www25.orvilleandrea.pro Open in urlscan Pro
2606:4700:3032::ac43:abb6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Page URL
2. https://www18.orvilleandrea.pro/pushredirect/?tmp=2&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Page URL
3. https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig HTTP 302
   https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Page URL
   
4. https://www25.orvilleandrea.pro/pushredirect/?tmp=2&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig HTTP 302
• https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig

Request Chain 101

• https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig HTTP 302
• https://www77.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response www14.orvilleandrea.pro/pushredirect/	5 KB 3 KB	436ms 301ms	Document text/html	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash b5c9cb069a94074310349f460656d1e43b4de6d2e84296adf6c756509423430f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Mon, 27 Dec 2021 15:09:50 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.27 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLXaP0eBenaGcOX11KmJR2M98RFK44IBBX6%2FmmJ7N%2BUFvhbqeohxRQtJD%2BU7m%2FAzZq3W4GzKm0WWAhJILignpt%2Bf47qWz1g5aQPZ35RRPWmh6aQ0RsCxZJzO7USu1hxuBjE4MJhTucegO2jP44PgWKpFb6Fxmg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4378e68edf3746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	163 KB 49 KB	249ms 179ms	Script text/plain	143.204.101.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-177.fra50.r.cloudfront.net Software / Resource Hash 620dcbe9d53dc2534151701c194d81c2ebded167ea9f57fb1a89ddeba93dafbf Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:51 GMT content-encoding gzip x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 49371 via 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront) x-amz-cf-id xH6Wi_gJe9BB-goRGDB9zXNsz5uJ9Ud62A8egLTrZ2J6nhl86uxt1A==
GET H2	200	logo.png www14.orvilleandrea.pro/static/image/	10 KB 11 KB	78ms 77ms	Image image/png	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www14.orvilleandrea.pro/static/image/logo.png Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:50 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 290 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-b4021a56880f53fc;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnAkuZ%2Fhhk7ttAPkYigTqRlkfWxs6HVSCNpap2Pu9zh0R3Sjpuogp0gKYHJRKzbgzyh9GdG6oFCLJUvxCXioDa3YTz654Dmmdt5CAHA5deP%2Bb25jFDfWMAi78i6bEPnUEomgnuBADgdmc9v5LvHAwLbeJRv9eQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6c4378e89bbd3746-MXP expires Mon, 03 Jan 2022 15:05:00 GMT
GET H2	200	29773761-a0f0-48e4-9d54-9bdd01634f18 Show response player.ex.co/player/	723 KB 213 KB	95ms 40ms	Script application/javascript	151.101.66.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 170d59a33353d43779162b6b0fe39cfd663fb8ce934ee89922088e72bd817c72 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:50 GMT content-encoding gzip age 9292 x-cache MISS, HIT access-control-max-age 600 content-length 217876 x-served-by cache-iad-kjyo7100082-IAD, cache-cdg20744-CDG access-control-allow-origin * server nginx x-timer S1640617791.856375,VS0,VE1 etag W/"b4d93-mpe8//W6Jx9tAEN7UnIz9j/X/9w" vary Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player access-control-allow-methods GET, POST, PUT, DELETE content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control no-cache accept-ranges bytes access-control-allow-headers Accept, Authorization, Content-Type x-cache-hits 0, 1
GET H2	200	am-push.796884.js Show response www14.orvilleandrea.pro/	93 KB 37 KB	414ms 413ms	Script application/x-javascript	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www14.orvilleandrea.pro/am-push.796884.js?puid=4910338&allb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig&ob=https%3A%2F%2Fwww18.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&clb=https%3A%2F%2Fwww18.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&asb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b9191f2cd7c6a9cca2907f04717014b91b655c4345169882578bfeffa4bc185 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag W/"175a3-5faa60e6-d0a378b53381f2bf;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70h2E5RJOSecYf%2B2BTtAZverfpBJl5MzF6VAsdemFKPUaNibNQsAOrPpazcIhVZQAvy%2Fn%2Bw1xXL8ukP5MnvpeKYPAkykTG%2FuveNX1aXH1%2BdfdTiM754NNBrohAho6ONJ9L%2BhWlT4bzmnjn8ziGh0wbTs4zncVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6c4378e89bc23746-MXP expires Mon, 03 Jan 2022 15:09:50 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 142 B	314ms 102ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www14.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:51 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	/ Show response freychang.fun/	16 B 747 B	264ms 162ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f289d604bf0231de8a0656098f013b40ce26e3845977c57885695021ddab7631 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www14.orvilleandrea.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6hgDVxlEy1TXKEYps1k7o71DoqX9CrbREA2bFCsuGRhZnFUoe6b9nelx9QWOOCK%2Bmiku8b9r7RD98Vh81MYdsxOsK3zilk89MAeSUsiXV%2BcvP%2BHPO9Olm0guAduBC8buOkZJhBgHbaO4NO5"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6c4378eae8d15a25-MXP access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	utx Show response nitytostaraca.com/	0 494 B	178ms 118ms	XHR text/plain	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/utx?cb=ybKhEm4fFZyq&top=www14.orvilleandrea.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:51 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www14.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id abtrvm6BdYMmh9BMhuhhAL6unm2EX32WT1CtaciN-t75WdAnM9C1Uw==
GET H2	200	ZzkhBmEAeygqd3IqJw1aaTEbMHN3OSEGZmE7ABBndhMnAnxULgc9fV4lJwB1aj4vPXhyBDBqBkEDDxZaexoQKXR4DAwiX3EOKx90BS0uCUhRIBhwYGN9PCZfdjATKXAVew8XA1cmA3VCWAgaFlx8DSEiU10tcB4DeTsEBHMVewsRdWo+ChBdeCsRDVpqPi12Vl0PO... Show response nitytostaraca.com/MjBJSUdTUiokeFMNK28yQFx0bHV0FXsPI1EFInEhVQUgJiQKQ2cqK11FLS81XV49ZylXRGx7AVZ9HAcEZgEHGgtxRzkrAmdBAycNQHF6LXVXdwgRDGZ1LhkSdBV7CwVcajgvIAp1CxoVFwILExNrAQc+P0hqCgQ+akkbbHV0UR0TIXt4cGx... Frame D5E7	3 KB 2 KB	161ms 118ms	Document text/html	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/MjBJSUdTUiokeFMNK28yQFx0bHV0FXsPI1EFInEhVQUgJiQKQ2cqK11FLS81XV49ZylXRGx7AVZ9HAcEZgEHGgtxRzkrAmdBAycNQHF6LXVXdwgRDGZ1LhkSdBV7CwVcajgvIAp1CxoVFwILExNrAQc+P0hqCgQ+akkbbHV0UR0TIXt4cGx1cFQfCCl7eAMnAUhTMAADVX0HIDBAfiUqNn5zJnoBSGkjKi0HVQYaNFhgeAsqUXElJA8BficvEH9qBwo0Wn54fXd/ZzkhBmEAeygqd3IqJw1aaTEbMHN3OSEGZmE7ABBndhMnAnxULgc9fV4lJwB1aj4vPXhyBDBqBkEDDxZaexoQKXR4DAwiX3EOKx90BS0uCUhRIBhwYGN9PCZfdjATKXAVew8XA1cmA3VCWAgaFlx8DSEiU10tcB4DeTsEBHMVewsRdWo+ChBdeCsRDVpqPi12Vl0POAZfaj4vPnBhAxoKC38hGz9weDkuBV8BMSwfZHUvLmFYQyYnNw90cHAIfnYDPgg Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 73d4ea2ed4afad5ce331db5d14621b037f3ae5e5a521531aa14d548b210148ea Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ Response headers content-type text/html content-length 1228 date Mon, 27 Dec 2021 15:09:51 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id TlAOMCZED7fI5Sz4L8nGx2ZNYfljTNxWOs9Kfbqbw0XOTsNSffcxDg==
GET H2	204	d1dnWVhYaAQqZTplEyAJRx4vDh0HYAQYLBYGCRMgNWZWGDsvFkEtMRNqX2tsQ2BUfygeM1pqalEkEzgsAiRaaH4eOQE2ZVEhWml2T3lRd2lRIlpofgMnBj5lRnEXLSwbalZvbEdhVm5vTmZXb2A ellentmatchwi.com/	0 540 B	254ms 158ms	Image text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/d1dnWVhYaAQqZTplEyAJRx4vDh0HYAQYLBYGCRMgNWZWGDsvFkEtMRNqX2tsQ2BUfygeM1pqalEkEzgsAiRaaH4eOQE2ZVEhWml2T3lRd2lRIlpofgMnBj5lRnEXLSwbalZvbEdhVm5vTmZXb2A Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FUOsmgr06KueKLnaPSOTDEjFF%2BtDY8bYUAr8VfpYUALLPM6HqR2wWGpwi8PY4DzKuc8jMXJlh5tNyKRci10QRxGUCnrh6I6g9eexG1SpM5%2F2CUXly%2FdXh%2FcBXyxQ7pH1w%2B19wEUvjez6cgYwOwVrw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378eafe2359f5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	SQsEdwcjPUcQGDQcEy0oFTkaDGA0LiEOMi4lMBw7P04DIzRLUEV+ZEFbUTo5ElVEeHYFHBY+JQVVRXpgQU4eJDYZVUVsJktYWXJ+QEZGbCVLWVE+IBcPSnt2BhwDJm1HXkN6ZkdfQHNhRl9H ellentmatchwi.com/UHZod0p/	0 267 B	260ms 165ms	Image text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/UHZod0p/SQsEdwcjPUcQGDQcEy0oFTkaDGA0LiEOMi4lMBw7P04DIzRLUEV+ZEFbUTo5ElVEeHYFHBY+JQVVRXpgQU4eJDYZVUVsJktYWXJ+QEZGbCVLWVE+IBcPSnt2BhwDJm1HXkN6ZkdfQHNhRl9H Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZlMc3GJ7vV760j1zpei%2BFgh13T3YVWCZ%2BD%2BWaTjg5kIieTD2omSlMtparPpV%2BAThAp56Eoj7GSkmfKo8ULTl%2BjUhA8X0GyASZpis8XfwZaMkAK4v6jZVAnyq92YnXewdFOKvxZAi0HcqxdK0BKFsA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378eafe2859f5-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	css2 fonts.googleapis.com/	2 KB 1 KB	103ms 37ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 27 Dec 2021 14:22:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 27 Dec 2021 15:09:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Dec 2021 15:09:51 GMT
