xfantazy.com Open in urlscan Pro
2606:4700:e4::ac40:ad16  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

• https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1153%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A290181929620%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100441%3Aet%3A1616317482%3Ac%3A1%3Arn%3A866722612%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A1%2C15%2C435%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C436%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Ati%3A2%3Ast%3A1616317482 HTTP 302
• https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1153%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A290181929620%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100441%3Aet%3A1616317482%3Ac%3A1%3Arn%3A866722612%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A1%2C15%2C435%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C436%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Ati%3A2%3Ast%3A1616317482

Request Chain 21

• https://mc.webvisor.org/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9219.9TFDRTjFIDaSWSxIAP9H8-RPqicETvvQjsgyHnQjeb7G9HjpdTx_Eds6g5qypb0c.wdL-jqXWnqp0T59161RCVTR3yUg%2C HTTP 302
• https://mc.webvisor.org/sync_cookie_image_decide?token=9219.9beUOvSR2zVky9vF5CYI-WVmw3fKk85HYYjJ-xgO_OdNpbsG-HndBmpGqEvqmQKb5FHOOPxDtKgazr0POqJQn3w1eZ0tXcZzCkdFEpaOh7I%2C.Zk2zWfiXhNmR6IYSd3uH5w1XA_E%2C

Request Chain 109

• https://xml.reacheffect.com/thumbnail?i=TVtrNhwOYPI_0 HTTP 302
• https://static.realtime-bid.com/n337/ad/300x300_JVPeF6wKo56V9P7GZcP4.jpeg

Request Chain 111

• https://ntvpevents.com/in/show/?mid=1927951433&pid=0&site=native-push&sc=PL&subid=0&sid=4271656790&cid=1692&price=0.003442&is_cpm=0&cpm=0&ecpm=0.13210595570060185&crid=&crtid=a0223ed16e6cadae6994ff89006bb07f&tcid=0&out_id=1&ver=2.15.14&ver_c=&refdom=xfantazy.com&hostname=auc-inpage-hz-1&site_id=313022&spot_id=3022&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1616360684522&created_at=2021-03-21&is_native=1&auction_queue=1&burl=undefined&ip=194.99.105.99&testab=0&capping=0&url=https%3A%2F%2Fxml.reacheffect.com%2Fthumbnail%3Fi%3DQTWcYA7V*o4_0%26imgt%3Dicon&verify_data=H4sIAAAAAAAAA0WOSQ7CMAxF75I1VM5QF3MGFtygStNUZAFETWCDuDt2WomVn5--h48qaVZn5cygsceBQB1UWGuTHoyxcdYYMfjZRyRyy3IiAJwmGJYWbUmhfGeQ8VTGf5PXFKJwB2CdM6xKqnFsY1ZbPiEqP-uuNpEysybXEXUaei6SCiyvF6YaWhj2bYwPX9M7HvOr3LYXNiFb5LkW10hGfX8IYgz68wAAAA..&verify_cache=ab389a3d685f1f402df059172f7779fc&cpa=ad29f806-403e-486d-b44a-8f95e4b5d07c&mlf=1&mlc=1 HTTP 302
• https://xml.reacheffect.com/thumbnail?i=QTWcYA7V*o4_0&imgt=icon HTTP 302
• https://likeingclick.com/impressions.php?country=DE&subid=251_55_9&aff=251&adv=123&url=https%3A%2F%2Fclkn.giant-savings.co%2Fnc%2F4Jr-kYHIauU%2F0Ndg3ydnvm6%2Fimp%3Fi%3Ddf91c84401cd4b27af44519df18fa97c&bid=0.014280000000000001&adv_bid=0.021&transactionId=U3y251y7a513450-8a24-11eb-b239-5d9275249d8e&ip=2a01:4f8:192:5414::2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&group=16&userage=NaN&subid_enc=289940 HTTP 302
• https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/imp?i=df91c84401cd4b27af44519df18fa97c

Request Chain 112

• https://xml.reacheffect.com/thumbnail?i=QTWcYA7V*o4_0 HTTP 302
• https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/img?i=df91c84401cd4b27af44519df18fa97c HTTP 302
• https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4ZWNmODU0ZjZlNmQ0YjE2ZmZjNTRjZjQ4YTFmOTYwOWRlZWQ4MmEwNjE5MTdmMjllYjQ2ZDFkZTY0YjE5ZDkiLCJ3IjoxMDksImgiOjEwOSwiZCI6Mi4wLCJjcyI6MCwiZiI6MH0.jpg

Request Chain 115

• https://ntvpevents.com/in/show/?mid=1927951433&pid=0&site=native-push&sc=PL&subid=0&sid=4271656790&cid=1577&price=0.006066&is_cpm=0&cpm=0&ecpm=0.15262673123031353&crid=&crtid=f092cefe7b72bde0f743e161a5793d82&tcid=0&out_id=0&ver=2.15.14&ver_c=&refdom=xfantazy.com&hostname=auc-inpage-hz-1&site_id=313022&spot_id=3022&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1616360684522&created_at=2021-03-21&is_native=1&auction_queue=1&burl=undefined&ip=194.99.105.99&testab=0&capping=0&url=https%3A%2F%2Fxml.reacheffect.com%2Fthumbnail%3Fi%3DTVtrNhwOYPI_0%26imgt%3Dicon&verify_data=H4sIAAAAAAAAA0WOMQ7CMAxF75IZKjtpYsIZGLhB1aapyABETWBB3B07rcTk56fvL39USbM6q14TOuvIgzqosNYmF_A6xCXSRHqaIyzUm4gOR0vezCfdoi0plO8Mcp7K8F_ymkIU7gAcOMeqpBqHdmbQgJaakp91V5tImRl933nfIVgekgosrxemGloY9jbGx1jTOx7zq9y2FzYhLfJci6MlUt8ftDfe1_MAAAA.&verify_cache=4fa07564a2778d5634339dfbddb53f61&cpa=d5767bbe-0bbf-4a13-a6c2-147d1bc50c6f&format=default-r-d HTTP 302
• https://xml.reacheffect.com/thumbnail?i=TVtrNhwOYPI_0&imgt=icon HTTP 302
• https://static.realtime-bid.com/n337/ad/300x300_mRIuXrnSaeNhvnnvJwkQ.jpeg

