bustygirls4u.com Open in urlscan Pro 54.67.52.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

719 kBTransfer

976 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bustygirls4u.com Open in urlscan Pro
54.67.52.246 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

719 kB
Transfer

976 kB
Size

9
Cookies

52 HTTP transactions
0 data transactions