GET H2	200	hls.min.js Show response player.avplayer.com/script/2/2.55/libs/	247 KB 71 KB	130ms 35ms	Script application/javascript	2a02:26f0:6c00::210:bb91 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.avplayer.com/script/2/2.55/libs/hls.min.js Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT content-encoding gzip x-guploader-uploadid ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 71831 last-modified Sun, 10 Jan 2021 14:52:52 GMT server UploadServer etag "7888b98658e8cef4a98786556ccdab66" vary Accept-Encoding x-goog-hash crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg== content-language en x-goog-generation 1610290372874389 cache-control public, max-age=300 x-goog-stored-content-length 71831 accept-ranges bytes content-type application/javascript expires Mon, 27 Dec 2021 15:14:51 GMT
GET DATA	200 OK	truncated /	216 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	237 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	238 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	411 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	240 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 143 B	166ms 101ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www14.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:51 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 71 B	308ms 100ms	Image text/plain	3.92.149.62 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1640617791132&cid=61c1a028f359cd68f50bba5f&VERSION=4.111.2&AV_PAGE_LOAD_UID=42965914-ec62-45b0-8c4c-6c2edcb165f3&AV_CDIM4=42965914-ec62-45b0-8c4c-6c2edcb165f3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.92.149.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-149-62.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H2	200	S0JWa2UwYCUcOj4wOklfaSoiHxU4eHlEEjw1Z19LJDAgAgknJzcFATknN0UVOS15CghmMiMYDWV1b11dc3Z4ARZ0MiMCAXZ2b1pVeHFuTQQnLjRWDT82JhhAeANzWSNucBABCi4uZFtUfHBmWl0hLTMHSzwrLhgMPyd4CAomZ2QtBDk2NU5XDTE1AwopKzFNCil%2... Show response aphycolourses.info/	58 KB 24 KB	326ms 118ms	Script application/javascript	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://aphycolourses.info/S0JWa2UwYCUcOj4wOklfaSoiHxU4eHlEEjw1Z19LJDAgAgknJzcFATknN0UVOS15CghmMiMYDWV1b11dc3Z4ARZ0MiMCAXZ2b1pVeHFuTQQnLjRWDT82JhhAeANzWSNucBABCi4uZFtUfHBmWl0hLTMHSzwrLhgMPyd4CAomZ2QtBDk2NU5XDTE1AwopKzFNCil%2FPh8ROzFzWCRucBBOVw01IRxUc2w5GRMiLjoOBCUmJA4EZTIkBEB5BCYeFiMwMw8MOSc1H0B5BHNYIz8vJk5WD3NzWVMlJyIcCjkpc1ghemdkXQwkMXNYIXtnZF0WIjYzTlYPIzINCTJnZF0GbnESWkB5dCYbDG5xEl9cenJlWF1ucGAbBiJnZS9TeHtmXVBycWNSQHl0Ik5WD3NgX1V9c2FcUX5nZF0BLjEiTlYPKiIfFThnZF5WCmdkXlcNZ2ReVw0oOQ4JeXJnXFd7c24BCi4ueBwMMzE%2FHwBlITkGQHl3ZC0EOTY1Tld%2BcBAYBiMtNAICbSE6CVgjNiIbFm5xF05XDWdkLRI8NWdTSyQwIAIJJyc3BQE5JzdFFTktc1kjOzclAxcuJj8ZACg2c1kjbnEQHwg7Z2UvV25wYAUAPzU5GQ5ucRJaQHl0PwQWbnESW0B5dCUCES5nZS8ELyQ6EkB5dDVOVg9zc1lTOzI%2FTlYPdm9aVXhxbk5XfTI1AkB4BmBYXHt0Y1JWfntzWVM%2FZ2UvVH12Zl1UfHViXkB5dDIOFj9nZS8NPzYmGEB5d2UqQHl3ZC1AeXdkLQ8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC9zWVB5BDcZEShnZF5XDTE1AwopKzFNBDggawMRPzIlTlYKZ2QtQHkEPAQAJ3BmWlJ5cmdTDyQnOkUSIjolAhEubDUECG5wEAoXPyFzWSM4IT4EByIldEdHOC8wSV96bnQfBCwdPw9HcWBhUlNzemJJSWkxIwk6IiZnSV9pdm9aVXhxbklJaTEjCToiJmRJX2kjZVgBfHs1W0guIzMNSH96ZF9IcyFvX0goJmRaBip7bw0GKXp0R0cqLjoJR3FgPh8ROzFsREohLTMHV3tzYVlVeno8BAAnbCECHTgrIg5LKC07RAQ5NjVEFigqOQkMLGB6SQopYGxJDT82JhhfZG0hHBJ6engEFz0rOgcAKiwyGQAqbCYZCmQyIxgNOScyAhcuISJEWj8vJlZUbSwzHxIkMD1WVG0rORhYe2QlAhEufzcPAyc7cAhYemQmGwx2dm9aVXhxbk0VKCtrXVZycmBeXHh3b00RdnNgX1V9c2FcUX5kMg4WP38%2BHxE7MXNYJG5wEE5XDSg5Dgl5cmdcV3tzbgEKLi54HAwzMT8fAGUhOQZAeQQ3GREoZ2QtFigqOQkMLGB6SQYnIHRRRyM2IhsWcW15HBI8c25FCjk0PwcJLiM4DxcuI3gbFyRtJh4WIzAzDww5JzUfSnQ2OxtYeWQ4DhE8LSQAWHpkPwQWdnJwGAw%2FJ2sKAS0uL00GdnNwGxUif2JSVHtxZVNDOyE%2FVlN4e2ZdUHJxY1JDP39nXVF7dGdcUn93cA8AODZrAxE%2FMiVOVgpnZC1AeQQ8BAAncGZaUnlyZ1MPJCc6RRIiOiUCES5sNQQIbnAQChc%2FIXNZIzghPgQHIiV0R0cqMTRJX2kqIh8VOHh5RA8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC95Chc%2FIXkYBiMtNAICaT8 Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/am-push.796884.js?puid=4910338&allb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig&ob=https%3A%2F%2Fwww18.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&clb=https%3A%2F%2Fwww18.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&asb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash a6cefd325022d527927d54532338397f568fd8242157f16a462648c27e96186a Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-encoding gzip etag W/"e6e8-tx27hqtcabW6+IHEJ3bJQZWr/8Q" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type
GET H2	200	P1goJ2phASQnLDheamd9Y1IrMCA+VGZwCWoHbXJhZwd1dmFqAmZwfyBQJSM9OhRxBHpgBm1xeXVEfg Show response dc5k8fg5ioc8s.cloudfront.net/dMUNCT1NSLCwpbEUqJnJrA3d2eGAXKTEgPUF+BnZqfg8EBSR+ZTY1NwxzZCMyXyR/aTZfIH9+dVAnIHJnFzcyIDgMNiwrNlcqLCo3FzYjcj5eOSsjP1BmcAlmH3NnfWMZNCshN140MWphAS02amEBcnJhYxRwAGphATQrIWU... Frame D5E7	417 B 613 B	183ms 182ms	Script text/plain	143.204.101.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/dMUNCT1NSLCwpbEUqJnJrA3d2eGAXKTEgPUF+BnZqfg8EBSR+ZTY1NwxzZCMyXyR/aTZfIH9+dVAnIHJnFzcyIDgMNiwrNlcqLCo3FzYjcj5eOSsjP1BmcAlmH3NnfWMZNCshN140MWphAS02amEBcnJhYxRwAGphATQrIWUFZnENdgNzOnlnGGZwfzJBMy-4qJFQhKSYnFHEEemAGbXF5dgNzaiQ7RS4uamFyZnB/P1goJ2phASQnLDheamd9Y1IrMCA+VGZwCWoHbXJhZwd1dmFqAmZwfyBQJSM9OhRxBHpgBm1xeXVEfg Requested by Host: nitytostaraca.com URL: https://nitytostaraca.com/MjBJSUdTUiokeFMNK28yQFx0bHV0FXsPI1EFInEhVQUgJiQKQ2cqK11FLS81XV49ZylXRGx7AVZ9HAcEZgEHGgtxRzkrAmdBAycNQHF6LXVXdwgRDGZ1LhkSdBV7CwVcajgvIAp1CxoVFwILExNrAQc+P0hqCgQ+akkbbHV0UR0TIXt4cGx1cFQfCCl7eAMnAUhTMAADVX0HIDBAfiUqNn5zJnoBSGkjKi0HVQYaNFhgeAsqUXElJA8BficvEH9qBwo0Wn54fXd/ZzkhBmEAeygqd3IqJw1aaTEbMHN3OSEGZmE7ABBndhMnAnxULgc9fV4lJwB1aj4vPXhyBDBqBkEDDxZaexoQKXR4DAwiX3EOKx90BS0uCUhRIBhwYGN9PCZfdjATKXAVew8XA1cmA3VCWAgaFlx8DSEiU10tcB4DeTsEBHMVewsRdWo+ChBdeCsRDVpqPi12Vl0POAZfaj4vPnBhAxoKC38hGz9weDkuBV8BMSwfZHUvLmFYQyYnNw90cHAIfnYDPgg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-177.fra50.r.cloudfront.net Software / Resource Hash 45172c98bed14f17431d9049df917e1fece8d36d13fca304704d48bf2bcb875e Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://nitytostaraca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:51 GMT content-encoding gzip x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 336 via 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront) x-amz-cf-id Ze2W4RhyxLep9IuNM9Dyecl75y6L0_I8DO-Z8ixleGlqhTL5RQzUIQ==
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/sp_hd/v1490095101/	1 KB 2 KB	126ms 37ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 4f73f471d4c1a2219cd0236067fa41e835bae3d2887b2a79fd0f6a108c615477 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Last-Modified Fri, 21 May 2021 21:59:47 GMT Server cloudinary X-Timer S1638938754.313169,VS0,VE1 ETag "6cbef256485867468e68a983638ffdf4" X-Served-By cache-wdc5555-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=29878572 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 1128 X-Cache-Hits 1
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/	2 KB 3 KB	37ms 37ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 35a5954c8c68b9d6cfbde8f0ace5c3e0afadda08b586c266a86d3de9e9979d33 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Cache-Tag 187021853812349393190411544939923659149,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Connection keep-alive Content-Length 2125 X-Served-By cache-wdc5575-WDC Last-Modified Fri, 21 May 2021 21:59:18 GMT Server cloudinary X-Timer S1638939286.498159,VS0,VE1 ETag "14ef4e2f8c5f43b519f526e19ac87a7c" Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=29879033 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:51 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/	103 KB 103 KB	44ms 43ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash f2e3cac4e7023545ee7030762515ff912bb3b097742c9dc96bd2bdb247903d91 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-105091 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Cache-Tag 187021853812349393190411544939923659149,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 0-105091/1892784 Connection keep-alive Content-Length 105092 X-Served-By cache-wdc5557-WDC Last-Modified Fri, 21 May 2021 21:59:18 GMT Server cloudinary X-Timer S1638939287.001250,VS0,VE157 ETag "30bfb8d7ea3884b72671bc8ef06e0043" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=29879069 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET BLOB	200 OK	7bc8b1a8-28d0-4bf4-859b-c62a0ea1bfdd https://www14.orvilleandrea.pro/	63 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www14.orvilleandrea.pro/7bc8b1a8-28d0-4bf4-859b-c62a0ea1bfdd Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Length 64352 Content-Type text/javascript