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 5cd1bdc7e9048c1851380f3a Show response xfantazy.com/video/	130 KB 22 KB	453ms 436ms	Document text/html	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 37bec76ece5ee041c02c9cee780d9d988b7facb5c9b296c7b8decd73c1b389bf Request headers :method GET :authority xfantazy.com :scheme https :path /video/5cd1bdc7e9048c1851380f3a pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=da57d14ebbda33df6df1d973f7ee6e4151616317480; expires=Tue, 20-Apr-21 09:04:40 GMT; path=/; domain=.xfantazy.com; HttpOnly; SameSite=Lax visitorId=gd2ekz6wvobdm6zsqrg0cs; Domain=xfantazy.com; Path=/; Expires=Fri, 21 Mar 2031 09:04:40 GMT; HttpOnly experiment-popup-payment-7=0; Path=/; Expires=Sun, 28 Mar 2021 09:04:40 GMT experiment-save-to-button-2=0; Path=/; Expires=Sun, 28 Mar 2021 09:04:40 GMT vary Origin x-powered-by Next.js cf-cache-status DYNAMIC cf-request-id 08f5a0973c00002b65ca054000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xSZjI4EbnfT1MCFqPflpKOFPAM0AfqbLEKOQoF%2BK%2FnD9Y8nslvqIQGiiuezDIn6bzY92VgwG0RHGXn%2BoIAbYCLdxDibsnx6XAigy%2B%2Fgcb3qfwMkW6U83o4Y%3D"}],"max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 6336039eb9682b65-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	11 KB 899 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d75f29bbbf902e470711ffe112ece228bf51cec2b6f7e6ef187dbc2a51787f53 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 21 Mar 2021 08:45:52 GMT server ESF date Sun, 21 Mar 2021 09:04:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 21 Mar 2021 09:04:41 GMT
GET H2	200	video.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	22 KB 7 KB	23ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/video.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c284e5a24dbe6008ba92b3d34ad7e1531e734ed2441bc09a1e66d3a6a4c24a8b Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251758 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990400002b658636c000000001 last-modified Thu, 18 Mar 2021 11:06:03 GMT server cloudflare etag W/"5942-178450389ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M53ih7Yzv42yj%2Br2Vmhn8XGG90%2BdmZP%2BesfdTw8swHvwNRDHzCoTKJBNWaN5unqFmSA8T1fnlGCVE28orIYLBPAq%2Fqgbdkb%2F0qsJrFJ%2FfWfHNpasHAyTFk8%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a19d192b65-FRA
GET H2	200	_app.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	132 KB 35 KB	28ms 13ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54e0a7ca5f8f39a1c1e35bf44ef7267a0b442e821d3292b64b7d21b3386e59bf Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251766 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990500002b657a882000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"20e2f-178450387cc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BF0hk36XOmsfzV5aB2lAzi8044Cs4R87qUPvzwoDyaHwvkYh8Zn6KLD34h8Nh9Vdu%2F7TTG6QDyqwH%2BRXJQGkvktEyHft5%2FMTikMA7%2F0Zd1O9Y0L5reKzSiA%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad1d2b65-FRA
GET H2	200	commons.c6be2f5ddce0c474c306.js Show response xfantazy.com/_next/static/chunks/	1 MB 366 KB	52ms 38ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ce7a7d273d1b6bfaebc5cecc68948d1e896331a0c00f5c05d3ddd5954cd5e2c Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251768 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990700002b657a883000000001 last-modified Thu, 18 Mar 2021 11:04:58 GMT server cloudflare etag W/"152f30-17845028e1f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8rgaU1sh6AL7bnmR7dxMtcqBnIr55B25H5%2BIbAFrEkX2tOvc84IOdAOucnne9yBfsHb0loLEXFuJdgHyIx4kNZ%2FKHQXDqa7qUmTlr5FhdA73K0Q6QAjUB8U%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad1e2b65-FRA
GET H2	200	7.05b64dc3352d6397623b.js Show response xfantazy.com/_next/static/chunks/	38 KB 10 KB	28ms 15ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/7.05b64dc3352d6397623b.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fda0f23b04701603794901d01f98fef8ef248afb177685c15da8080e5037d39e Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 11929988 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990900002b657fa4a000000001 last-modified Fri, 30 Oct 2020 07:55:24 GMT server cloudflare etag W/"972a-17578810c0f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNp1%2FnfDSX8PRrt5rZrPdwESVyqX9ikYJZbEtQZDzPqPna7WIjuyiKK7gAD9%2ByuMSJlpBuknrpJ2Hq2pIV1oWDscMIZ%2FMbAUQBoUAui%2B7waXJFpl22M5YxY%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad252b65-FRA
GET H2	200	9.be198c87e436634bf765.js Show response xfantazy.com/_next/static/chunks/	39 KB 10 KB	31ms 19ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/9.be198c87e436634bf765.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b04d9a0fab70ce856636ccb8728008a16355fe74951dce23725e710fb1836f4 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 7693358 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b658b351000000001 last-modified Tue, 22 Dec 2020 07:58:28 GMT server cloudflare etag W/"9c95-1768974e70b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nj%2Brf3ImlggEAQtpqjPv0pV6emCXt1wFboqV0TkjWxD2MCmgkXBSWNJFFV91EPeuo1LcF7g%2FRngH1Fh4S%2FGUs5mPPkTjxDe6kxP0z1LbEj0hgSM0U48dQO8%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad272b65-FRA
GET H2	200	16.2fcecc4fbe403da70f1d.js Show response xfantazy.com/_next/static/chunks/	20 KB 6 KB	29ms 17ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/16.2fcecc4fbe403da70f1d.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3595031ce9f58ed1758ff54c68f4243f3741112c9e4c82a2eb8eea3de2f31979 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 8145911 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b65a92b1000000001 last-modified Mon, 14 Dec 2020 09:07:10 GMT server cloudflare etag W/"4f4a-1766080ecb9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pMiy5Nm3YjHMuG8Ulqh6HWZmltS7oAIoa4IPgXnD1Smbz7oAj8FywQPw8%2BpX9gaSppj0v9NV3TYUphJXMWogGIqb%2Bv60NIPV9OViPF60Y9VK%2F0TP9PVvS1M%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad282b65-FRA
GET H2	200	59.edff5ae0d8d83054b552.js Show response xfantazy.com/_next/static/chunks/	3 KB 2 KB	22ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/59.edff5ae0d8d83054b552.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 036661808c9c3aeba760adfc9e75ff7276a1636bcdddf5695d937420d0550f89 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2852965 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b65730f0000000001 last-modified Tue, 09 Feb 2021 06:52:54 GMT server cloudflare etag W/"c8b-17785907b59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5JpnFUq3buwqO400F%2Flwx3hJ1KGZEu39cY7mga8xuCLwj%2BHr6xWZP7i2DMH%2FClE42MEPP6kRdTKXnj%2B4BDvee%2Fn3PJw5ogmCF6UXS19oTgKTffT%2FvIDNbms%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad2a2b65-FRA
GET H2	200	47.6c9a4510342e4dd3af77.js Show response xfantazy.com/_next/static/chunks/	2 KB 1 KB	22ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/chunks/47.6c9a4510342e4dd3af77.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cc49c5221a734035f5bb7a2e5e4d0065f4dcfc33d8eb4b0e927cfd4d3d27d42 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 11591789 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b65af154000000001 last-modified Tue, 03 Nov 2020 10:35:32 GMT server cloudflare etag W/"620-1758dad17ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XrzEgPCZm0CUWVzZjk0bifrXraEWNVytug1HGAjIA6h5pWm%2F4evwlOYf7HI2ukBQQvUR3snfZwniA%2BVtdJzPVs3fRQqaAH6KTLDLbpjsSzlr2TbKMFpoj%2BA%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad2b2b65-FRA
GET H2	200	webpack-41d18b3fd90fbfc01d3b.js Show response xfantazy.com/_next/static/runtime/	12 KB 5 KB	23ms 14ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/webpack-41d18b3fd90fbfc01d3b.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8ad819162cbea25cb907868a2f09131efb96d89a36ec25bb303853777f3528a Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251766 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b656f21c000000001 last-modified Thu, 18 Mar 2021 11:07:35 GMT server cloudflare etag W/"2fb2-1784504f288" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iY9vvLfHe4PHnagn63xGZLRmvQKS1D%2FyvNvYBqvYYu4bJG0HchBRUwd4MOs9E8w68NyURfer86OBlSYO297GblpLnNhaw4ktdC3ldNpLSXsyv0a27O3PgPY%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad2d2b65-FRA
GET H2	200	main-8daa673a54696bb62abb.js Show response xfantazy.com/_next/static/runtime/	71 KB 23 KB	27ms 19ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2700856b1aaf58e5ff28f5dd5014a1c5300b2afe36bee1b10dede18307372c35 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2852966 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0990a00002b655586a000000001 last-modified Tue, 09 Feb 2021 06:52:59 GMT server cloudflare etag W/"11cd7-17785908e61" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IxwiRRF6jHbcfaQhjCSTyDXq79OSWed6jhkQfjieu2GzZeBJs5z%2FzuMHOBcxKLYklym5VU9bk9W2uPuhe8Brj3BXOI%2FwdZncQHPQbIYEVr3DmuqjkXySN18%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603a1ad2e2b65-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	113 KB 39 KB	14ms 14ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 509cd8074eeee4aeb5d898368aea902064940d171be97e9f0dd457e3730be784 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39676 x-xss-protection 0 expires Sun, 21 Mar 2021 09:04:41 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLKQLTX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 5776 date Sun, 21 Mar 2021 07:28:25 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Sun, 21 Mar 2021 09:28:25 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 83 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-121614197-2&cid=1271636847.1616317481&jid=1858372267&gjid=1149367520&_gid=1639112334.1616317481&_u=YGBAgEABAAAAAE~&z=237804361 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 21 Mar 2021 09:04:41 GMT content-type text/plain access-control-allow-origin https://xfantazy.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 384 B	33ms 20ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&a=1510657504&t=pageview&_s=1&dl=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&ul=en-us&de=UTF-8&dt=THE%20MEAN%20GIRLS%20presents%20Princess%20Aria%2C%20Princess%20Bella%20in%20Ballbusting%3A%20Bella%20Vs.%20Aria%20-%20XFantazy.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1858372267&gjid=1149367520&cid=1271636847.1616317481&tid=UA-121614197-2&_gid=1639112334.1616317481&gtm=2wg3a0PLKQLTX&z=1322964118 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 Mar 2021 02:33:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 23498 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	logo-tv-light.svg xfantazy.com/static/	4 KB 2 KB	14ms 14ms	Image image/svg+xml	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xfantazy.com/static/logo-tv-light.svg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8156ad40b28324a07d6e88e26597079a3f8b991d03bd4efd14fb4353fb77b57 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:41 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 3665 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a09b8100002b6590370000000001 last-modified Thu, 18 Mar 2021 11:00:49 GMT server cloudflare etag W/"101b-17844fec284" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9CReV1KU9nDBEU5Jej1D90UnPwQSbQwIW7G0VfYY%2BlR4HuHqGh%2Fl71A%2FsQUaIxe3pfKa2stgoB8M3ySlcPDXrsUfyNISPKQPEnc0tLI4zytI9kcVu6Bnukk%3D"}],"max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 cf-ray 633603a59a792b65-FRA