GET H3	200	popunder.gif ellentmatchwi.com/	35 B 681 B	108ms 58ms	Image image/gif	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/popunder.gif Requested by Host: www14.orvilleandrea.pro URL: https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma public date Mon, 27 Dec 2021 15:09:51 GMT cf-cache-status HIT last-modified Fri, 24 Dec 2021 20:58:23 GMT server cloudflare age 238288 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh971%2B39k8H9uM2hptJGE6NQGeLB%2FOHHdmgwzSr%2Bt39Au%2FYkqL0KVsTiwqFp2iqd9XnWBymexaCENDRKlgESXHif%2FLSDilrZfCmR%2FyWxbnUxYAJfvXHcAOZMOvv%2FoLkITPTGv2Z9sUGi%2FbjvW3JPmQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6c4378ed5855839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	2 KB 3 KB	37ms 36ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 55336a505d2134a5671227513bcdda58b14b156eb969c610d1ba7aea0f523b18 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.811856,VS0,VE1 ETag "334d302654ffa65882462de2f346cb06" X-Served-By cache-wdc5546-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 2138 X-Cache-Hits 1
POST H3	204	N0x1ZFEYcxYXbHkLRA4DXQU0PD1DaUcmEHY0FjFiVA40IiVlKDQld0MlEVlpBXhBU2IRPBwAbAR+UxclVjgAF2wFfEVTd14iEwtsBWoDWWEZdFtSfwZqAFlgBnxFU2cEfkdUZQ9+QFRjETgFBTYKfVMUJUMgSFVnA3xDVWYAdURSYwQ ellentmatchwi.com/	0 518 B	160ms 159ms	Ping text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ellentmatchwi.com/N0x1ZFEYcxYXbHkLRA4DXQU0PD1DaUcmEHY0FjFiVA40IiVlKDQld0MlEVlpBXhBU2IRPBwAbAR+UxclVjgAF2wFfEVTd14iEwtsBWoDWWEZdFtSfwZqAFlgBnxFU2cEfkdUZQ9+QFRjETgFBTYKfVMUJUMgSFVnA3xDVWYAdURSYwQ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Dec 2021 15:09:51 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2bqGAghhqXj8406qMAWp6lSTjVEmJGRK5YPnjlKzxHHDU8x1X77m1SDI%2B1VeYkqbB8%2FVBiInFsgKoWeKBJT5dWO1pFpkqdLvR1rGFG%2BzPAYsjOrohPu0VzBZOEkdc25%2FETFPu3rcPcGxbeQNbMr3A%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378edb981839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	floater Show response nitytostaraca.com/	1 KB 1 KB	611ms 611ms	XHR text/plain	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/floater?cs=dld5Y3VCZEFbR05mSVJGQmFLUUc&abt=0&red=1&sm=83&k=&v=0.8.6.1&sts=0&prn=0&emb=0&tid=824473&u=1100763220482502&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww14.orvilleandrea.pro%2Fpushredirect%2F%3Fnetwork%3D1%26site%3Dadfly%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_NcfO=1640617791623&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 0feca3321d4b6195d320d21c18ca442962fcb5c9fd18f869e94a19c3aa43cffc Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:52 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www14.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 855 via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-id 7jm_2z_qlebnguLPrtLeA-fFJ3x-Oyx6WimRimvDyzNUnb8sCUyKVQ==
GET H2	204	utx Show response teassemblyju.xyz/	0 497 B	197ms 126ms	XHR text/plain	13.32.99.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://teassemblyju.xyz/utx?tid=796884&top=www14.orvilleandrea.pro&cb=2u6EOzlpK2o8 Requested by Host: aphycolourses.info URL: https://aphycolourses.info/S0JWa2UwYCUcOj4wOklfaSoiHxU4eHlEEjw1Z19LJDAgAgknJzcFATknN0UVOS15CghmMiMYDWV1b11dc3Z4ARZ0MiMCAXZ2b1pVeHFuTQQnLjRWDT82JhhAeANzWSNucBABCi4uZFtUfHBmWl0hLTMHSzwrLhgMPyd4CAomZ2QtBDk2NU5XDTE1AwopKzFNCil%2FPh8ROzFzWCRucBBOVw01IRxUc2w5GRMiLjoOBCUmJA4EZTIkBEB5BCYeFiMwMw8MOSc1H0B5BHNYIz8vJk5WD3NzWVMlJyIcCjkpc1ghemdkXQwkMXNYIXtnZF0WIjYzTlYPIzINCTJnZF0GbnESWkB5dCYbDG5xEl9cenJlWF1ucGAbBiJnZS9TeHtmXVBycWNSQHl0Ik5WD3NgX1V9c2FcUX5nZF0BLjEiTlYPKiIfFThnZF5WCmdkXlcNZ2ReVw0oOQ4JeXJnXFd7c24BCi4ueBwMMzE%2FHwBlITkGQHl3ZC0EOTY1Tld%2BcBAYBiMtNAICbSE6CVgjNiIbFm5xF05XDWdkLRI8NWdTSyQwIAIJJyc3BQE5JzdFFTktc1kjOzclAxcuJj8ZACg2c1kjbnEQHwg7Z2UvV25wYAUAPzU5GQ5ucRJaQHl0PwQWbnESW0B5dCUCES5nZS8ELyQ6EkB5dDVOVg9zc1lTOzI%2FTlYPdm9aVXhxbk5XfTI1AkB4BmBYXHt0Y1JWfntzWVM%2FZ2UvVH12Zl1UfHViXkB5dDIOFj9nZS8NPzYmGEB5d2UqQHl3ZC1AeXdkLQ8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC9zWVB5BDcZEShnZF5XDTE1AwopKzFNBDggawMRPzIlTlYKZ2QtQHkEPAQAJ3BmWlJ5cmdTDyQnOkUSIjolAhEubDUECG5wEAoXPyFzWSM4IT4EByIldEdHOC8wSV96bnQfBCwdPw9HcWBhUlNzemJJSWkxIwk6IiZnSV9pdm9aVXhxbklJaTEjCToiJmRJX2kjZVgBfHs1W0guIzMNSH96ZF9IcyFvX0goJmRaBip7bw0GKXp0R0cqLjoJR3FgPh8ROzFsREohLTMHV3tzYVlVeno8BAAnbCECHTgrIg5LKC07RAQ5NjVEFigqOQkMLGB6SQopYGxJDT82JhhfZG0hHBJ6engEFz0rOgcAKiwyGQAqbCYZCmQyIxgNOScyAhcuISJEWj8vJlZUbSwzHxIkMD1WVG0rORhYe2QlAhEufzcPAyc7cAhYemQmGwx2dm9aVXhxbk0VKCtrXVZycmBeXHh3b00RdnNgX1V9c2FcUX5kMg4WP38%2BHxE7MXNYJG5wEE5XDSg5Dgl5cmdcV3tzbgEKLi54HAwzMT8fAGUhOQZAeQQ3GREoZ2QtFigqOQkMLGB6SQYnIHRRRyM2IhsWcW15HBI8c25FCjk0PwcJLiM4DxcuI3gbFyRtJh4WIzAzDww5JzUfSnQ2OxtYeWQ4DhE8LSQAWHpkPwQWdnJwGAw%2FJ2sKAS0uL00GdnNwGxUif2JSVHtxZVNDOyE%2FVlN4e2ZdUHJxY1JDP39nXVF7dGdcUn93cA8AODZrAxE%2FMiVOVgpnZC1AeQQ8BAAncGZaUnlyZ1MPJCc6RRIiOiUCES5sNQQIbnAQChc%2FIXNZIzghPgQHIiV0R0cqMTRJX2kqIh8VOHh5RA8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC95Chc%2FIXkYBiMtNAICaT8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-36.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:51 GMT via 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www14.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id gEV2Nb7ZzfLMYWWCtrj6ly5R2vnLRjFA-SytP2ljwGAk6yzsASJN7g==
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:51 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	208 KB 209 KB	38ms 38ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 511bec0c7b5a5fba00bc04f9187c858e22470a727ed8030cf0cbd8a4beab8705 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-213379 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Content-Range bytes 0-213379/3940668 Connection keep-alive Content-Length 213380 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780177 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
POST H2	200	/ Show response dliketobepart.work/	0 37 B	309ms 98ms	XHR text/plain	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dliketobepart.work/ Requested by Host: aphycolourses.info URL: https://aphycolourses.info/S0JWa2UwYCUcOj4wOklfaSoiHxU4eHlEEjw1Z19LJDAgAgknJzcFATknN0UVOS15CghmMiMYDWV1b11dc3Z4ARZ0MiMCAXZ2b1pVeHFuTQQnLjRWDT82JhhAeANzWSNucBABCi4uZFtUfHBmWl0hLTMHSzwrLhgMPyd4CAomZ2QtBDk2NU5XDTE1AwopKzFNCil%2FPh8ROzFzWCRucBBOVw01IRxUc2w5GRMiLjoOBCUmJA4EZTIkBEB5BCYeFiMwMw8MOSc1H0B5BHNYIz8vJk5WD3NzWVMlJyIcCjkpc1ghemdkXQwkMXNYIXtnZF0WIjYzTlYPIzINCTJnZF0GbnESWkB5dCYbDG5xEl9cenJlWF1ucGAbBiJnZS9TeHtmXVBycWNSQHl0Ik5WD3NgX1V9c2FcUX5nZF0BLjEiTlYPKiIfFThnZF5WCmdkXlcNZ2ReVw0oOQ4JeXJnXFd7c24BCi4ueBwMMzE%2FHwBlITkGQHl3ZC0EOTY1Tld%2BcBAYBiMtNAICbSE6CVgjNiIbFm5xF05XDWdkLRI8NWdTSyQwIAIJJyc3BQE5JzdFFTktc1kjOzclAxcuJj8ZACg2c1kjbnEQHwg7Z2UvV25wYAUAPzU5GQ5ucRJaQHl0PwQWbnESW0B5dCUCES5nZS8ELyQ6EkB5dDVOVg9zc1lTOzI%2FTlYPdm9aVXhxbk5XfTI1AkB4BmBYXHt0Y1JWfntzWVM%2FZ2UvVH12Zl1UfHViXkB5dDIOFj9nZS8NPzYmGEB5d2UqQHl3ZC1AeXdkLQ8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC9zWVB5BDcZEShnZF5XDTE1AwopKzFNBDggawMRPzIlTlYKZ2QtQHkEPAQAJ3BmWlJ5cmdTDyQnOkUSIjolAhEubDUECG5wEAoXPyFzWSM4IT4EByIldEdHOC8wSV96bnQfBCwdPw9HcWBhUlNzemJJSWkxIwk6IiZnSV9pdm9aVXhxbklJaTEjCToiJmRJX2kjZVgBfHs1W0guIzMNSH96ZF9IcyFvX0goJmRaBip7bw0GKXp0R0cqLjoJR3FgPh8ROzFsREohLTMHV3tzYVlVeno8BAAnbCECHTgrIg5LKC07RAQ5NjVEFigqOQkMLGB6SQopYGxJDT82JhhfZG0hHBJ6engEFz0rOgcAKiwyGQAqbCYZCmQyIxgNOScyAhcuISJEWj8vJlZUbSwzHxIkMD1WVG0rORhYe2QlAhEufzcPAyc7cAhYemQmGwx2dm9aVXhxbk0VKCtrXVZycmBeXHh3b00RdnNgX1V9c2FcUX5kMg4WP38%2BHxE7MXNYJG5wEE5XDSg5Dgl5cmdcV3tzbgEKLi54HAwzMT8fAGUhOQZAeQQ3GREoZ2QtFigqOQkMLGB6SQYnIHRRRyM2IhsWcW15HBI8c25FCjk0PwcJLiM4DxcuI3gbFyRtJh4WIzAzDww5JzUfSnQ2OxtYeWQ4DhE8LSQAWHpkPwQWdnJwGAw%2FJ2sKAS0uL00GdnNwGxUif2JSVHtxZVNDOyE%2FVlN4e2ZdUHJxY1JDP39nXVF7dGdcUn93cA8AODZrAxE%2FMiVOVgpnZC1AeQQ8BAAncGZaUnlyZ1MPJCc6RRIiOiUCES5sNQQIbnAQChc%2FIXNZIzghPgQHIiV0R0cqMTRJX2kqIh8VOHh5RA8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC95Chc%2FIXkYBiMtNAICaT8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:51 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	402 KB 403 KB	37ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash dee534382742ea1b99a5d32e375d2ec9f2468752594334318caf747ea0accb8f Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=213380-625287 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Content-Range bytes 213380-625287/3940668 Connection keep-alive Content-Length 411908 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780177 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	94ms 28ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www14.orvilleandrea.pro Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 22 Dec 2021 01:54:06 GMT x-content-type-options nosniff age 479745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 22 Dec 2022 01:54:06 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 142 B	102ms 101ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www14.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:51 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	377 KB 377 KB	59ms 59ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 462b88c8af72c17883ac80b8a32f57205463470ca8ba819b8320ffb09200a28e Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=625288-1011063 Response headers Date Mon, 27 Dec 2021 15:09:51 GMT Content-Range bytes 625288-1011063/3940668 Connection keep-alive Content-Length 385776 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780177 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:51 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	190 KB 191 KB	37ms 36ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 87d82653f64deb80bc92b76ab2bd1c656d3b3e4d4a343b6b3a1da64705381af6 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1011064-1206019 Response headers Date Mon, 27 Dec 2021 15:09:52 GMT Content-Range bytes 1011064-1206019/3940668 Connection keep-alive Content-Length 194956 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780176 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:52 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 37ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:52 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	164 KB 164 KB	38ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 18d6b6795c6a46dca62c03f9b1f3dcc8bef131fcaadf46be7900a3a95909e03a Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1206020-1373527 Response headers Date Mon, 27 Dec 2021 15:09:52 GMT Content-Range bytes 1206020-1373527/3940668 Connection keep-alive Content-Length 167508 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780176 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	230 KB 230 KB	37ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash bf8255f5fb500d25ac3b702b1ade886e1a83a8147f3db73ce46a8aef38b957d9 Request headers Referer https://www14.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1373528-1608715 Response headers Date Mon, 27 Dec 2021 15:09:52 GMT Content-Range bytes 1373528-1608715/3940668 Connection keep-alive Content-Length 235188 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780176 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	40ms 40ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www14.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:52 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H2	200	/ Show response www18.orvilleandrea.pro/pushredirect/	118 B 399 B	348ms 304ms	Document text/html	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www18.orvilleandrea.pro/pushredirect/?tmp=2&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Requested by Host: aphycolourses.info URL: https://aphycolourses.info/S0JWa2UwYCUcOj4wOklfaSoiHxU4eHlEEjw1Z19LJDAgAgknJzcFATknN0UVOS15CghmMiMYDWV1b11dc3Z4ARZ0MiMCAXZ2b1pVeHFuTQQnLjRWDT82JhhAeANzWSNucBABCi4uZFtUfHBmWl0hLTMHSzwrLhgMPyd4CAomZ2QtBDk2NU5XDTE1AwopKzFNCil%2FPh8ROzFzWCRucBBOVw01IRxUc2w5GRMiLjoOBCUmJA4EZTIkBEB5BCYeFiMwMw8MOSc1H0B5BHNYIz8vJk5WD3NzWVMlJyIcCjkpc1ghemdkXQwkMXNYIXtnZF0WIjYzTlYPIzINCTJnZF0GbnESWkB5dCYbDG5xEl9cenJlWF1ucGAbBiJnZS9TeHtmXVBycWNSQHl0Ik5WD3NgX1V9c2FcUX5nZF0BLjEiTlYPKiIfFThnZF5WCmdkXlcNZ2ReVw0oOQ4JeXJnXFd7c24BCi4ueBwMMzE%2FHwBlITkGQHl3ZC0EOTY1Tld%2BcBAYBiMtNAICbSE6CVgjNiIbFm5xF05XDWdkLRI8NWdTSyQwIAIJJyc3BQE5JzdFFTktc1kjOzclAxcuJj8ZACg2c1kjbnEQHwg7Z2UvV25wYAUAPzU5GQ5ucRJaQHl0PwQWbnESW0B5dCUCES5nZS8ELyQ6EkB5dDVOVg9zc1lTOzI%2FTlYPdm9aVXhxbk5XfTI1AkB4BmBYXHt0Y1JWfntzWVM%2FZ2UvVH12Zl1UfHViXkB5dDIOFj9nZS8NPzYmGEB5d2UqQHl3ZC1AeXdkLQ8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC9zWVB5BDcZEShnZF5XDTE1AwopKzFNBDggawMRPzIlTlYKZ2QtQHkEPAQAJ3BmWlJ5cmdTDyQnOkUSIjolAhEubDUECG5wEAoXPyFzWSM4IT4EByIldEdHOC8wSV96bnQfBCwdPw9HcWBhUlNzemJJSWkxIwk6IiZnSV9pdm9aVXhxbklJaTEjCToiJmRJX2kjZVgBfHs1W0guIzMNSH96ZF9IcyFvX0goJmRaBip7bw0GKXp0R0cqLjoJR3FgPh8ROzFsREohLTMHV3tzYVlVeno8BAAnbCECHTgrIg5LKC07RAQ5NjVEFigqOQkMLGB6SQopYGxJDT82JhhfZG0hHBJ6engEFz0rOgcAKiwyGQAqbCYZCmQyIxgNOScyAhcuISJEWj8vJlZUbSwzHxIkMD1WVG0rORhYe2QlAhEufzcPAyc7cAhYemQmGwx2dm9aVXhxbk0VKCtrXVZycmBeXHh3b00RdnNgX1V9c2FcUX5kMg4WP38%2BHxE7MXNYJG5wEE5XDSg5Dgl5cmdcV3tzbgEKLi54HAwzMT8fAGUhOQZAeQQ3GREoZ2QtFigqOQkMLGB6SQYnIHRRRyM2IhsWcW15HBI8c25FCjk0PwcJLiM4DxcuI3gbFyRtJh4WIzAzDww5JzUfSnQ2OxtYeWQ4DhE8LSQAWHpkPwQWdnJwGAw%2FJ2sKAS0uL00GdnNwGxUif2JSVHtxZVNDOyE%2FVlN4e2ZdUHJxY1JDP39nXVF7dGdcUn93cA8AODZrAxE%2FMiVOVgpnZC1AeQQ8BAAncGZaUnlyZ1MPJCc6RRIiOiUCES5sNQQIbnAQChc%2FIXNZIzghPgQHIiV0R0cqMTRJX2kqIh8VOHh5RA8kJzpZVXp1ZFtUcyg5DgllNT8TFiI2M0UGJC95Chc%2FIXkYBiMtNAICaT8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash 7e03eef7a7ddc74973f840359450653184927ef03b54773a3b773ac92d733f81 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www14.orvilleandrea.pro/ Response headers date Mon, 27 Dec 2021 15:09:53 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.27 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgtoG50X8q6adSrowrJXPcwwQyLaJlxeNFlCN9URM6%2BmSkbndsuQNunJYusX%2BKHaE2YGCGdMB8iy%2BuasyNGbFZrs%2FVZYAcF%2FmFhVGheLkfzdNPj4c6ojO516kbEbMc3OpH1Gs5nOPKcPCQGaqL3QjHebs2x3Vw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4378f57d793746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST		events prd-collector-anon.ex.co/main/	0 0
GET		track atrack.avplayer.com/	0 0
GET H2	200	/ Show response www64.orvilleandrea.pro/pushredirect/ Redirect Chain https://www14.orvilleandrea.pro/pushredirect/?network=1&site=adfly&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig	5 KB 3 KB	227ms 204ms	Document text/html	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash b83ef3b10a73a2ad803a4d87fb7bb6811ab8a712d04250aa2657d213e26aa31b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Mon, 27 Dec 2021 15:09:53 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.27 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwZlpCoxXoZPOHTBu3YhHU3uvjgj3ZC62kgrrwUigyd8wcC2KmL%2F4h8o2mQ24yrY4ER7uPz4qPDpquOJhFDreuDf%2FxokyxUjwlOTO2bCBE5AYox7cJ4Z0Q8peNTAV6BHtYXvSnvSkP%2BMACuWC01W6NWlwHAw0w%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4378f8ad4e3746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Mon, 27 Dec 2021 15:09:53 GMT content-type text/html; charset=UTF-8 location https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig x-powered-by PHP/7.3.27 cache-control no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVe6izh%2FtXzk%2B06fHG5kcxCl%2B3uEQvSZvih0r29UjFy1zkG2vuw46FiiqoOIfh8TANd3O3RTzUfK2Tacrb%2BFPTNcyGdn9PQ%2FG8Fpq%2F7lIlDFaXZNzH58HZJyCS1LxsMltV%2FbrxCXQpPQFcIX7yx1YBTNVhcvdA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4378f75e313742-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	163 KB 49 KB	186ms 185ms	Script text/plain	143.204.101.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-177.fra50.r.cloudfront.net Software / Resource Hash 620dcbe9d53dc2534151701c194d81c2ebded167ea9f57fb1a89ddeba93dafbf Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:53 GMT content-encoding gzip x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 49371 via 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront) x-amz-cf-id fQm3XEIsRHdKX7B0ialLre5S026QwaPtrcMCNasLK-SUWRe07kYEAw==
GET H3	200	logo.png www64.orvilleandrea.pro/static/image/	10 KB 11 KB	295ms 295ms	Image image/png	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www64.orvilleandrea.pro/static/image/logo.png Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10726 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag "29e6-5faa60e6-b22ed065d915c717;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TpdzkViJtBesp%2B3GRwqFcr9vR%2BF%2B24VXSvx3Eyxxl93RPuurxR4oWNLCtRy1peyyZfOVe253KIjtct%2BbCY3gq%2FF%2BxVDqYjbmfBb2PYNxkeD%2BRZI3LAosSYDMeJ6kE8YDxvT7xi0wxTt4S5o4PJoRMoiTTm0PQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 6c4378f9fcc03742-MXP expires Mon, 03 Jan 2022 15:09:53 GMT