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v20/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://xfantazy.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 22:46:33 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:36 GMT server sffe age 382688 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15736 x-xss-protection 0 expires Wed, 16 Mar 2022 22:46:33 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v20/	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://xfantazy.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 20 Mar 2021 06:36:16 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:37 GMT server sffe age 95305 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15872 x-xss-protection 0 expires Sun, 20 Mar 2022 06:36:16 GMT
GET H2	200	tag.js Show response cdn.jsdelivr.net/npm/yandex-metrica-watch/	211 KB 77 KB	22ms 6ms	Script application/javascript	2a04:4e42:1b::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3b3252017c164da70cf7978aede4f4720b671d8bb65cc734bdd1a5e1ca8041e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 2539 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 78305 etag W/"34a01-SxdI7uXc8zckzk/3Br/gcMPH/sU" x-served-by cache-fra19142-FRA, cache-hhn4074-HHN date Sun, 21 Mar 2021 09:04:41 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H3-Q050	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v20/	15 KB 16 KB	34ms 20ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://xfantazy.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 16 Mar 2021 15:37:32 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:19:00 GMT server sffe age 408429 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15816 x-xss-protection 0 expires Wed, 16 Mar 2022 15:37:32 GMT
GET H2	200	1 Show response mc.yandex.ru/watch/3/ Redirect Chain https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A11... https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1...	35 B 125 B	55ms 54ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1153%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A290181929620%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100441%3Aet%3A1616317482%3Ac%3A1%3Arn%3A866722612%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A1%2C15%2C435%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C436%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Ati%3A2%3Ast%3A1616317482 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:42 GMT x-content-type-options nosniff last-modified Sun, 21-Mar-2021 09:04:42 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 35 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:42 GMT Redirect headers pragma no-cache date Sun, 21 Mar 2021 09:04:42 GMT last-modified Sun, 21-Mar-2021 09:04:42 GMT location /watch/3/1?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1153%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A290181929620%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100441%3Aet%3A1616317482%3Ac%3A1%3Arn%3A866722612%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A1%2C15%2C435%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C436%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Ati%3A2%3Ast%3A1616317482 strict-transport-security max-age=31536000 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 0 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:42 GMT
GET H2	200	sync_cookie_image_decide mc.webvisor.org/ Redirect Chain https://mc.webvisor.org/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9219.9TFDRTjFIDaSWSxIAP9H8-RPqicETvvQjsgyHnQjeb7G9HjpdTx_Eds6g5qypb0c.wdL-jqXWnqp0T59161RCVTR3yUg%2C https://mc.webvisor.org/sync_cookie_image_decide?token=9219.9beUOvSR2zVky9vF5CYI-WVmw3fKk85HYYjJ-xgO_OdNpbsG-HndBmpGqEvqmQKb5FHOOPxDtKgazr0POqJQn3w1eZ0tXcZzCkdFEpaOh7I%2C.Zk2zWfiXhNmR6IYSd3uH5w1XA_...	43 B 358 B	93ms 92ms	Image image/gif	80.239.201.113 TELIANET Telia Ca...
General Check archive.org Show headers Download Go to Show image Full URL https://mc.webvisor.org/sync_cookie_image_decide?token=9219.9beUOvSR2zVky9vF5CYI-WVmw3fKk85HYYjJ-xgO_OdNpbsG-HndBmpGqEvqmQKb5FHOOPxDtKgazr0POqJQn3w1eZ0tXcZzCkdFEpaOh7I%2C.Zk2zWfiXhNmR6IYSd3uH5w1XA_E%2C Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 80.239.201.113 , Sweden, ASN1299 (TELIANET Telia Carrier, SE), Reverse DNS 80-239-201-113.teliacarrier-cust.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:42 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.webvisor.org/sync_cookie_image_decide?token=9219.9beUOvSR2zVky9vF5CYI-WVmw3fKk85HYYjJ-xgO_OdNpbsG-HndBmpGqEvqmQKb5FHOOPxDtKgazr0POqJQn3w1eZ0tXcZzCkdFEpaOh7I%2C.Zk2zWfiXhNmR6IYSd3uH5w1XA_E%2C date Sun, 21 Mar 2021 09:04:42 GMT strict-transport-security max-age=31536000 content-length 0 x-xss-protection 1; mode=block
GET H2	200	49415098 Show response mc.yandex.ru/watch/	203 B 237 B	55ms 54ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098?wmode=7&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afp%3A1153%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100441%3Aet%3A1616317482%3Ac%3A1%3Arn%3A193085756%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A1%2C15%2C435%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C16%2C436%2C%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483%3At%3ATHE%20MEAN%20GIRLS%20presents%20Princess%20Aria%2C%20Princess%20Bella%20in%20Ballbusting%3A%20Bella%20Vs.%20Aria%20-%20XFantazy.com Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash fe24014d36a0ef93c99e994d707cb643395307962eab897da65abc64bde636ee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:42 GMT x-content-type-options nosniff last-modified Sun, 21-Mar-2021 09:04:42 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 203 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:42 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 73 B	54ms 54ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A282723109%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:42 GMT last-modified Sun, 21-Mar-2021 09:04:42 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:42 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 85 B	49ms 48ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A612205866%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:42 GMT last-modified Sun, 21-Mar-2021 09:04:42 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:42 GMT
POST H2	200	login Show response xfantazy.com/api/auth/	2 B 1011 B	417ms 416ms	Fetch text/plain	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/auth/login Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 21 Mar 2021 09:04:43 GMT cf-cache-status DYNAMIC nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ONRJOXJBSEGvga3PLryMr7fGxqXdZzRTatII86X%2FIR8FQ9LRjftLoFnG3527g41%2F3hFXXMiQn8buQahqn%2FQb1hLcmaoB1wVxkF5JYdEnGEAbrHDsKaWpNz0%3D"}],"max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 633603acbb802b65-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 cf-request-id 08f5a09ff100002b65b3829000000001
POST H2	200	videoOpened Show response xfantazy.com/api/events/user/	2 B 562 B	56ms 56ms	Fetch text/plain	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/api/events/user/videoOpened Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 21 Mar 2021 09:04:43 GMT cf-cache-status DYNAMIC nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ISEFsRtvu698ZJg24Q1%2BOt%2F5ajsHek2rl6086rUmNxeyRDlVoUoTywCt4O72lV7757QgiOpAbHK3u91zDzVovnMvK5wm2WrrKtFUsZh4p00FZM2tgDOqjRA%3D"}],"max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin https://b.xfantazy.com access-control-allow-credentials true cf-ray 633603acbb852b65-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 cf-request-id 08f5a09ff300002b65cdb70000000001
GET H/1.1	200 OK	adManager.js Show response cst.cstwpush.com/static/	39 KB 40 KB	268ms 65ms	Script text/plain	205.185.216.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://cst.cstwpush.com/static/adManager.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 1759c7be725e88d3b517a94fa444f083fc24cc92e961c1f2d3ce4c8af1787fbf Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Connection Keep-Alive Last-Modified Fri, 05 Feb 2021 10:57:06 GMT x-amz-meta-s3cmd-attrs atime:1612522612/ctime:1612522612/gid:0/gname:root/md5:0a25a7f5a397ade1149c4bf41f8ab35d/mode:33188/mtime:1612522398/uid:0/uname:root x-amz-request-id tx00000000000001feb7292-006057092e-bee2558-fra1a ETag "0a25a7f5a397ade1149c4bf41f8ab35d" Vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin X-HW 1616317483.dop032.lo4.t,1616317483.cds037.lo4.shn,1616317483.cds037.lo4.c Content-Type text/plain X-Amz-Storage-Class STANDARD Cache-Control max-age=2835 x-rgw-object-type Normal strict-transport-security max-age=15552000; includeSubDomains; preload Accept-Ranges bytes Content-Length 39828
GET H/1.1	403 Forbidden	a2f990f10476061c719d1c1aa3a2ecd2.js 3r1kwxcd.top/a2/f9/90/	0 0	418ms 142ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://3r1kwxcd.top/a2/f9/90/a2f990f10476061c719d1c1aa3a2ecd2.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 21 Mar 2021 09:04:43 GMT Server nginx/1.17.6 Connection keep-alive Content-Type application/javascript Content-Length 0 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	/ Show response d20903hof2l33q.cloudfront.net/	144 KB 45 KB	50ms 15ms	Script text/plain	2600:9000:2182:7800:15:9428:3d80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d20903hof2l33q.cloudfront.net/?lfohd=914070 Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:7800:15:9428:3d80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 9d988efd7c5307d979e34496172fbd95d4e729fd94d4efc2a4422d4e9b47f123 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 21 Mar 2021 08:13:44 GMT content-encoding gzip age 3059 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform x-amz-cf-pop DUS51-C1 content-length 45400 via 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront) x-amz-cf-id ZnOHa3R5gbOF4x-54mJtWX2tKdMuw6G4z4FHG1kc5OisCvYBVLIl7Q==
GET H2	200	/ Show response cdn.bonertraffic14.pro/sdk/push_web/	84 KB 20 KB	54ms 30ms	Script application/javascript	2606:4700:e4::ac40:ab0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bonertraffic14.pro/sdk/push_web/?zid=5005 Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ab0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24eafddbd6f2c5e51da2afb1037c7c17821e240759013b7a55c48122d0f23b4b Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-time 1616317483 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oqw2tbEWgu0Junpo4S5nK%2F%2FmelzkhGtvPzZq3XKxmCjJgRwmJJUnijzDlBesdGAKDuzA64eQV%2Fi%2FaZLpL8Wm3GqrFlQkngpTbECwdhwwDJay8MifpFq%2BvSncFRf1fs683Ozj"}],"max_age":604800} content-type application/javascript access-control-allow-origin * cf-ray 633603acf8f9d6bd-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a0180000d6bd901ab000000001
GET H2	200	asg_embed.js Show response p.pornomixfree.com/	107 KB 32 KB	165ms 53ms	Script application/javascript	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://p.pornomixfree.com/asg_embed.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/_app.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 2ec6add1bc10b440200f7aa13d616bdfa008b2779def397c9deaf09f4ce269bd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 03 Mar 2021 09:13:27 GMT server nginx etag "603f5337-7d15" x-frame-options DENY x-hw 1614762941.dop144.fr8.t,1614762941.cds130.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 32021 expires Thu, 03 Mar 2022 09:15:41 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 145 B	49ms 48ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A142900002%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Ads%3A%2C%2C%2C1510%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A%2C%2C%2C1509%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:43 GMT last-modified Sun, 21-Mar-2021 09:04:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:43 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 73 B	58ms 57ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A374637731%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:43 GMT last-modified Sun, 21-Mar-2021 09:04:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:43 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 73 B	52ms 51ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A989891083%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:43 GMT last-modified Sun, 21-Mar-2021 09:04:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:43 GMT