GET H2	200	29773761-a0f0-48e4-9d54-9bdd01634f18 Show response player.ex.co/player/	723 KB 213 KB	21ms 20ms	Script application/javascript	151.101.66.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 170d59a33353d43779162b6b0fe39cfd663fb8ce934ee89922088e72bd817c72 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT content-encoding gzip age 9295 x-cache MISS, HIT access-control-max-age 600 content-length 217876 x-served-by cache-iad-kjyo7100082-IAD, cache-cdg20744-CDG access-control-allow-origin * server nginx x-timer S1640617794.584851,VS0,VE0 etag W/"b4d93-mpe8//W6Jx9tAEN7UnIz9j/X/9w" vary Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player access-control-allow-methods GET, POST, PUT, DELETE content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control no-cache accept-ranges bytes access-control-allow-headers Accept, Authorization, Content-Type x-cache-hits 0, 2
GET H3	200	am-push.796884.js Show response www64.orvilleandrea.pro/	93 KB 37 KB	460ms 459ms	Script application/x-javascript	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www64.orvilleandrea.pro/am-push.796884.js?puid=4910338&allb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig&ob=https%3A%2F%2Fwww25.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&clb=https%3A%2F%2Fwww25.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&asb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b9191f2cd7c6a9cca2907f04717014b91b655c4345169882578bfeffa4bc185 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:54 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 10 Nov 2020 09:44:06 GMT server cloudflare etag W/"175a3-5faa60e6-d0a378b53381f2bf;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvh%2BPr6vtYpQnfmVj8BkVZYLuM5LFyZwt6K4gSBdIh2MkUSNOfFbLW2oOUVdnZyIj9KFw24iIVjijlE8Tb9Furm%2BBjjeiRCSNEPB6DdqxYFlzX4UwxBf2O1epqRqoYOabJsHvyv5MXDE64stbvT01SWXHiwJqg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 6c4378f9fcc63742-MXP expires Mon, 03 Jan 2022 15:09:53 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 142 B	102ms 102ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www64.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:53 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H3	200	/ Show response freychang.fun/	16 B 678 B	299ms 226ms	Fetch text/plain	2606:4700:3030::6815:2dcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://freychang.fun/ Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:2dcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f289d604bf0231de8a0656098f013b40ce26e3845977c57885695021ddab7631 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:54 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET content-type text/plain access-control-allow-origin https://www64.orvilleandrea.pro report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q73QsATdu8dd6igCfFHuLaiOqqLBdNShx4bv0ljaghYI8mOcRrjU7Ua0%2FdAaeGVL51zwhz7MkJ7qfkYXEdXI0bfJmupDwaso6A8pOIkr%2F1jwb9E1VAlRBgo2tDYh4creBKw3jDST08Hbf7QM"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 6c4378fbcb670f66-MXP access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	204	utx Show response nitytostaraca.com/	0 496 B	119ms 119ms	XHR text/plain	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/utx?cb=v2aJC7BP4azu&top=www64.orvilleandrea.pro&tid=824473 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:53 GMT via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www64.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id we3mQjz3x9ratAErQDOdYeTxrOPt31RQAV6IEfHJQzd5p1lsPn3uEw==
GET H2	200	IRU0AwxOdikXBTAKMQMHPgtePSMiAl4VIRkqKhQrMCUuF1AwLz8kB0UCNQAPTzE8ZyAsCCIEFCc7UmIsHCgFFDIddys+LBMJMjEcMztSYyhEMAcAHC9mVBApHjc8NzEnEjc+PE4gVAQuMwcVc1QwDCQYPjk6MCw0JyQPHwg4BSUeVxsmIzUCEDs0LDQnJFEGHB4BI... Show response nitytostaraca.com/ZnZDZlYHFCALaQdLIUAjFBp+Q2QgU3EgMgVDKF4wAUMqCTVeBW0FOgkDJwAkCRg3SDgDAmZUEDMSOQ4bMBoaMwAfPzQHBygkCCEiEyQSHmI/ Frame EAAC	3 KB 2 KB	118ms 118ms	Document text/html	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/ZnZDZlYHFCALaQdLIUAjFBp+Q2QgU3EgMgVDKF4wAUMqCTVeBW0FOgkDJwAkCRg3SDgDAmZUEDMSOQ4bMBoaMwAfPzQHBygkCCEiEyQSHmI/IRU0AwxOdikXBTAKMQMHPgtePSMiAl4VIRkqKhQrMCUuF1AwLz8kB0UCNQAPTzE8ZyAsCCIEFCc7UmIsHCgFFDIddys+LBMJMjEcMztSYyhEMAcAHC9mVBApHjc8NzEnEjc+PE4gVAQuMwcVc1QwDCQYPjk6MCw0JyQPHwg4BSUeVxsmIzUCEDs0LDQnJFEGHB4BIhEKGgUgHy0QAFMxNw4FFgwhLxQ1EksBdSshJBIPDGZDRAUnLldTcSQTITgGImQsGhogHy0QC1JvLkY0DhkIOAUDZAodGQ4iNDw5KCw0JyQUGxwjIDBkMAwZIzIEPAA3YyEachYMJDQMIjssGyYjGykTLixiMhE3FgwhLwYxBQlFCSRiAhArJDw0N3oPDDE0ETIOI1ApFTkIBn4LZSodBA4RAD1z Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash b3ef199e31e083e78df5257183d5ec7df0e546255be96ba13ae646a7e2e7d2eb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ Response headers content-type text/html content-length 1228 date Mon, 27 Dec 2021 15:09:53 GMT server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" content-encoding gzip accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-cache Miss from cloudfront via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amz-cf-id z6JfULCAZqzRU9mx-a8dF4IFyQQHSV_aVO13UrUfsIaYdhkQB-a_Cw==
GET H3	204	YCAzCVd+Zm5ZXXVyKgQOe2doSxkyNS4YGXtlfAQEIDtnSxx7ZHRVRHB6a0sfe2V8GRonM2dcTDYgLgFXd2JuXVx3Y21UWXFtag ellentmatchwi.com/VFptakZ7ZQ4ZewFrIycTLgwcCygkKywHHDk8KhkHDjcnT3QSOwo/	0 522 B	160ms 160ms	Image text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/VFptakZ7ZQ4ZewFrIycTLgwcCygkKywHHDk8KhkHDjcnT3QSOwo/YCAzCVd+Zm5ZXXVyKgQOe2doSxkyNS4YGXtlfAQEIDtnSxx7ZHRVRHB6a0sfe2V8GRonM2dcTDYgLgFXd2JuXVx3Y21UWXFtag Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K1AmFsK3RT%2F%2FTlE4PnPsZieI2WNTZ%2FdRiDK1zgRmlcfKL%2BaHej9Fwq4tFm2yFVy71QABfiEUJ%2Fmy4pYsfS%2FfxVG0Uf8OphVJCNk%2F%2BmkERcD4Ai9eqqmiLaLyiFg6uTxHzodAicwoiVFDLgIJiYHBg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378fb5843839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	204	ZGZtZWhLWQ4WVTUNVCwJChZaAQZRMjk9DFIDKy84AFVYUj1UCUsRAQBbVVdcUFFeQxgNAlBWWkIVGQQcERVQV1hUUUsMBgIJUFdOEltdS1BKUENUThFbXEMcFAcKWFlCFhkRBFlXW1FYUldaUlFXUVRV ellentmatchwi.com/	0 513 B	175ms 175ms	Image text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/ZGZtZWhLWQ4WVTUNVCwJChZaAQZRMjk9DFIDKy84AFVYUj1UCUsRAQBbVVdcUFFeQxgNAlBWWkIVGQQcERVQV1hUUUsMBgIJUFdOEltdS1BKUENUThFbXEMcFAcKWFlCFhkRBFlXW1FYUldaUlFXUVRV Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRmLJWYVAraQYdRsIDqYKe48lox9Rei6l9skerZSi9u4j%2Fp51EfbA19ym57POFIiSi5mOrt6KFt8jG1ej1uErktkoqwHdcHM1NNbNRcM0HOzkRBpv2qgUslrR8gfE992BO63nDX%2FOOrQUOKJXwwLpA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378fb5844839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H3	200	css2 fonts.googleapis.com/	2 KB 549 B	74ms 37ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto&display=swap Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 27 Dec 2021 14:22:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 27 Dec 2021 15:09:53 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Dec 2021 15:09:53 GMT
GET H2	200	hls.min.js Show response player.avplayer.com/script/2/2.55/libs/	247 KB 71 KB	36ms 36ms	Script application/javascript	2a02:26f0:6c00::210:bb91 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://player.avplayer.com/script/2/2.55/libs/hls.min.js Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT content-encoding gzip x-guploader-uploadid ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 71831 last-modified Sun, 10 Jan 2021 14:52:52 GMT server UploadServer etag "7888b98658e8cef4a98786556ccdab66" vary Accept-Encoding x-goog-hash crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg== content-language en x-goog-generation 1610290372874389 cache-control public, max-age=300 x-goog-stored-content-length 71831 accept-ranges bytes content-type application/javascript expires Mon, 27 Dec 2021 15:14:53 GMT