POST H2	200	1 Show response mc.yandex.ru/watch/49415098/	43 B 73 B	49ms 48ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/watch/49415098/1?page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6ah8uksa0119%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A1074255626718%3Ahid%3A1022560252%3Az%3A60%3Ai%3A202103210100442%3Aet%3A1616317483%3Ac%3A1%3Arn%3A810589688%3Au%3A1616317482276293966%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616317480741%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616317483 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:43 GMT last-modified Sun, 21-Mar-2021 09:04:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:43 GMT
GET H2	200	advert.gif mc.yandex.ru/metrika/	43 B 164 B	49ms 48ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/metrika/advert.gif Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Tue, 09 Mar 2021 18:36:29 GMT etag "6051cea4-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Sun, 21 Mar 2021 10:04:43 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	index.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	695 B 690 B	13ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/index.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 815c730987b8e9975a8cebb8db57ecdaa0eae4f50a8be529b591c992867995da Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251752 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07800002b65849f8000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"2b7-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qn2Hn7%2F4SgmXZ7P0auHuj8yHBn6Bjdg4bQFEW%2Bp6XiGffLKMjJ3Rti5l9ciyx%2FI00Y9PatKF1fPBTGowdiYJMziMoGDEb%2B88yFOKlRQV2R%2BZTnPOI6f0dEg%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8cc82b65-FRA
GET H2	200	login.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	3 KB 1 KB	14ms 13ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/login.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ade1e2eefbbbbf67a351eb847d60ee6f7eca11242a6ad29c88f564ad1b67e41 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251754 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07800002b659c074000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"ba5-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HavXnwDAn7iPxa5Z8SXNRk7Jfj9S8wTUcRWtL26jdTUtYa3LyVk5yUgpqsfq9I1DCnWa3d3ZH56HTKbh3TqDPlt5nfsq%2FyAHgHh%2FM6H%2Bmbo1vFlMtUfVMU4%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8ccb2b65-FRA
GET H2	200	signup.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	3 KB 1 KB	13ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/signup.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a56beb0ef64e108ae937414a825df3822df8858796abac7d6edfa4a76ddc6b6b Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251753 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07900002b65558cc000000001 last-modified Thu, 18 Mar 2021 11:06:03 GMT server cloudflare etag W/"bac-178450389ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BPIzDKmJv7XnM%2BnBotaaX5iG8SB3ggEJ9uW2fPtAFUsKmP%2FsKZa4%2FG90tem5mBPOIuxWwDUBnGCtpmNIvcAEDd95q0qz4A6wuYOD9M7BEw%2F7UU77R6udv9o%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8ccc2b65-FRA
GET H2	200	top.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	1 KB 1005 B	12ms 11ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/top.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aac0e07b558e2b20dadf9abcda9ddc8177843a086ce65890cde9a858261f7c6c Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251754 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07900002b6594bb7000000001 last-modified Thu, 18 Mar 2021 11:06:03 GMT server cloudflare etag W/"582-178450389ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jhoWPFsJ5AdWToar%2BOmoLyuxJBjs8oyxuOvHW3CrfWAZLtQCQBnQmVij9Ul7w8FsyMCznxzXxKp9aBiIFygHoHdFU5bX8sGkZLiv%2FZo%2FR2WCdeKFFJT2YjM%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8ccf2b65-FRA
GET H2	200	tags.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	4 KB 2 KB	21ms 21ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/tags.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe3869ee2a238261d1a3d4db775f3247abd2f1794cd6563363f27b0b3a4764e6 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251752 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07c00002b658db42000000001 last-modified Thu, 18 Mar 2021 11:06:03 GMT server cloudflare etag W/"f20-178450389ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oO19r9VvgF%2FDBGjO9xwxg6Ddoi2LT4ah34FKu93Wb8wBgSoIbHV5GVMgjkmWn%2F4vIpWg1deWp4R6H3lqiqCptoDMnf%2Fet17%2FIffuvRboHsvBNgBLOgENDzQ%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8cd12b65-FRA
GET H2	200	categories.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	9 KB 4 KB	13ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/categories.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d3422da37398248c0960701300cd0cd9861b53f0d639fdd13d08eb74b22dac0 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251754 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07900002b657d0f4000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"240b-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vwve6hX8xjlUsBsLCBaA5pN6eoFm3qUvrMbQKjfDAGjXdflVSXU0A1yJMIQZ9BIr5prc6TW%2BCmnoiJCRCGKHOtVyUOAizYVYxh42c64%2FAWpcV%2F1gyT0jXpg%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8cd42b65-FRA
GET H2	200	channels.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	2 KB 1 KB	13ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/channels.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd20b8232e6823e09372d97b5acf2fb76b8ed4fcee5e328668f985d8fba95d34 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251747 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07a00002b65ca0d1000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"975-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jQatQZIlHglDCrlsq4quS%2F7D5z3iSWNfFx2ad8yjGSsx4jlYHPoXIId0QFtuVzOnNMWyruKaiffdhAehfliOPo1H8vZUOvFTS54oQF6ohp1IcuGygQQJGgw%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad8cd62b65-FRA
GET H2	200	category.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	2 KB 1 KB	19ms 18ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/category.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03201b2abe6b2bb7cde67989ee30139964bd7338315d5b9e2eb883b500b89507 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251754 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07b00002b655881b000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"818-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s8ZKSBIBYJGxsBwD%2F%2FYcV%2B%2B%2B6rF5eLNFTr2cv%2Fo7PCMUE7OB9B28VfRpO1EEW%2F7p%2FmbAxYgHnd7WWfvdLU0aHi6ynI4kgzeO%2Bgjan37tURmm5Ni4AvnqT%2Bw%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad9cd82b65-FRA
GET H2	200	tag.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	2 KB 1 KB	11ms 11ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/tag.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 542bab3842890b12aa349ee86fb89b41237d222e88a2753ec44bab4e90208667 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251746 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07a00002b65b0b08000000001 last-modified Thu, 18 Mar 2021 11:06:03 GMT server cloudflare etag W/"71a-178450389ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YERzcHTsW9z8G0SEjlBXPMaCUWbU7%2BHEjxTCTQljAOn%2BcMbfJFIX7udZMgJLq05c%2Bij3Hl6LLrJOJjZAl%2Bu3tm7bVbuPuW2HbNR6GoHkpyydreH880jnnks%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad9cda2b65-FRA
GET H2	200	channel.js Show response xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/	2 KB 1 KB	12ms 12ms	Script application/javascript	2606:4700:e4::ac40:ad16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xfantazy.com/_next/static/1AVL75I-ma0ArDvCR2ZeM/pages/channel.js Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/runtime/main-8daa673a54696bb62abb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:ad16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf9312c3aa12e8711d1df5a7f5ba7709b135934336cdef666c998a6559f2d499 Request headers Referer https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 251713 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a07b00002b65ac922000000001 last-modified Thu, 18 Mar 2021 11:06:02 GMT server cloudflare etag W/"6fe-178450387d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XXev%2FdFTL%2FoMciT7j3BzIduH7WWvO9UpPLyCZvMdMxiQWNYwUyeu7WlMnm5zxhV4tBrVj3QjX3eF3j1RiXR56Stzq%2BOT5ov3YErLBiPzpSyX5Gmin%2Bk4vPU%3D"}],"max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 633603ad9cdc2b65-FRA
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/Jr-UtHeim6y_-D-Q-A/w320h240/	14 KB 14 KB	51ms 24ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/Jr-UtHeim6y_-D-Q-A/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 6aee3f029a4502d2967dafa49b12bfb1198706f399c447360d3060c3530313d4 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 14645 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/IuvG73Ghmai48WnFrg/w320h240/	17 KB 17 KB	49ms 23ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/IuvG73Ghmai48WnFrg/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a9cb2793fd55f6787c5130cb8fd966280972921edd128f2bca9d08c0d48cb977 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 17729 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JOWUuCf3mafs-DnD-w/w320h240/	20 KB 20 KB	58ms 34ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JOWUuCf3mafs-DnD-w/w320h240/0.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 8e34f65d313d0a17a53f4f6742506facaf3f4eb6de8a6690e3280badb0bbb7e2 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 20392 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	3147 Show response na.nawpush.com/tags/	358 B 497 B	152ms 50ms	XHR application/json	213.174.135.25 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://na.nawpush.com/tags/3147 Requested by Host: cst.cstwpush.com URL: https://cst.cstwpush.com/static/adManager.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash 84b809b35906ef5ab44214e1975265ff0dce20ffbdb4b5033c736c1497dbe2e8 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sun, 21 Mar 2021 09:04:43 GMT cache-control max-age=300, public server nginx/1.18.0 content-type application/json x-proxy-cache HIT
GET		303891 a.pornomixfree.com/api/spots/ Frame 57BA	0 0
GET		303892 a.pornomixfree.com/api/spots/ Frame A699	0 0
GET		303893 a.pornomixfree.com/api/spots/ Frame 7006	0 0
GET H2	200	303891 Show response a.pornomixfree.com/api/spots/ Frame 7725	3 KB 1 KB	54ms 54ms	Document text/html	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pornomixfree.com/api/spots/303891?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 1ef51fa93154470258fdee96b6aed65ada554d240bdce510ec1377dc4311825a Request headers :method GET :authority a.pornomixfree.com :scheme https :path /api/spots/303891?p=1&s1=%subid1%&kw= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://xfantazy.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://xfantazy.com/ Response headers server nginx date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie nauid=xy19OsvaZwNAtmsScyOS; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control private content-encoding gzip
GET H2	200	303892 Show response a.pornomixfree.com/api/spots/ Frame 0412	3 KB 1 KB	57ms 57ms	Document text/html	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 1c4146ce713fe2f827d2046cd3ce0f69a6d8ec8b7acf4eb41dccd47e9d43d565 Request headers :method GET :authority a.pornomixfree.com :scheme https :path /api/spots/303892?p=1&s1=%subid1%&kw= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://xfantazy.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://xfantazy.com/ Response headers server nginx date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie nauid=ujCPiHmgqoJcuMSa7UsX; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control private content-encoding gzip
GET H2	200	303893 Show response a.pornomixfree.com/api/spots/ Frame A3EA	3 KB 1 KB	54ms 54ms	Document text/html	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 0bb2888abbf2555534489f7ce5297e1bf4c8535374cec7551b9c2f0d3bc719dd Request headers :method GET :authority a.pornomixfree.com :scheme https :path /api/spots/303893?p=1&s1=%subid1%&kw= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://xfantazy.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://xfantazy.com/ Response headers server nginx date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie nauid=SInBnhmoxv6BqO1LUWmS; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control private content-encoding gzip
GET H2	200	303894 Show response a.pornomixfree.com/api/spots/ Frame 27C9	3 KB 1 KB	56ms 56ms	Document text/html	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a.pornomixfree.com/api/spots/303894?p=1&s1=%subid1%&kw= Requested by Host: xfantazy.com URL: https://xfantazy.com/_next/static/chunks/commons.c6be2f5ddce0c474c306.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash a8741e64b39e9c5334204cdab3372ae8c30585051f8924f8176c0afe0dbb2c72 Request headers :method GET :authority a.pornomixfree.com :scheme https :path /api/spots/303894?p=1&s1=%subid1%&kw= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://xfantazy.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://xfantazy.com/ Response headers server nginx date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie nauid=8PSxRW76xf0sSdsHlDm8; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None cache-control private content-encoding gzip
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/ILnHu3_wz__l_zmX-g/w320h240/	13 KB 13 KB	13ms 12ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/ILnHu3_wz__l_zmX-g/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 7ec7ffd54efff68d7fdeb02bda6ed039ea8a83ab489d20e6885ed19281264a28 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12947 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cr6avHKlyanp_GjB_A/w320h240/	19 KB 19 KB	25ms 23ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cr6avHKlyanp_GjB_A/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash d760389d0c75f73cbaf24b28f2a4b356a02733aaf2a170f06c6a24974ae8dfde Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 18960 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cOnHvXGjm6u6qTiVqQ/w320h240/	20 KB 21 KB	14ms 12ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cOnHvXGjm6u6qTiVqQ/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 466a90d28979d29c812f9f8e9ca37056555886f82da1361da9697499853c7ebd Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 20812 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/LOubvCWlm6jpqmmS9g/w320h240/	12 KB 12 KB	36ms 35ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/LOubvCWlm6jpqmmS9g/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 357b904ef74bab6d64af6224532d015001c0837b53b8c46ec138cb03fecdd33e Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12229 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/IOzG7HXynP-5-D6U-Q/w320h240/	15 KB 15 KB	25ms 24ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/IOzG7HXynP-5-D6U-Q/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash b0554ad4741a9c138e9c05006e46682f93396a26278165be049dd1769ea48328 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 14865 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/Jb7FviLymKvs-TqQ-Q/w320h240/	14 KB 14 KB	26ms 24ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/Jb7FviLymKvs-TqQ-Q/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 0341474ddc53a5ca8364b268a7eb0e5c8fb748ff369653395324810d7758cf51 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 14501 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/cruatCWmnKbsrTiTrA/w320h240/	16 KB 16 KB	26ms 25ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/cruatCWmnKbsrTiTrA/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash c2b0b84f5d5f704f39b3b4fbd908652ac84c78e9a9e9af2df3c218907b0438bd Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 16073 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/JLyUviXzya3r_DrB9w/w320h240/	12 KB 12 KB	25ms 24ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/JLyUviXzya3r_DrB9w/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash be54f2c822a7fca702cbd5639cbda519660246ce22bd726e507f991bc7fc214a Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12033 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0.jpeg static-cache.k2s.cc/thumbnail/deyauCegm6i-_j_FrA/w320h240/	12 KB 12 KB	35ms 34ms	Image image/jpeg	2a00:1178:4:2::224 WEBZILLA
General Check archive.org Show headers Download Go to Show image Full URL https://static-cache.k2s.cc/thumbnail/deyauCegm6i-_j_FrA/w320h240/0.jpeg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1178:4:2::224 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash a9ea7b805029e5e7a714cafd5328dc4c4fc7f953972e148b12b0af922d3fadc3 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT server nginx x-cache-status HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 content-length 12384 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	npush.js Show response sw.swwpush.com/npc/sdk/wpu/	81 KB 27 KB	143ms 48ms	Script application/javascript	213.174.135.24 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sw.swwpush.com/npc/sdk/wpu/npush.js Requested by Host: cst.cstwpush.com URL: https://cst.cstwpush.com/static/adManager.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.16.1 / PHP/7.1.28 Resource Hash df783b183f806453c1c63d8078581e47165997c82f9df5a48a61f9c69e633cbc Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding gzip server nginx/1.16.1 x-powered-by PHP/7.1.28 content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Sun, 21 Mar 2021 10:04:43 GMT cache-control max-age=3600 x-proxy-cache HIT
GET H2	200	299144 Show response p.pornomixfree.com/api/spots/	223 B 403 B	54ms 54ms	Script text/javascript	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://p.pornomixfree.com/api/spots/299144?host=xfantazy.com&ev=174&wh=1200&ww=1600 Requested by Host: p.pornomixfree.com URL: https://p.pornomixfree.com/asg_embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 580c7db9a9f741a2c891d108e65ad55fe1736f49ba33253d1f71d71916c925e2 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	275527 Show response p.pornomixfree.com/api/spots/	517 B 583 B	54ms 54ms	Script text/javascript	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://p.pornomixfree.com/api/spots/275527?host=xfantazy.com&ev=174&wh=1200&ww=1600 Requested by Host: p.pornomixfree.com URL: https://p.pornomixfree.com/asg_embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash c7fde143952a4d64542797a977945a4d972a3d66fbb06b8186a9270c3e340be5 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	289411 Show response p.pornomixfree.com/api/spots/	514 B 580 B	54ms 54ms	Script text/javascript	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://p.pornomixfree.com/api/spots/289411?host=xfantazy.com&ev=174&wh=1200&ww=1600 Requested by Host: p.pornomixfree.com URL: https://p.pornomixfree.com/asg_embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 230a2b455a626c02b593429798f7cbd1fcf17540181a689fe261bdce5a039571 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	299657 Show response p.pornomixfree.com/api/spots/	524 B 587 B	219ms 219ms	Script text/javascript	168.119.77.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://p.pornomixfree.com/api/spots/299657?host=xfantazy.com&ev=174&wh=1200&ww=1600 Requested by Host: p.pornomixfree.com URL: https://p.pornomixfree.com/asg_embed.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 168.119.77.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.175.77.119.168.clients.your-server.de Software nginx / Resource Hash 6e1ca312e9a9f26f1a8a05e2331de0fa0bb044e6cf5d306dce87282a7365e849 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT cache-control private server nginx content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H/1.1	200 OK	logo16x16.png cdn.o333o.com/ Frame 7725	583 B 984 B	256ms 61ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.o333o.com/logo16x16.png Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303891?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash d221b36e492b5a447035287d51983da840a505ebd9f994d2feae34c506d377a7 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Last-Modified Wed, 03 Mar 2021 09:13:27 GMT Server nginx ETag "603f5337-247" X-HW 1616317483.dop007.lo4.t,1616317483.cds069.lo4.shn,1616317483.cds069.lo4.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 583
GET H/1.1	200 OK	ads.js Show response ads.realsrv.com/ Frame 7725	2 KB 1 KB	29ms 6ms	Script application/javascript	2001:4de0:ac19::1:b:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://ads.realsrv.com/ads.js Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303891?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash cb60ae3045e4eb756d47714e6fa25502501af413335759099e044c52146fc4e0 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Content-Encoding gzip X-HW 1616317483.dop245.fr8.t,1616317483.cds102.fr8.shn,1616317483.cds102.fr8.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 961
GET H/1.1	200 OK	logo16x16.png cdn.o333o.com/ Frame A3EA	583 B 1008 B	291ms 58ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.o333o.com/logo16x16.png Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash d221b36e492b5a447035287d51983da840a505ebd9f994d2feae34c506d377a7 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Last-Modified Wed, 03 Mar 2021 09:13:27 GMT Server nginx ETag "603f5337-247" X-HW 1616317483.dop032.lo4.t,1616317483.cds218.lo4.shn,1616317483.dop032.lo4.t,1616317483.cds220.lo4.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 583
GET H2	200	125ed7e076fc47909ba1fefd4d0c0455.html Show response tsyndicate.com/iframes2/ Frame 0B1F	36 KB 9 KB	298ms 183ms	Document text/html	136.243.83.47 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.83.47 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.47.83.243.136.clients.your-server.de Software nginx / Resource Hash 2adafcb7d79435b23b208e714d2bd10f33d45a04dac8ddc103e2bc57a5e8bc66 Request headers :method GET :authority tsyndicate.com :scheme https :path /iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a.pornomixfree.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a.pornomixfree.com/ Response headers server nginx date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html; charset=utf-8 vary Accept-Encoding * cache-control no-cache, no-store, no-transform, must-revalidate no-transform pragma no-cache expires 0 x-api-version 2 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/e/d/b5423986a6a71891833bc5046603ad8d515025/300x250.jpg>; rel=preload; as=image, <https://lcdn.tsyndicate.com/images/3/f/012852549d460a1e874e284cef452d087c2edf/main.jpg>; rel=preload; as=image, <https://lcdn.tsyndicate.com/images/7/6/3e239088714e59ae41abcdc5eec469e02fd9ae/300x250.jpg>; rel=preload; as=image, <https://lcdn.tsyndicate.com/images/a/7/2bfe55652cb89f1f42871461b08f2c6da2aae6/300x250.jpg>; rel=preload; as=image x-request-id ed5527861a39dd08 set-cookie ts_uid=c083fa74-8e05-4e04-83c0-679ec1dee7a8; expires=Tue, 21 Sep 2021 09:04:43 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Mon, 22 Mar 2021 09:04:43 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None x-robots-tag none noindex, nofollow report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-encoding gzip