GET DATA	200 OK	truncated /	216 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	385 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	237 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	238 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	411 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	240 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 142 B	101ms 101ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www64.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:53 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	200	track atrack.avplayer.com/	0 70 B	99ms 99ms	Image text/plain	3.92.149.62 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1640617793822&cid=61c1a028f359cd68f50bba5f&VERSION=4.111.2&AV_PAGE_LOAD_UID=9607888a-b72e-4db5-94e0-69581daae2a6&AV_CDIM4=9607888a-b72e-4db5-94e0-69581daae2a6&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.92.149.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-92-149-62.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:53 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/sp_hd/v1490095101/	1 KB 2 KB	37ms 37ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 4f73f471d4c1a2219cd0236067fa41e835bae3d2887b2a79fd0f6a108c615477 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:53 GMT Last-Modified Fri, 21 May 2021 21:59:47 GMT Server cloudinary X-Timer S1638938754.313169,VS0,VE1 ETag "6cbef256485867468e68a983638ffdf4" X-Served-By cache-wdc5555-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=29878570 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 1128 X-Cache-Hits 1
GET H2	200	Ax1+EGNED2JlYFIKfH49H0whOnNFe2lkZhtRJzNzRQgrMzUcV2VzZEdbJCQ5Gl1pZBBODmJmeEMOemJ4TgtpZGYEWSo3JB4dfhBjRA9iZWBRTXE Show response dc5k8fg5ioc8s.cloudfront.net/UdzhMVlYUVyIwaQNRKGtuRQx4YWVRUj85OAcFIWUaHH8kETA8CGoiLBMFfHA6FlYra3ASVi9rZ1FZKDRrQx44JjkcBTk4MhJeJTgzEx45N2saVzY/OhtZaWQQQhZ8c2RHEDs/OBNXOyVzRQgiInNFCH1meEcdfxRzRQg7Pzh... Frame EAAC	418 B 614 B	176ms 176ms	Script text/plain	143.204.101.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/UdzhMVlYUVyIwaQNRKGtuRQx4YWVRUj85OAcFIWUaHH8kETA8CGoiLBMFfHA6FlYra3ASVi9rZ1FZKDRrQx44JjkcBTk4MhJeJTgzEx45N2saVzY/OhtZaWQQQhZ8c2RHEDs/OBNXOyVzRQgiInNFCH1meEcdfxRzRQg7PzhBDGllFFIKfC5gQxFpZGYWSD-w6MwBdLj0/Ax1+EGNED2JlYFIKfH49H0whOnNFe2lkZhtRJzNzRQgrMzUcV2VzZEdbJCQ5Gl1pZBBODmJmeEMOemJ4TgtpZGYEWSo3JB4dfhBjRA9iZWBRTXE Requested by Host: nitytostaraca.com URL: https://nitytostaraca.com/ZnZDZlYHFCALaQdLIUAjFBp+Q2QgU3EgMgVDKF4wAUMqCTVeBW0FOgkDJwAkCRg3SDgDAmZUEDMSOQ4bMBoaMwAfPzQHBygkCCEiEyQSHmI/IRU0AwxOdikXBTAKMQMHPgtePSMiAl4VIRkqKhQrMCUuF1AwLz8kB0UCNQAPTzE8ZyAsCCIEFCc7UmIsHCgFFDIddys+LBMJMjEcMztSYyhEMAcAHC9mVBApHjc8NzEnEjc+PE4gVAQuMwcVc1QwDCQYPjk6MCw0JyQPHwg4BSUeVxsmIzUCEDs0LDQnJFEGHB4BIhEKGgUgHy0QAFMxNw4FFgwhLxQ1EksBdSshJBIPDGZDRAUnLldTcSQTITgGImQsGhogHy0QC1JvLkY0DhkIOAUDZAodGQ4iNDw5KCw0JyQUGxwjIDBkMAwZIzIEPAA3YyEachYMJDQMIjssGyYjGykTLixiMhE3FgwhLwYxBQlFCSRiAhArJDw0N3oPDDE0ETIOI1ApFTkIBn4LZSodBA4RAD1z Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-177.fra50.r.cloudfront.net Software / Resource Hash 25918d8519892d8fac327acc061a2081e5db5d932d54ee573c814958cd13a1ec Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://nitytostaraca.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 27 Dec 2021 15:09:54 GMT content-encoding gzip x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 337 via 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront) x-amz-cf-id uYWzuEERJxYYji64DK99We4CVkVDlBb3q6ulsV7dGNXd2gfJundcHA==
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/	2 KB 3 KB	37ms 37ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 35a5954c8c68b9d6cfbde8f0ace5c3e0afadda08b586c266a86d3de9e9979d33 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:53 GMT Cache-Tag 187021853812349393190411544939923659149,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Connection keep-alive Content-Length 2125 X-Served-By cache-wdc5575-WDC Last-Modified Fri, 21 May 2021 21:59:18 GMT Server cloudinary X-Timer S1638939286.498159,VS0,VE1 ETag "14ef4e2f8c5f43b519f526e19ac87a7c" Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=29879031 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 1
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/ Frame	0 0	53ms 52ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:53 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/	103 KB 103 KB	41ms 41ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash f2e3cac4e7023545ee7030762515ff912bb3b097742c9dc96bd2bdb247903d91 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-105091 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Cache-Tag 187021853812349393190411544939923659149,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31 Content-Range bytes 0-105091/1892784 Connection keep-alive Content-Length 105092 X-Served-By cache-wdc5557-WDC Last-Modified Fri, 21 May 2021 21:59:18 GMT Server cloudinary X-Timer S1638939287.001250,VS0,VE157 ETag "30bfb8d7ea3884b72671bc8ef06e0043" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=29879066 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET BLOB	200 OK	2b6c7de3-d313-4595-b21f-22a54e4e8db3 https://www64.orvilleandrea.pro/	63 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www64.orvilleandrea.pro/2b6c7de3-d313-4595-b21f-22a54e4e8db3 Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Length 64352 Content-Type text/javascript
GET H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	2 KB 3 KB	37ms 36ms	XHR application/x-mpegurl	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.m3u8 Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 55336a505d2134a5671227513bcdda58b14b156eb969c610d1ba7aea0f523b18 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.811856,VS0,VE1 ETag "334d302654ffa65882462de2f346cb06" X-Served-By cache-wdc5546-WDC Content-Type application/x-mpegURL Access-Control-Allow-Origin * Cache-Control public, max-age=19780171 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With Content-Length 2138 X-Cache-Hits 1
GET H2	200	TldLUUo1dTgmFTslJ3NwbD8%2FJTo9bWR%2BPTkgfWVkISU9OCYiMio%2FLjwyKn86PDhkMCdjJz4iImBgcmdydmNlOzlxJz44LnNjcmB6fWRzdysiOylsIjojOyJvfRZuYwxrZQ07JSs7eWF7eWV7YHIkOC49ZDk%2BMyIjOjJlMiUjcnkXKzwjKHR4CCQoOSUsP... Show response aphycolourses.info/	58 KB 24 KB	117ms 117ms	Script application/javascript	107.22.28.167 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://aphycolourses.info/TldLUUo1dTgmFTslJ3NwbD8%2FJTo9bWR%2BPTkgfWVkISU9OCYiMio%2FLjwyKn86PDhkMCdjJz4iImBgcmdydmNlOzlxJz44LnNjcmB6fWRzdysiOylsIjojOyJvfRZuYwxrZQ07JSs7eWF7eWV7YHIkOC49ZDk%2BMyIjOjJlMiUjcnkXKzwjKHR4CCQoOSUsPix3JSxqIyU%2BPiRuYgtrZQ10eAggPCZ4e3kkIzwnOyc0KyAzOTQrYCc5Pm98ETskOSYlLjUjPDIoJW98EW5iDDo6O3R5CmZuY3wgMj8mJTw8bmIOf3J5ZyMhJG5iDn5yeWc5JyMudHkKNi83JjdyeWcpa2QPY298YTshI2tkD2Vzf2d4YnJrZX0hKSdyeBV8fW57Z393ZH5ob3xhP3R5CmZ9ZXp4ZnxmfntyeWcuKyQ%2FdHkKPz8lOj1yeWR5D3J5ZHgIcnlkeAg9JDQmfGd6Znh%2BZnM7JSs7ZSYjNiQiJS9gNCQ8b3xieRcrPCModHh7ZQ0iKSY4KTgtaDQnM3cmIz8hOWtkCnR4CHJ5Fz05IHlkZCElPTgmIjIqPy48Mip%2FOjw4bmMMPiI4OTgrMyIjLy0jbmMMa2QNJSc%2BcngVeGtlfT8vOiAkIyFrZA9gb3xhIj45a2QPYW98YTg4PityeBUrKjEnKG98YSh0eQplbmN8PicidHkKY3Jgen1kc3R4eCcoOG99E31ic35hfmh5e25uY3w6cngVe3hje2d7eWB%2FZG98YS80OTpyeBUiOiM7Im98YngQb3xieRdvfGJ5FyAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpuY398ESojPi1yeWR4CCQoOSUsPix3Kz01djk%2BOic4dHkPcnkXb3wRIT4vImV7YH18Z3ppICEyJ389Jy84OD4reSg%2BJ2tlDTA4OjRuYww9NCM%2BKCcwaX1oPTotc3B%2Fe2klKykIIjVodHV8aHx2b39zZmwkPjMVJzN6c3BsY3Jgen1kc3NmbCQ%2BMxUnM3lzcGw2eGIueW4oYWcrNi43Z3pveWVndjRyZWctM3lgKS9ucjcpLG9pfWgvOyczaHR1IyU%2BPiRxfmUkOC49eH5mfGN6f28hPi8ieTw4Mj0%2BPzRkLTgmfis8Iyh%2BOS0%2FJDMjKXVncyUsdXFzIjojOyJwYXg8Jj18YmU%2BODg%2BJz0vLzkvIy8veTsjJWEnPiIiPDIvODgrND9%2BdTo6O2x7aDkuJT0hJSBse2g%2BJCJ3fnE4OD4raio1LCIubTJ3fHE7ISNzY3Jgen1kc3c6LT52Z3l3Z31kc31icnc%2Bc2Z9ZXp4ZnxmfntxLzQ5OmojJT4%2BJG5iC2tlDXR4CD0kNCZ8Z3pmeH5mczslKztlJiM2JCIlL2A0JDxvfBEqIz4tcnkXOS0%2FJDMjKXVncykiNWlraCYjPyE5dHhkJj05ZX5%2FJTwhIj0mKzYlNTgrNmUhOCF4OyQ5JiUuNSM8MiglZXEjJiF3fHElND45ODk6d39xIj45c2dtIiM6MnYwLig7Mncpc2VtITonan9oe35keGlsPjQibHx9bntnf3dkfmhsOmp6Z35%2BYXpmfXpibTUvPSN2OT46Jzh0eQ9yeRdvfBEhPi8iZXtgfXxnemkgITInfz0nLzg4Pit5KD4na2UNMDg6NG5jDD00Iz4oJzBpfWgvJClzcGw%2FPyU6PW1kfiAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpkMDg6NGQiKSY4KTgtbCo Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/am-push.796884.js?puid=4910338&allb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig&ob=https%3A%2F%2Fwww25.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&clb=https%3A%2F%2Fwww25.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D2%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D2%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&asb=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.22.28.167 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-22-28-167.compute-1.amazonaws.com Software / Express Resource Hash d32b3c41aa88a270a17219788ec1d488605739c0ccc47560e1f74111e7837402 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-encoding gzip etag W/"e6e8-ECTo0m3d6wf+2ql2zg2cQKfBvG4" x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, POST content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With,content-type