GET H/1.1	200 OK	Cookie set ads-iframe-display.php Show response syndication.realsrv.com/ Frame A8A3	2 KB 2 KB	170ms 61ms	Document text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/ads-iframe-display.php?idzone=4191080&type=900x250&p=1&dt=1616317483565&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Requested by Host: ads.realsrv.com URL: https://ads.realsrv.com/ads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 846f197969c300ff168fc7dad1d13c9475d46a34e60f61f547597c2d88ed14e8 Request headers Host syndication.realsrv.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://a.pornomixfree.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a.pornomixfree.com/ Response headers Server nginx Date Sun, 21 Mar 2021 09:04:43 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Expires Mon, 26 Jul 1997 05:00:00 GMT Cache-Control no-cache, must-revalidate Pragma no-cache P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260570c2bab7ab4.987281511927546327%22%3B%7D; expires=Tue, 21 Mar 2023 09:04:43 GMT; path=; domain=.realsrv.com; Secure; SameSite=none impressions=x%9C%7D%D29%0E%C20%14%04%D0%BB%A4v%A4%BF%2F%5C%05q%83%88%8E%0Aqw%7E%C8%2A+i%AD%A7%19%8F%E5g%27dif%BD%04%2B%84Gw%B9bCC%23p%A3h%F7%C70%DCZ16e%E9%C55%82%E1%98%29%29W%9A%27%07%05m%CCB%C8%5B%87%22%D0%8D%108%90%A8%17V%89%D0%5D%5E%0A%A4%B4%D1%15%1BC%24%B9%AF%B3%00%15%5E%19%83r%FAR%FBa%8E3%83%3Cau%BF%89%D5%DE3%06s%A9%1D%96%D6V%CF%A8%27%A9%ACP%A3o%B6n%9Dj%7D%AE%D5%B3%11%8A91%B7%C3%11.%098%A6%81%A9%FC%A6%EDjSQ%EB%7Eh%F5%28n%1BD%A7%C0%3F%D0%80%19P%F6%B0%BE%C5%02_o%E6%88y%A5; expires=Mon, 22 Mar 2021 09:04:43 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none Content-Encoding gzip
GET H/1.1	200 OK	logo16x16.png cdn.o333o.com/ Frame 0412	583 B 984 B	244ms 58ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.o333o.com/logo16x16.png Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash d221b36e492b5a447035287d51983da840a505ebd9f994d2feae34c506d377a7 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Last-Modified Wed, 03 Mar 2021 09:13:27 GMT Server nginx ETag "603f5337-247" X-HW 1616317483.dop214.lo4.t,1616317483.cds035.lo4.shn,1616317483.cds035.lo4.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 583
GET H/1.1	200 OK	nativeads-v2.js Show response a.exdynsrv.com/ Frame 0412	56 KB 16 KB	30ms 6ms	Script application/javascript	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://a.exdynsrv.com/nativeads-v2.js Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 5b044ce998f1c773e7da5dda5a70bebd7eb7288bd80645954efddc290fe71123 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Content-Encoding gzip X-HW 1616317483.dop245.fr8.t,1616317483.cds147.fr8.shn,1616317483.cds147.fr8.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 15902
GET H2	200	postscribe.min.js Show response cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/	17 KB 5 KB	10ms 10ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Requested by Host: p.pornomixfree.com URL: https://p.pornomixfree.com/asg_embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 227189 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5117 cf-request-id 08f5a0a235000005d49434d000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:38 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03faa-45f4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AMIuvmgiSXYYfOlxDJ1TXfiSH3AyqvO23PgUBrZjjibcju7rZrq2AL7Q87GBX69eXxW7FLCwIjaM3XpAe3kIezM6MUkKO%2B%2FnlLh619VsBwMyf9Y4N8uTsL5%2Fu2DFRBpm0w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 633603b05d7705d4-FRA expires Fri, 11 Mar 2022 09:04:43 GMT
GET H/1.1	200 OK	logo16x16.png cdn.o333o.com/ Frame 27C9	583 B 984 B	244ms 61ms	Image image/png	205.185.216.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.o333o.com/logo16x16.png Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303894?p=1&s1=%subid1%&kw= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash d221b36e492b5a447035287d51983da840a505ebd9f994d2feae34c506d377a7 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Last-Modified Wed, 03 Mar 2021 09:13:27 GMT Server nginx ETag "603f5337-247" X-HW 1616317483.dop007.lo4.t,1616317483.cds069.lo4.shn,1616317483.cds069.lo4.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 583
GET H2	200	4788752 Show response a.bestcontentfood.top/warp/ Frame 27C9	4 KB 2 KB	159ms 138ms	Script application/javascript	2606:4700:e0::ac40:6d0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.bestcontentfood.top/warp/4788752?r=17271 Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6d0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db0db4c10092f56d47d109e457554446d1eb4a09854af3e60172f8078bdd36f6 Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare etag W/"b5bfe5efa4321a0b085300dd0d4edb9f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c2pEcSkeB%2BldhHToXMHKQ%2FhI08NXaEoAzPmn3lNYQqFKDzivREyPy0yksReVLdjVeMOXF0WtppzZbkN6IWQ8zyzjoxsfJLefXtO4U%2F5J%2Fz68QdxzfqTCJxg63kU4R2GhJrA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=900 referer b.bestcontentfood.top cf-ray 633603b07951c2f9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a2500000c2f9bb32d000000001
GET H/1.1	200 OK	splash.php Show response syndication.exdynsrv.com/ Frame 0412	6 KB 5 KB	187ms 74ms	XHR text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.exdynsrv.com/splash.php?native-settings=1&idzone=4191180&cookieconsent=true&sub=&p=https%3A%2F%2Fxfantazy.com%2F Requested by Host: a.exdynsrv.com URL: https://a.exdynsrv.com/nativeads-v2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 695b92a747eccc65fb1dc18a328e8237d97476af050ade654192ca00225c084c Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sun, 21 Mar 2021 09:04:43 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://a.pornomixfree.com Access-Control-Allow-Credentials true Connection keep-alive
GET H2	200	/ Show response cdn.bonertraffic12.mobi/sdk/push_web/	84 KB 20 KB	66ms 39ms	Script application/javascript	2606:4700:3032::6815:212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.bonertraffic12.mobi/sdk/push_web/?zid=5550 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 927902452cc242cca2d01618961404fb058a407aa74e4be3fa729b27f2fecd6f Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-encoding br cf-cache-status DYNAMIC nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare x-time 1616317483 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZvZuk0AnofgqHX7mP7Zvw4OvcjWm9%2BeKgUSDCqrAJ8F3dabxgATQTPPEQKdBdqRIIUSO3P3AlCnhwIaMAHkQ0x8mszK7VH%2BmusbzxxyqeII8UJtVsguUK69MEBVITloEbmj9Q%3D%3D"}]} content-type application/javascript access-control-allow-origin * cf-ray 633603b0db1bd6c5-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 08f5a0a2850000d6c5f295f000000001
GET H2	200	dip Show response nereserv.com/in/	0 105 B	157ms 57ms	XHR text/plain	168.119.25.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?wl=1&event_id=aed00d68-290d-464a-8432-90c16b10f2b5&subid=0&sid=4271656790&spot_id=3022&created_at=2021-03-21&timezone=1&ver=2.15.14&is_native=1&site=native-push Requested by Host: sw.swwpush.com URL: https://sw.swwpush.com/npc/sdk/wpu/npush.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.22.25.119.168.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sun, 21 Mar 2021 09:04:43 GMT cache-control no-transform server nginx/1.18.0 content-length 0 vary Origin
GET H2	200	multy Show response ntvpwpush.com/in/	5 KB 5 KB	807ms 793ms	XHR application/json	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ntvpwpush.com/in/multy?wl=1&event_id=aed00d68-290d-464a-8432-90c16b10f2b5&subid=0&sid=4271656790&spot_id=3022&created_at=2021-03-21&timezone=1&ver=2.15.14&is_native=1&cid=0&tcid=0&site=native-push&screen_resolution=1600x1200 Requested by Host: sw.swwpush.com URL: https://sw.swwpush.com/npc/sdk/wpu/npush.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 10c7ce026106a2a5aa2e134171c1496b19c1598545f92b5b4114730c5f796f33 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sun, 21 Mar 2021 09:04:44 GMT cache-control no-transform server nginx/1.18.0 content-length 4729 vary Origin content-type application/json; charset=utf-8
GET H2	200	loader Show response b.bestcontentfood.top/ Frame 3977	713 B 642 B	138ms 131ms	Document text/html	2606:4700:e0::ac40:6d0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b.bestcontentfood.top/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true Requested by Host: a.bestcontentfood.top URL: https://a.bestcontentfood.top/warp/4788752?r=17271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6d0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afa48236b57016a5b08b15a4711753f03404fbd2bd9cb279df4bb86dd302e761 Request headers :method GET :authority b.bestcontentfood.top :scheme https :path /loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a.pornomixfree.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a.pornomixfree.com/ Response headers date Sun, 21 Mar 2021 09:04:43 GMT content-type text/html set-cookie __cfduid=d6dc59ed0eb05ee155eabf11072f4de741616317483; expires=Tue, 20-Apr-21 09:04:43 GMT; path=/; domain=.bestcontentfood.top; HttpOnly; SameSite=Lax cache-control no-cache, no-store, must-revalidate expires Sat, 26 Jul 1997 05:00:00 GMT last-modified Sun, 17 May 1998 03:00:00 GMT cf-cache-status DYNAMIC cf-request-id 08f5a0a2e70000c2f93a02c000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7nroi3amC6qE3Qc9IU2Fk5rk4FecZbDtWg93LoojMQC8kSA45yYfT4UN4dRF5YfKEmyrxk5gaz0hOADA%2B0HLEhcaM93uDLDoOGZs2Mx9TT4by0h3mTjlNniUdXYD1z3VTOc%3D"}],"group":"cf-nel","max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 633603b17a4cc2f9-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	c444acc89fcedee9155c7baeacf7fb0019468f0b.jpg s3t3d2y7.ackcdn.net/library/146936/ Frame A8A3	52 KB 52 KB	65ms 16ms	Image image/jpeg	2a02:3d0:621:a000::6 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y7.ackcdn.net/library/146936/c444acc89fcedee9155c7baeacf7fb0019468f0b.jpg Requested by Host: syndication.realsrv.com URL: https://syndication.realsrv.com/ads-iframe-display.php?idzone=4191080&type=900x250&p=1&dt=1616317483565&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US), Reverse DNS Software nginx / Resource Hash 4e06db746f41db93710c309ac7455acf54594d79f6084bb3033334a5526eefde Request headers Referer https://syndication.realsrv.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Wed, 09 Dec 2020 09:30:03 GMT server nginx age 62239 content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 53174 x-llid 802cd4a892e0121d7fca35f2e71042a9 expires Sun, 20 Mar 2022 15:47:24 GMT
GET H2	200	fc29f9ac084dc434bb8138df246be51d0b2f79af.jpg s3t3d2y7.ackcdn.net/library/348620/ Frame 0412	22 KB 22 KB	16ms 15ms	Image image/jpeg	2a02:3d0:621:a000::6 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y7.ackcdn.net/library/348620/fc29f9ac084dc434bb8138df246be51d0b2f79af.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US), Reverse DNS Software nginx / Resource Hash 62f143c00467b26acaf588d89f63212a0a8e1a6047a43697bde4ed9cf58fb6bd Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Fri, 01 Dec 2017 12:46:27 GMT server nginx age 36251 content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 22583 x-llid 855b19decebf98161ba10372069c9e5a expires Sun, 20 Mar 2022 23:00:32 GMT
GET H2	200	68a82bca53b76728fae6f46f137ad9dd5ab95892.jpg s3t3d2y7.ackcdn.net/library/348620/ Frame 0412	23 KB 23 KB	23ms 23ms	Image image/jpeg	2a02:3d0:621:a000::6 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y7.ackcdn.net/library/348620/68a82bca53b76728fae6f46f137ad9dd5ab95892.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US), Reverse DNS Software nginx / Resource Hash dadf561b206e1f67a29636e2e089fc6761da8942c76a78d2fea5752779a4c5ac Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Mon, 13 Mar 2017 15:15:21 GMT server nginx age 62090 content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 23618 x-llid 4090f6cb4d327568974b8af3f33b7ae0 expires Sun, 20 Mar 2022 15:49:53 GMT
GET H2	200	b966261dddcdb60b0b784dd338ad737efe7466f5.jpg s3t3d2y7.ackcdn.net/library/348620/ Frame 0412	22 KB 22 KB	30ms 29ms	Image image/jpeg	2a02:3d0:621:a000::6 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y7.ackcdn.net/library/348620/b966261dddcdb60b0b784dd338ad737efe7466f5.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US), Reverse DNS Software nginx / Resource Hash 272ff697c2e158481e2ca7fca0b8dc6dcf7dfe597ee2e46cd99c557acb5b631e Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Thu, 24 May 2018 11:27:26 GMT server nginx age 62919 content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 22552 x-llid 4d22d4ed7e123181b4ce521d28a62ae3 expires Sun, 20 Mar 2022 15:36:04 GMT
GET H2	200	18a712f0d2612351ada5d2c5b0fcfb9555b50429.jpg s3t3d2y7.ackcdn.net/library/348620/ Frame 0412	30 KB 30 KB	30ms 30ms	Image image/jpeg	2a02:3d0:621:a000::6 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://s3t3d2y7.ackcdn.net/library/348620/18a712f0d2612351ada5d2c5b0fcfb9555b50429.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:3d0:621:a000::6 , United States, ASN22822 (LLNW, US), Reverse DNS Software nginx / Resource Hash 8ba12559b38d69b8d7a91ba3427cbc298e2c3c23bddf5192a1f1be6e19d28f0e Request headers Referer https://a.pornomixfree.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT last-modified Mon, 13 Mar 2017 15:15:21 GMT server nginx age 62712 content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 30464 x-llid 815791213024071625b485964ded1efb expires Sun, 20 Mar 2022 15:39:31 GMT
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 0B1F	8 KB 8 KB	285ms 130ms	Script application/javascript	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 249d5d175a8cd9383f9b79924a36ee2461fbcbffdff963138012cd71307e2f2e Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Wed, 19 Aug 2020 13:22:54 GMT server nginx age 18396348 etag "5f3d27ae-20ba" content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 8378
GET H2	200	300x250.jpg lcdn.tsyndicate.com/images/e/d/b5423986a6a71891833bc5046603ad8d515025/ Frame 0B1F	33 KB 33 KB	239ms 83ms	Image image/jpeg	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/e/d/b5423986a6a71891833bc5046603ad8d515025/300x250.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash d57080ef112cb312886897bcc0b1f660bc69c21e49bd1356828b9b571e9fb22b Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Sun, 10 May 2020 11:01:19 GMT server nginx age 27170788 etag "5eb7deff-84ed" content-type image/jpeg accept-ranges bytes x-robots-tag noindex, nofollow content-length 34029
GET H2	200	main.jpg lcdn.tsyndicate.com/images/3/f/012852549d460a1e874e284cef452d087c2edf/ Frame 0B1F	37 KB 37 KB	237ms 84ms	Image image/jpeg	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/3/f/012852549d460a1e874e284cef452d087c2edf/main.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 75980412c208f92b923d548ada566f3428dad9e5953fbadbe2cd4246ce8dd694 Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Thu, 12 Sep 2019 09:18:45 GMT server nginx age 27170768 etag "5d7a0d75-94c2" content-type image/jpeg accept-ranges bytes x-robots-tag noindex, nofollow content-length 38082
GET H2	200	300x250.jpg lcdn.tsyndicate.com/images/7/6/3e239088714e59ae41abcdc5eec469e02fd9ae/ Frame 0B1F	45 KB 45 KB	57ms 57ms	Image image/jpeg	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/7/6/3e239088714e59ae41abcdc5eec469e02fd9ae/300x250.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 82e0063c611116cae1a6ed64fbc3d8259491203ae60d7c1e9eeb60b4be0018a9 Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Sat, 09 May 2020 19:01:53 GMT server nginx age 27170795 etag "5eb6fe21-b23c" content-type image/jpeg accept-ranges bytes x-robots-tag noindex, nofollow content-length 45628
GET H2	200	300x250.jpg lcdn.tsyndicate.com/images/a/7/2bfe55652cb89f1f42871461b08f2c6da2aae6/ Frame 0B1F	45 KB 45 KB	58ms 57ms	Image image/jpeg	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://lcdn.tsyndicate.com/images/a/7/2bfe55652cb89f1f42871461b08f2c6da2aae6/300x250.jpg Requested by Host: a.pornomixfree.com URL: https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash f0d22da1b284ec3465e047a269416c7f3e041e97994d8163910a49b0e2bc20d4 Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Sun, 17 May 2020 15:48:21 GMT server nginx age 26586866 etag "5ec15cc5-b286" content-type image/jpeg accept-ranges bytes x-robots-tag noindex, nofollow content-length 45702
GET H2	200	bannerNativeTrackImpression.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 0B1F	655 B 837 B	235ms 82ms	Script application/javascript	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/bannerNativeTrackImpression.js Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842 Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Mon, 22 Jun 2020 07:36:05 GMT server nginx age 23414123 etag "5ef05f65-28f" content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 655
GET H2	200	n.css lcdn.tsyndicate.com/sdk/v1/ Frame 0B1F	19 KB 19 KB	215ms 62ms	Stylesheet text/css	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/n.css Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash b7ee2a1a4f36b8749c089740bfa40e5899d7d0dee14752f70858f184f868878c Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Thu, 18 Mar 2021 14:11:47 GMT server nginx age 240137 etag "60535fa3-4b6d" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 19309
GET H2	200	native-banner-default.css lcdn.tsyndicate.com/sdk/v1/ Frame 0B1F	4 KB 4 KB	215ms 62ms	Stylesheet text/css	67.27.234.121 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/native-banner-default.css Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.27.234.121 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 16933ec5edea2ccaa38e2d5913406da7d00513d7ff6b1e967e6f19190be0643c Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT last-modified Tue, 07 Jul 2020 07:33:39 GMT server nginx age 22202927 etag "5f042553-fba" content-type text/css accept-ranges bytes x-robots-tag noindex, nofollow content-length 4026
GET H2	200	i b.bestcontentfood.top/ Frame 3977	60 B 60 B	134ms 133ms	Image image/gif	2606:4700:e0::ac40:6d0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://b.bestcontentfood.top/i?tid=b57d6d09-af7f-484f-a1e2-5ce93c32c259&cf=afafcagefb Requested by Host: b.bestcontentfood.top URL: https://b.bestcontentfood.top/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6d0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://b.bestcontentfood.top/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT cf-cache-status DYNAMIC last-modified Sun, 17 May 1998 03:00:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"max_age":604800,"report_to":"cf-nel"} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qy11dhMytaADB4liaCa6RJmKs9MK%2BKbSwGRcN4AjYDC3uDKOVZTsaHMhBe7CFLCAap8HBHHANw%2FH%2BK2EeTS8tsbWTFJRoUWsgGsWeRGNXJiOV6guz662OubBObQ%2BNcK2l8A%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control no-cache, no-store, must-revalidate cf-ray 633603b24b1ec2f9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 60 cf-request-id 08f5a0a36e0000c2f9c939c000000001 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	00000380340.jpg cdn3.bestcontentfood.top/34/ac/68174/ Frame 3977	95 KB 96 KB	27ms 20ms	Image image/jpeg	2606:4700:e0::ac40:6d0f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn3.bestcontentfood.top/34/ac/68174/00000380340.jpg Requested by Host: b.bestcontentfood.top URL: https://b.bestcontentfood.top/loader?a=4788752&v=2&t=30&s=4776911&p=8575&if=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6d0f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eff8c28edc3424aeb1bf2e44e76c787db35e1fdb46c7b355bb3e7da577f6355 Request headers Referer https://b.bestcontentfood.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:43 GMT via 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront) cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 5308 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 97524 cf-request-id 08f5a0a3770000c2f93e9d5000000001 last-modified Fri, 25 Sep 2020 00:41:30 GMT server cloudflare etag "82005c8673b84debbc828852c5b1bfee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BtHTpDhV4d52rM8Knrzz6vu3i6TRvFzLHhPJ%2F4LQbrA6UeoXfDC004o20aXwXwe7bj9RLzNOiNjJ6%2FSZqLxRlY8CXnNTjRovK1BI3RafKYd8GFNP3sc4O4Bah76hIIWThOQ3rKM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 x-amz-cf-pop DUS51-C1 accept-ranges bytes cf-ray 633603b25b29c2f9-FRA x-amz-cf-id 6yd4MgKIvYXNyjN7C7UF9LapfZmW0OmDieQPIiWWHZE_Vf2nWaTtRw==
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0B1F	24 B 127 B	167ms 52ms	Script text/javascript	136.243.46.156 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQxBgZM8bEMFODRgsxNcqQaUFjRpkyLcLcGDMGIwwbMG5YjBEGRw4yIhSGqTPGIYwZN3CMQRkSBo0aNjrWyHFRTA4YOFqM2UmDTJmmNmLUkDmQjJ2DMlTeuKEQTh0xB2PIQJpwIBw4B3Hc8KhwDhyDOmbgSJo0h8IxbdLqkBE0hg0ZM8mYOQhYoRg3bsTioHHDxlyFbdw0RDhDhlavkinHoBEjBg6FdeSwyTpjxlQaoEXUkeEQDR06cOboePFCzBs3Luq4STPmjRw3cOSkeTp2hgvfbV6wcQEHDZwfdOSY6RGGSx0YMGTYgNNjjI48Zp5-wWGnTRs2eBLXUMNGzPXs28n0qGEGhhkaMMTIiCGGzAwzRpJhvxtwKqM_-LSzYY4e5qrrpQS3E6OHzxp7DIcIbRCDuB5gcCG7GDKEg8M71LjDDCuYwIKOKFqwwQ09mBDiDDKqOAK3KIIIooop1tCRCCXYCIKIN8S4IkcdkwyihTTSCEKIO_Cw4gwlh1gDDSv0cCPDvLrrSyrAMlyjjDzu-G2-DMmIoYcv_2pNITLeaMOhMJr7zQ0508DDDDlAQk7OqsYII64tTuvCKzlsQsgnGxR6QzhFY2D0MMJ08DA7GvCCo40vID3o0uxwqEEhOezYayqFyhhj008_hMGsOupIwyGecABwpItwKAOGGjraNVeJYHDxhhxUjeGpMm5wqao09hIhhqJcyCEHF2LgVdocqpLji2YdgpYGbKu9dtqq6gjDoSbe0CMNNtgI44UaPgQBhSvScCPOO-YAwQkqQLD2wx1AqNcNG2gIGI-CUwAhCLTYKOOKMsRYIg064M3JhRlsmHcJJKhoggkWQGAjjTFBOELVNd5QeAg05JCzjBde-tAFj2S-QQYQpggjwOEsvgFjGwJVVAQomKjqty9Kcqhobc9QjC-6GhWBjaGLcKKqp-z4Qgw51IKzDK37JA2hGlaairHs4HRZLEfnOChTEfqsVITXYputtjrhuDPPPfss40_lqpqjVIdcpmPQ31rYjeIWYviZjIneFAFyh8aDfKyq6JgTITBPY8tWhTRvjfO_PE9tLscF-6LPt74YVKzOHT89Va3DcFgOOtzWodBMT2PBskNFEO4NPPLIitROXS7-eLrLCOMpOXS_oQ8FAgI%3D&s=049b5664e886be8ee39249a550aedf7d1ac0a9931a0154a59deb1ad0ba436d131616317483&w=t&r=1&d=1&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.46.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/javascript; charset=utf-8