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	208 KB 209 KB	38ms 38ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 511bec0c7b5a5fba00bc04f9187c858e22470a727ed8030cf0cbd8a4beab8705 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0-213379 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 0-213379/3940668 Connection keep-alive Content-Length 213380 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 37ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H3	200	popunder.gif ellentmatchwi.com/	35 B 640 B	54ms 53ms	Image image/gif	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ellentmatchwi.com/popunder.gif Requested by Host: www64.orvilleandrea.pro URL: https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma public date Mon, 27 Dec 2021 15:09:54 GMT cf-cache-status HIT last-modified Fri, 24 Dec 2021 20:58:23 GMT server cloudflare age 238291 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgTRLo%2BGdeosJLzjoy5Su%2B9EfLS96NVBo0JaVvxZD5Oobe5ELBVMNWcvbzcKwINLsdAhDTO6dF%2B2s%2BtjutozdPovsOeRcCVvN1%2BW2pLTp%2BnADdecIzOwOLqETgDncE5k08w3PnXIfpDkRWsXdStP2Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6c4378fddf42839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	204	GkcWcSAeFENPOAkkNQQpOzMZZiIeOyJgI3YFGlNHaENHA01jVwNeHm1CQREJJBAHQgltQ0MHTXYYHVEVbUNVQUdgX0sZTH5AVUJHYUBDB01mQkEFSmRJQQJKYlcHRxs3TEIRCiQFHwpLZkVDAUtnRkoDSGVC ellentmatchwi.com/N3pQcXMYRTMCTlM/	0 518 B	154ms 154ms	Ping text/plain	2606:4700:3031::ac43:d4ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ellentmatchwi.com/N3pQcXMYRTMCTlM/GkcWcSAeFENPOAkkNQQpOzMZZiIeOyJgI3YFGlNHaENHA01jVwNeHm1CQREJJBAHQgltQ0MHTXYYHVEVbUNVQUdgX0sZTH5AVUJHYUBDB01mQkEFSmRJQQJKYlcHRxs3TEIRCiQFHwpLZkVDAUtnRkoDSGVC Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d4ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Dec 2021 15:09:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hrtfM77Mygfc46F0idFmmjHy2oqreFQzHXBl%2B00G1uLg1uA6Z6l24%2B6QXj1gGESj7HxS%2Be18REb3B4VvN1o5aD9vFN136ewjyD7%2FxFe4vaYoUzGJIROz2NQX3X46yYaUo%2FPxa0wIQh27WjDDRfIuA%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 6c4378fe2833839d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	floater Show response nitytostaraca.com/	2 KB 2 KB	605ms 605ms	XHR text/plain	18.66.112.42 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nitytostaraca.com/floater?cs=OVhBZHIAYXddRQxtcVxHDGlyXUI&abt=0&red=1&sm=83&k=&v=0.8.6.1&sts=0&prn=0&emb=0&tid=824473&u=1100763220482502&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fwww64.orvilleandrea.pro%2Fpushredirect%2F%3Ftmp%3D1%26network%3D1%26ios%3D0%26site%3Dadfly%26c%3D1%26ppi%3D4910338%26pci%3D6390659359%26t%3D1640617745%26dest%3Dhttps%253A%252F%252Fjoel20172018joel.wixsite.com%252Fartc%252Fschobig&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F96.0.4664.93%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_4SCs=1640617794254&crc=1 Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=824473 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.42 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-42.fra56.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash 8f2bebb482a8f4b49be75a533f38f5c1fae1a0680b2d54423c370cdafe422e2a Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:54 GMT content-encoding gzip server openresty/1.17.8.2 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www64.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version content-type text/plain content-length 1109 via 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront) x-amz-cf-id i6YP-Em7vBN05239po144bksk1NvXu_y1GROAoPlUAw6VDTy-HLz-g==
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	402 KB 403 KB	38ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash dee534382742ea1b99a5d32e375d2ec9f2468752594334318caf747ea0accb8f Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=213380-625287 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 213380-625287/3940668 Connection keep-alive Content-Length 411908 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 37ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336 Request headers Accept-Language fr-FR,fr;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	65ms 29ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www64.orvilleandrea.pro Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 22 Dec 2021 01:54:06 GMT x-content-type-options nosniff age 479748 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 22 Dec 2022 01:54:06 GMT
POST H2	200	events Show response prd-collector-anon.ex.co/main/	0 142 B	102ms 102ms	XHR text/plain	34.193.25.178 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prd-collector-anon.ex.co/main/events Requested by Host: player.ex.co URL: https://player.ex.co/player/29773761-a0f0-48e4-9d54-9bdd01634f18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.25.178 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-25-178.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www64.orvilleandrea.pro date Mon, 27 Dec 2021 15:09:54 GMT access-control-allow-credentials true content-length 0 vary Origin content-type text/plain; charset=utf-8
GET H2	204	utx Show response teassemblyju.xyz/	0 495 B	121ms 120ms	XHR text/plain	13.32.99.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://teassemblyju.xyz/utx?tid=796884&top=www64.orvilleandrea.pro&cb=RiIqsptxoGnf Requested by Host: aphycolourses.info URL: https://aphycolourses.info/TldLUUo1dTgmFTslJ3NwbD8%2FJTo9bWR%2BPTkgfWVkISU9OCYiMio%2FLjwyKn86PDhkMCdjJz4iImBgcmdydmNlOzlxJz44LnNjcmB6fWRzdysiOylsIjojOyJvfRZuYwxrZQ07JSs7eWF7eWV7YHIkOC49ZDk%2BMyIjOjJlMiUjcnkXKzwjKHR4CCQoOSUsPix3JSxqIyU%2BPiRuYgtrZQ10eAggPCZ4e3kkIzwnOyc0KyAzOTQrYCc5Pm98ETskOSYlLjUjPDIoJW98EW5iDDo6O3R5CmZuY3wgMj8mJTw8bmIOf3J5ZyMhJG5iDn5yeWc5JyMudHkKNi83JjdyeWcpa2QPY298YTshI2tkD2Vzf2d4YnJrZX0hKSdyeBV8fW57Z393ZH5ob3xhP3R5CmZ9ZXp4ZnxmfntyeWcuKyQ%2FdHkKPz8lOj1yeWR5D3J5ZHgIcnlkeAg9JDQmfGd6Znh%2BZnM7JSs7ZSYjNiQiJS9gNCQ8b3xieRcrPCModHh7ZQ0iKSY4KTgtaDQnM3cmIz8hOWtkCnR4CHJ5Fz05IHlkZCElPTgmIjIqPy48Mip%2FOjw4bmMMPiI4OTgrMyIjLy0jbmMMa2QNJSc%2BcngVeGtlfT8vOiAkIyFrZA9gb3xhIj45a2QPYW98YTg4PityeBUrKjEnKG98YSh0eQplbmN8PicidHkKY3Jgen1kc3R4eCcoOG99E31ic35hfmh5e25uY3w6cngVe3hje2d7eWB%2FZG98YS80OTpyeBUiOiM7Im98YngQb3xieRdvfGJ5FyAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpuY398ESojPi1yeWR4CCQoOSUsPix3Kz01djk%2BOic4dHkPcnkXb3wRIT4vImV7YH18Z3ppICEyJ389Jy84OD4reSg%2BJ2tlDTA4OjRuYww9NCM%2BKCcwaX1oPTotc3B%2Fe2klKykIIjVodHV8aHx2b39zZmwkPjMVJzN6c3BsY3Jgen1kc3NmbCQ%2BMxUnM3lzcGw2eGIueW4oYWcrNi43Z3pveWVndjRyZWctM3lgKS9ucjcpLG9pfWgvOyczaHR1IyU%2BPiRxfmUkOC49eH5mfGN6f28hPi8ieTw4Mj0%2BPzRkLTgmfis8Iyh%2BOS0%2FJDMjKXVncyUsdXFzIjojOyJwYXg8Jj18YmU%2BODg%2BJz0vLzkvIy8veTsjJWEnPiIiPDIvODgrND9%2BdTo6O2x7aDkuJT0hJSBse2g%2BJCJ3fnE4OD4raio1LCIubTJ3fHE7ISNzY3Jgen1kc3c6LT52Z3l3Z31kc31icnc%2Bc2Z9ZXp4ZnxmfntxLzQ5OmojJT4%2BJG5iC2tlDXR4CD0kNCZ8Z3pmeH5mczslKztlJiM2JCIlL2A0JDxvfBEqIz4tcnkXOS0%2FJDMjKXVncykiNWlraCYjPyE5dHhkJj05ZX5%2FJTwhIj0mKzYlNTgrNmUhOCF4OyQ5JiUuNSM8MiglZXEjJiF3fHElND45ODk6d39xIj45c2dtIiM6MnYwLig7Mncpc2VtITonan9oe35keGlsPjQibHx9bntnf3dkfmhsOmp6Z35%2BYXpmfXpibTUvPSN2OT46Jzh0eQ9yeRdvfBEhPi8iZXtgfXxnemkgITInfz0nLzg4Pit5KD4na2UNMDg6NG5jDD00Iz4oJzBpfWgvJClzcGw%2FPyU6PW1kfiAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpkMDg6NGQiKSY4KTgtbCo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-36.fra60.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 27 Dec 2021 15:09:54 GMT via 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://www64.orvilleandrea.pro cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version x-amz-cf-id r09dzMNFlG3q1okgpseeW9Dp3HRKUsoOTtjZVhI2OuF22ER3thTQ5g==