GET DATA	200 OK	truncated / Frame 0B1F	179 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 79ba5476fe10721954e0534f3fce9a8c2032e18d17ed3b8b66c0ca684c0cf9a7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0B1F	24 B 126 B	154ms 53ms	Script text/javascript	136.243.46.156 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQhIwbZGKMoQEDRwsbMnCMaUHDDA0ZLcLUqDGjRQ4YOW7MKEMxBxkZZEQoDFNnjEMYM25shGGjTAsYNGrY6FgjB40WYlBeHLORBpkyTm3EqDFzIBk7B2XAuNFVIZw6Yg7GkIEy4UA4cA7iuEFjhsI5cAzqmIHDosUcCse0UatDxtAYFWmSMXMwo0IxbtyMxUFjpVCFbdw0RDhDxtavkikHjhEDh8I6ctho7WxjhmfQMhyioUMHzhwdL16IeePGRR03aca8keMGjpw0UMnOcLG7zQs2LuCggfODjhwzPcJwqQMDhgwbcHqM0UEnTI4vJeOgQXNmTpo0MMqcuUHdOnYyPWqU-VhGDJkxZTSGkREmRlAcaoBhpJXcu86GOXqo6y4ccjAQOzF68MyxGYR60AYxgusBBhesi-FCODRUIgckihjiiCWaoAKGJdioooYhsIBijinIYCKKIIKoYoo1ciRCCTaCIOINMa7AMUckg2ghjSaCEOKOO5o4EkkcZsgijhou3Eu7v6aq6MI1ysjjDt7iu1CiHroMDAaryHijDYfCUI43N95MAw8z5CijjOLetGqMMOba4rQuvpLjJoR-6kmhN35DNAZFbUCsMB04tI4GveBo4wtHD7LUugAVksOOvqhSqCVNPe0QhrPqqCMNh8awaAYzwmirBRzKgKGGjnRFqkpZMbohh5ZigKqMG8LAwao0-hIhhqNcyCEHF_6rQdocrJLji2YdgpYGbKvdFVur6gjDoSbe0CMNNtgI44VrYQABhSvScMPNO-YAwQkqQPivwx1AqNcNG2gIGI-CUwAhiLTYKOMK-5ZIgw54dXJhBhvmXQIJKppgggUQ2EgjTBCOaGmNNxQeAg053izjhQY7dMGtmG-QAYQpwqgVuIpvuNiGPxEVAQomrOLtizGEJlrbMxbzyy5JRWBD6CKcaLMMO74QQ461FIIqaz1HQ6iGG2qgqjHrvG55LEbnOAhTEfSkVATWXINNNjnhoNNOPPXk07gXrJpjVIda9o4O3lrAbeIWYvAZP7LaFBqqLyBXTSE64ERoKtMcp6FKzNtQbfMYOm-rShxQu-oLPeP6ItCxOD_t9LdEwPp1h-Wgw20dBsX0NBYsK1SE397AIw-tROW05eOTp7uMMKCSg_cb-lAgIA%3D%3D&s=3fd7d78831b6ba6881f732f0f651887db44a0800d1905c0c0a9bd7d3bd53a4ac1616317483&w=t&r=1&d=15&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.46.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/javascript; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0B1F	24 B 126 B	154ms 53ms	Script text/javascript	136.243.46.156 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQBIwcYWrQiAFDRosyZGTUaEFDBsQWYm6IwdECho0wM2rgwBEmjIwcZEQoDFNnjEMYM27gGHOyjEkaNWx0rJGDRsgcMEqO4UmDTJmmNmLUmDmQjJ2DH29sVQinjpiDMWDCSDgQDpyDOG7QmKFwDhyDOmbgUKo0h8IxbdDq2Ch1Bg2aZMwctCFDoRg3bsLioHFj4w2Fbdw0RDhDxseukinHoBgDh8I6cthkjRGj8AwYoGU4REOHDpw5Ol68EPPGjYs6btKMeSPHDRw5aZ6KneGCd5sXbFzAQQPnBx05ZnqE4VIHhkUbcHqM0UEnTI4vNWbEQYPmzJw0aWCUOXOj-nUZNsj0qFHGDI0yYsiMKSOjpYwwKqIBhxpgkOiGGd7Dbo4e5qoLhxwUjE-MHjxr7DEJbRBDuB5gcOG6GDKEg8MhwrBCiCCsYyOKM9qYoY4gwlDjiiTiSMONKIIIooop1tCRCCXYCIKIN8S4IkcdkwyihTSOCEKIO-yQAUkdh2AijCLsqCHDvLTrK4a_MlyjjDzu6G2-DMmIoYcv_6qKjDfacCiM5XpzI8408DBDjjLKMC7OqsYII64tZoihi67kuAmhn05S6A3gFo2hURsOG0wHD68DTIQx4Gjji0gPyvQ6AhWSw469plKojE7lxPRDskCrIw2HesJhBjPCWKsFHMqAgSP8YDjq1p5asOGGHFiN4akybggDh6rS2EuEGIxyIYccXKiohmtzqEqOL6R1qFoautX2126rqiMMh5p4Q4802GAjjBe4hQEEFK64Ec475gDBCSpAqOjDHUDQ1w0baCgYj4RTACGIs9go44r8lkiDjnp1cmEGG_BdAgkqmmCCBRDYSGNMEI5gdY03HB4CDTniLOMFCD90ga2aHQNhijByDS7jGza2IdBFRYCCiap6-2KMoo_-9gzF-KKrUhHYKLoIJ94sw44vxJAjLYWe4prP0RCq4YYapmLsurBjDuvROQ7alM9LRWjttdhmoxMOO_HUk08_j3uhqjlOdShm7-jorYXcLm4hhqD3E-vNop_6QvLVFKLDVdNMM3StWzVvYzWEpLLh8wHnqjawL_h864tBwzId9dBF2Bp2ieWgI24dCgXMUBYsQ1QE4N7AI4-sTAU15uOTt7uMMJ6Sg_cb-lAgIA%3D%3D&s=5459f8a0f165bb027d79864681878351023bdff2f36c8b7574fab43722af02bd1616317483&w=t&r=1&d=15&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.46.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/javascript; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 0B1F	24 B 126 B	154ms 53ms	Script text/javascript	136.243.46.156 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=e0SEGUNHhI4YLETQOXNQRI4cOMbgyGFDTAsYM8TgaEEjh5gcLXLEyEEDo40aNmCQsVFGTI0bYUQoDFNnjMOMNyTCaImRRsqONUq2AAmD48QxNMiUkUjDRowaMweSsXNQBowbWRXCqSPmYAwZOWAkHAgHzkEcN2jMUDgHjkEdM3AYNZpD4Zg2Z3XIgIlDhgyaZMwctAFYhBg3br7iqIHDsQ2Fbdw0RDjjL4ytkinHoBEjBg6FdeSwsQo2aw62IurIcIiGDh04c3S8eHHHtoszNNrocTHmTZsXeOG8mHEDyxQnNWK8wDFFyI0rUF78mNM1Rg-5dClyqQMDhgwb1cXI6NEmSx4lYe48oTFFTBspbIJouULkytMyZ4IEqTJlzX4ilJCPiDfEuCKK_RLcrwUcyghCCDzIkEK_BIUIwg0symCDO-_AE2-GHvjS6S-pyPjNoTBcgOMNOdz4LQ08zJCjjDJ6O_GuMODaYoYYuthKjpsQKuMkhd6AA8ivhuRJITEG0wEGF7yj4S442vjiyCCh9M6oGhSSww69oFKojDGqPEjLsUKrIw2HxjBqBjPCUIvBMmCooaM6TcJhBjdbsOGGHMiMYakyYsJBqjT0EoEkGlyAyIUY7HQ0B6nk-CJRhxidFFJJIZKqDpl0EKGJN_RIgw02wnihhihBQOGKNNww8Y45QHCCChAijXIHEGB1wwYaeMUD2BRACMIsNsq4wqUl0qBj1eJcmMEGV5dAgoommGABBDbSWKMMEI4gc403ih0CDTl-K4O5HKJ0YS2KXLhBBhCmCCNOOdKA9gZpbZBqjCBFgIIJqVj8AmCHBq70DMX2mgsyEdgIuAgnSizDji_EkAMthZbCeEbSEIJJucZo8K7jdL8qco6DphRhRidFcA022WhLccUWX4xxxhp9A06qOb50KF06cmSxhTrccLaFGPglYwywSgx4qS-ejlohOtr46ikbeFRrT6zbYA0hrr2mYU-_MJvqixnd-iLHrWPouumzU7v47WTloINlHXackkcWLPNRhCPfwCMPq7y8Mt3DE5e5jDCWkoPvG_pQICA%3D&s=5437277d7701cce26d701b1262dbbe932559bb4198429f551de2fabb401a3e331616317483&w=t&r=1&d=16&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/125ed7e076fc47909ba1fefd4d0c0455.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.156.46.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:44 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/javascript; charset=utf-8
GET BLOB	200 OK	da4e2516-195d-4695-8c68-b15951c16590 Show response https://xfantazy.com/ Frame 839D	704 B 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://xfantazy.com/da4e2516-195d-4695-8c68-b15951c16590 Requested by Host: sw.swwpush.com URL: https://sw.swwpush.com/npc/sdk/wpu/npush.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0b97fe34bf67e278e0c0c13b7b6ad26398093db600a8b40b3880b6051e1cf79b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 704 Content-Type text/html
GET H2	200	300x300_JVPeF6wKo56V9P7GZcP4.jpeg static.realtime-bid.com/n337/ad/ Redirect Chain https://xml.reacheffect.com/thumbnail?i=TVtrNhwOYPI_0 https://static.realtime-bid.com/n337/ad/300x300_JVPeF6wKo56V9P7GZcP4.jpeg	10 KB 10 KB	183ms 63ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://static.realtime-bid.com/n337/ad/300x300_JVPeF6wKo56V9P7GZcP4.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 2e1cdbf08a897ae774064ef71c83730996afe4a36204d8580b015e9a128edc41 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:45 GMT last-modified Thu, 11 Mar 2021 13:17:24 GMT server nginx etag "604a1864-287b" x-hw 1616317485.cds088.lo4.hn,1616317485.cds275.lo4.c content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 10363 Redirect headers Pragma no-cache Date Sun, 21 Mar 2021 09:04:44 GMT Server nginx Age 0 Location https://static.realtime-bid.com/n337/ad/300x300_JVPeF6wKo56V9P7GZcP4.jpeg Cache-Control no-store Connection keep-alive Content-Length 0
GET H/1.1	200 OK	pixel xml.reacheffect.com/	42 B 233 B	415ms 158ms	Image image/gif	174.137.133.17 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://xml.reacheffect.com/pixel?i=TVtrNhwOYPI_0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sun, 21 Mar 2021 09:04:44 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	200	imp clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/ Redirect Chain https://ntvpevents.com/in/show/?mid=1927951433&pid=0&site=native-push&sc=PL&subid=0&sid=4271656790&cid=1692&price=0.003442&is_cpm=0&cpm=0&ecpm=0.13210595570060185&crid=&crtid=a0223ed16e6cadae6994ff... https://xml.reacheffect.com/thumbnail?i=QTWcYA7V*o4_0&imgt=icon https://likeingclick.com/impressions.php?country=DE&subid=251_55_9&aff=251&adv=123&url=https%3A%2F%2Fclkn.giant-savings.co%2Fnc%2F4Jr-kYHIauU%2F0Ndg3ydnvm6%2Fimp%3Fi%3Ddf91c84401cd4b27af44519df18fa... https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/imp?i=df91c84401cd4b27af44519df18fa97c	35 B 102 B	142ms 142ms	Image image/gif	34.86.255.143 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/imp?i=df91c84401cd4b27af44519df18fa97c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.86.255.143 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS 143.255.86.34.bc.googleusercontent.com Software nginx/1.19.2 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:45 GMT server nginx/1.19.2 content-length 35 content-type image/gif Redirect headers Date Sun, 21 Mar 2021 09:04:45 GMT X-Upstream-Addr 116.202.83.69:80 Server nginx/1.16.1 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 Location https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/imp?i=df91c84401cd4b27af44519df18fa97c Access-Control-Expose-Headers Content-Length,Content-Range Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range X-Forwarded-By 194.99.105.99
GET H2	200	eyJpdSI6Ijg4ZWNmODU0ZjZlNmQ0YjE2ZmZjNTRjZjQ4YTFmOTYwOWRlZWQ4MmEwNjE5MTdmMjllYjQ2ZDFkZTY0YjE5ZDkiLCJ3IjoxMDksImgiOjEwOSwiZCI6Mi4wLCJjcyI6MCwiZiI6MH0.jpg images.outbrainimg.com/transform/v3/ Redirect Chain https://xml.reacheffect.com/thumbnail?i=QTWcYA7V*o4_0 https://clkn.giant-savings.co/nc/4Jr-kYHIauU/0Ndg3ydnvm6/img?i=df91c84401cd4b27af44519df18fa97c https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4ZWNmODU0ZjZlNmQ0YjE2ZmZjNTRjZjQ4YTFmOTYwOWRlZWQ4MmEwNjE5MTdmMjllYjQ2ZDFkZTY0YjE5ZDkiLCJ3IjoxMDksImgiOjEwOSwiZCI6Mi4wLCJjcyI6MCwiZiI6MH0.jpg	13 KB 14 KB	154ms 52ms	Image image/jpeg	184.30.25.193 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4ZWNmODU0ZjZlNmQ0YjE2ZmZjNTRjZjQ4YTFmOTYwOWRlZWQ4MmEwNjE5MTdmMjllYjQ2ZDFkZTY0YjE5ZDkiLCJ3IjoxMDksImgiOjEwOSwiZCI6Mi4wLCJjcyI6MCwiZiI6MH0.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-25-193.deploy.static.akamaitechnologies.com Software / Resource Hash f2171ad149b64f3db37622118bb1932aef4016d7178d09b7ce633d286824b69c Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:45 GMT cache-control max-age=839795 last-modified Mon, 22 Feb 2021 14:52:06 GMT x-traceid a1f4d5703398c8b649a2de5805368752 timing-allow-origin * content-length 13773 content-type image/jpeg Redirect headers location https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4ZWNmODU0ZjZlNmQ0YjE2ZmZjNTRjZjQ4YTFmOTYwOWRlZWQ4MmEwNjE5MTdmMjllYjQ2ZDFkZTY0YjE5ZDkiLCJ3IjoxMDksImgiOjEwOSwiZCI6Mi4wLCJjcyI6MCwiZiI6MH0.jpg date Sun, 21 Mar 2021 09:04:45 GMT server nginx/1.19.2 content-length 0
GET DATA	200 OK	truncated /	692 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c55477bf59eb7492347a8ddf46d0c1fe1d5d3cae02d74e514cca631af3ef65f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	862 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e1ca32c4b05ca52e5b8bd614b431294310129c02f7408808367d5d2b244ddb3 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	300x300_mRIuXrnSaeNhvnnvJwkQ.jpeg static.realtime-bid.com/n337/ad/ Redirect Chain https://ntvpevents.com/in/show/?mid=1927951433&pid=0&site=native-push&sc=PL&subid=0&sid=4271656790&cid=1577&price=0.006066&is_cpm=0&cpm=0&ecpm=0.15262673123031353&crid=&crtid=f092cefe7b72bde0f743e1... https://xml.reacheffect.com/thumbnail?i=TVtrNhwOYPI_0&imgt=icon https://static.realtime-bid.com/n337/ad/300x300_mRIuXrnSaeNhvnnvJwkQ.jpeg	13 KB 14 KB	61ms 60ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://static.realtime-bid.com/n337/ad/300x300_mRIuXrnSaeNhvnnvJwkQ.jpeg Requested by Host: xfantazy.com URL: https://xfantazy.com/video/5cd1bdc7e9048c1851380f3a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 5daed490ca23740d9c872270ba1466e4d13fdbccaef4956293f2a35ff69e5dcc Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 21 Mar 2021 09:04:45 GMT last-modified Thu, 11 Mar 2021 13:17:33 GMT server nginx etag "604a186d-35b9" x-hw 1616317485.cds088.lo4.hn,1616317485.cds245.lo4.c content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 13753 Redirect headers Pragma no-cache Date Sun, 21 Mar 2021 09:04:45 GMT Server nginx Age 0 Location https://static.realtime-bid.com/n337/ad/300x300_mRIuXrnSaeNhvnnvJwkQ.jpeg Cache-Control no-store Connection keep-alive Content-Length 0
POST H2	200	49415098 Show response mc.yandex.ru/webvisor/	43 B 145 B	430ms 51ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/webvisor/49415098?wmode=0&wv-part=1&wv-hit=1022560252&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&rn=1069286896&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1616317485%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A202103210100444%3Au%3A1616317482276293966%3Avf%3A1d7r6ah8uksa0119%3Ati%3A2%3Ast%3A1616317485 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:45 GMT last-modified Sun, 21-Mar-2021 09:04:45 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:45 GMT
POST H2	200	49415098 Show response mc.yandex.ru/webvisor/	43 B 145 B	187ms 51ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/webvisor/49415098?wmode=0&wv-part=1&wv-hit=1022560252&page-url=https%3A%2F%2Fxfantazy.com%2Fvideo%2F5cd1bdc7e9048c1851380f3a&rn=1010296524&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1616317485%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A202103210100444%3Au%3A1616317482276293966%3Avf%3A1d7r6ah8uksa0119%3Ati%3A2%3Ast%3A1616317485 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://xfantazy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 21 Mar 2021 09:04:44 GMT last-modified Sun, 21-Mar-2021 09:04:44 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://xfantazy.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 21-Mar-2021 09:04:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

a.pornomixfree.com

URL

https://a.pornomixfree.com/api/spots/303891?p=1&s1=%subid1%&kw=

Domain

a.pornomixfree.com

URL

https://a.pornomixfree.com/api/spots/303892?p=1&s1=%subid1%&kw=

Domain

a.pornomixfree.com

URL

https://a.pornomixfree.com/api/spots/303893?p=1&s1=%subid1%&kw=