POST H2	200	/ Show response dliketobepart.work/	0 36 B	99ms 98ms	XHR text/plain	44.195.137.121 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dliketobepart.work/ Requested by Host: aphycolourses.info URL: https://aphycolourses.info/TldLUUo1dTgmFTslJ3NwbD8%2FJTo9bWR%2BPTkgfWVkISU9OCYiMio%2FLjwyKn86PDhkMCdjJz4iImBgcmdydmNlOzlxJz44LnNjcmB6fWRzdysiOylsIjojOyJvfRZuYwxrZQ07JSs7eWF7eWV7YHIkOC49ZDk%2BMyIjOjJlMiUjcnkXKzwjKHR4CCQoOSUsPix3JSxqIyU%2BPiRuYgtrZQ10eAggPCZ4e3kkIzwnOyc0KyAzOTQrYCc5Pm98ETskOSYlLjUjPDIoJW98EW5iDDo6O3R5CmZuY3wgMj8mJTw8bmIOf3J5ZyMhJG5iDn5yeWc5JyMudHkKNi83JjdyeWcpa2QPY298YTshI2tkD2Vzf2d4YnJrZX0hKSdyeBV8fW57Z393ZH5ob3xhP3R5CmZ9ZXp4ZnxmfntyeWcuKyQ%2FdHkKPz8lOj1yeWR5D3J5ZHgIcnlkeAg9JDQmfGd6Znh%2BZnM7JSs7ZSYjNiQiJS9gNCQ8b3xieRcrPCModHh7ZQ0iKSY4KTgtaDQnM3cmIz8hOWtkCnR4CHJ5Fz05IHlkZCElPTgmIjIqPy48Mip%2FOjw4bmMMPiI4OTgrMyIjLy0jbmMMa2QNJSc%2BcngVeGtlfT8vOiAkIyFrZA9gb3xhIj45a2QPYW98YTg4PityeBUrKjEnKG98YSh0eQplbmN8PicidHkKY3Jgen1kc3R4eCcoOG99E31ic35hfmh5e25uY3w6cngVe3hje2d7eWB%2FZG98YS80OTpyeBUiOiM7Im98YngQb3xieRdvfGJ5FyAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpuY398ESojPi1yeWR4CCQoOSUsPix3Kz01djk%2BOic4dHkPcnkXb3wRIT4vImV7YH18Z3ppICEyJ389Jy84OD4reSg%2BJ2tlDTA4OjRuYww9NCM%2BKCcwaX1oPTotc3B%2Fe2klKykIIjVodHV8aHx2b39zZmwkPjMVJzN6c3BsY3Jgen1kc3NmbCQ%2BMxUnM3lzcGw2eGIueW4oYWcrNi43Z3pveWVndjRyZWctM3lgKS9ucjcpLG9pfWgvOyczaHR1IyU%2BPiRxfmUkOC49eH5mfGN6f28hPi8ieTw4Mj0%2BPzRkLTgmfis8Iyh%2BOS0%2FJDMjKXVncyUsdXFzIjojOyJwYXg8Jj18YmU%2BODg%2BJz0vLzkvIy8veTsjJWEnPiIiPDIvODgrND9%2BdTo6O2x7aDkuJT0hJSBse2g%2BJCJ3fnE4OD4raio1LCIubTJ3fHE7ISNzY3Jgen1kc3c6LT52Z3l3Z31kc31icnc%2Bc2Z9ZXp4ZnxmfntxLzQ5OmojJT4%2BJG5iC2tlDXR4CD0kNCZ8Z3pmeH5mczslKztlJiM2JCIlL2A0JDxvfBEqIz4tcnkXOS0%2FJDMjKXVncykiNWlraCYjPyE5dHhkJj05ZX5%2FJTwhIj0mKzYlNTgrNmUhOCF4OyQ5JiUuNSM8MiglZXEjJiF3fHElND45ODk6d39xIj45c2dtIiM6MnYwLig7Mncpc2VtITonan9oe35keGlsPjQibHx9bntnf3dkfmhsOmp6Z35%2BYXpmfXpibTUvPSN2OT46Jzh0eQ9yeRdvfBEhPi8iZXtgfXxnemkgITInfz0nLzg4Pit5KD4na2UNMDg6NG5jDD00Iz4oJzBpfWgvJClzcGw%2FPyU6PW1kfiAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpkMDg6NGQiKSY4KTgtbCo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-195-137-121.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-length 0
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	377 KB 377 KB	37ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 462b88c8af72c17883ac80b8a32f57205463470ca8ba819b8320ffb09200a28e Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=625288-1011063 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 625288-1011063/3940668 Connection keep-alive Content-Length 385776 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 37ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	190 KB 191 KB	38ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 87d82653f64deb80bc92b76ab2bd1c656d3b3e4d4a343b6b3a1da64705381af6 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1011064-1206019 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 1011064-1206019/3940668 Connection keep-alive Content-Length 194956 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	37ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	164 KB 164 KB	37ms 37ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash 18d6b6795c6a46dca62c03f9b1f3dcc8bef131fcaadf46be7900a3a95909e03a Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1206020-1373527 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 1206020-1373527/3940668 Connection keep-alive Content-Length 167508 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
GET H/1.1	206 Partial Content	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Show response mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/	230 KB 230 KB	53ms 52ms	XHR video/mp2t	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Requested by Host: player.avplayer.com URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software cloudinary / Resource Hash bf8255f5fb500d25ac3b702b1ade886e1a83a8147f3db73ce46a8aef38b957d9 Request headers Referer https://www64.orvilleandrea.pro/ Accept-Language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=1373528-1608715 Response headers Date Mon, 27 Dec 2021 15:09:54 GMT Content-Range bytes 1373528-1608715/3940668 Connection keep-alive Content-Length 235188 X-Served-By cache-wdc5546-WDC Last-Modified Fri, 21 May 2021 21:59:29 GMT Server cloudinary X-Timer S1628840299.024875,VS0,VE155 ETag "4d7f2d2dee47f2e10c8fcb30b6d27b39" Content-Type video/mp2t Access-Control-Allow-Origin * Cache-Control public, max-age=19780174 Accept-Ranges bytes Timing-Allow-Origin * Access-Control-Allow-Headers X-Requested-With X-Cache-Hits 0
OPTIONS H/1.1	200 OK	landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/ Frame	0 0	36ms 36ms	Preflight text/html	2.16.186.139 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1576677449/landscape9026996a-1c84-4c61-af39-12af95be0269_1576677187355.ts Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-139.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers range Origin https://www64.orvilleandrea.pro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Sec-Fetch-Mode cors Response headers Content-Type text/html Content-Length 13 Date Mon, 27 Dec 2021 15:09:54 GMT Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, HEAD, OPTIONS Access-Control-Allow-Headers Range
GET H2	200	Primary Request / Show response www25.orvilleandrea.pro/pushredirect/	118 B 397 B	332ms 318ms	Document text/html	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www25.orvilleandrea.pro/pushredirect/?tmp=2&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Requested by Host: aphycolourses.info URL: https://aphycolourses.info/TldLUUo1dTgmFTslJ3NwbD8%2FJTo9bWR%2BPTkgfWVkISU9OCYiMio%2FLjwyKn86PDhkMCdjJz4iImBgcmdydmNlOzlxJz44LnNjcmB6fWRzdysiOylsIjojOyJvfRZuYwxrZQ07JSs7eWF7eWV7YHIkOC49ZDk%2BMyIjOjJlMiUjcnkXKzwjKHR4CCQoOSUsPix3JSxqIyU%2BPiRuYgtrZQ10eAggPCZ4e3kkIzwnOyc0KyAzOTQrYCc5Pm98ETskOSYlLjUjPDIoJW98EW5iDDo6O3R5CmZuY3wgMj8mJTw8bmIOf3J5ZyMhJG5iDn5yeWc5JyMudHkKNi83JjdyeWcpa2QPY298YTshI2tkD2Vzf2d4YnJrZX0hKSdyeBV8fW57Z393ZH5ob3xhP3R5CmZ9ZXp4ZnxmfntyeWcuKyQ%2FdHkKPz8lOj1yeWR5D3J5ZHgIcnlkeAg9JDQmfGd6Znh%2BZnM7JSs7ZSYjNiQiJS9gNCQ8b3xieRcrPCModHh7ZQ0iKSY4KTgtaDQnM3cmIz8hOWtkCnR4CHJ5Fz05IHlkZCElPTgmIjIqPy48Mip%2FOjw4bmMMPiI4OTgrMyIjLy0jbmMMa2QNJSc%2BcngVeGtlfT8vOiAkIyFrZA9gb3xhIj45a2QPYW98YTg4PityeBUrKjEnKG98YSh0eQplbmN8PicidHkKY3Jgen1kc3R4eCcoOG99E31ic35hfmh5e25uY3w6cngVe3hje2d7eWB%2FZG98YS80OTpyeBUiOiM7Im98YngQb3xieRdvfGJ5FyAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpuY398ESojPi1yeWR4CCQoOSUsPix3Kz01djk%2BOic4dHkPcnkXb3wRIT4vImV7YH18Z3ppICEyJ389Jy84OD4reSg%2BJ2tlDTA4OjRuYww9NCM%2BKCcwaX1oPTotc3B%2Fe2klKykIIjVodHV8aHx2b39zZmwkPjMVJzN6c3BsY3Jgen1kc3NmbCQ%2BMxUnM3lzcGw2eGIueW4oYWcrNi43Z3pveWVndjRyZWctM3lgKS9ucjcpLG9pfWgvOyczaHR1IyU%2BPiRxfmUkOC49eH5mfGN6f28hPi8ieTw4Mj0%2BPzRkLTgmfis8Iyh%2BOS0%2FJDMjKXVncyUsdXFzIjojOyJwYXg8Jj18YmU%2BODg%2BJz0vLzkvIy8veTsjJWEnPiIiPDIvODgrND9%2BdTo6O2x7aDkuJT0hJSBse2g%2BJCJ3fnE4OD4raio1LCIubTJ3fHE7ISNzY3Jgen1kc3c6LT52Z3l3Z31kc31icnc%2Bc2Z9ZXp4ZnxmfntxLzQ5OmojJT4%2BJG5iC2tlDXR4CD0kNCZ8Z3pmeH5mczslKztlJiM2JCIlL2A0JDxvfBEqIz4tcnkXOS0%2FJDMjKXVncykiNWlraCYjPyE5dHhkJj05ZX5%2FJTwhIj0mKzYlNTgrNmUhOCF4OyQ5JiUuNSM8MiglZXEjJiF3fHElND45ODk6d39xIj45c2dtIiM6MnYwLig7Mncpc2VtITonan9oe35keGlsPjQibHx9bntnf3dkfmhsOmp6Z35%2BYXpmfXpibTUvPSN2OT46Jzh0eQ9yeRdvfBEhPi8iZXtgfXxnemkgITInfz0nLzg4Pit5KD4na2UNMDg6NG5jDD00Iz4oJzBpfWgvJClzcGw%2FPyU6PW1kfiAhMidjen9geWF7dj0kNCZgICIpOScjLn8pITpkMDg6NGQiKSY4KTgtbCo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash 7e03eef7a7ddc74973f840359450653184927ef03b54773a3b773ac92d733f81 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://www64.orvilleandrea.pro/ Response headers date Mon, 27 Dec 2021 15:09:55 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.27 vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUU9xFmcyqRD6gbrQLIIC0Nt0Dho8KGvtMQ0j4NJ8NCCtsK%2BQOyN%2FJQzARwxBhDGoJtDtLdstalGZMxB4%2Fkc81AETHsRH8nBaEaeaydhTcypC7sh3zmWoy1l0KTScOMQVN3snTI7aX4VnjzHXuWhhub%2F8dYNJg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c43790378303746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	/ www77.orvilleandrea.pro/pushredirect/ Redirect Chain https://www64.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=1&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig https://www77.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig	0 0	418ms 304ms	Document text/html	2606:4700:3032::ac43:abb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www77.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:abb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.27 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Mon, 27 Dec 2021 15:09:56 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.27 cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmdhvOFpvq0MrvaKtZNj%2F0DV1IM8vw%2BQDagdn%2B%2FUfOlE1qVV%2FQsELH0MEcg7YgZnZoCBC7GzgH38BdXdJJq7qZ703ffT3xYjdTHNMDslahFYPJLo%2Fi3Apq28S6bnxmnuRSwODex801GMOOFyLOzcs6R9DtkdQA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4379081b563746-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Redirect headers date Mon, 27 Dec 2021 15:09:55 GMT content-type text/html; charset=UTF-8 location https://www77.orvilleandrea.pro/pushredirect/?tmp=1&network=1&ios=0&site=adfly&c=2&ppi=4910338&pci=6390659359&t=1640617745&dest=https%3A%2F%2Fjoel20172018joel.wixsite.com%2Fartc%2Fschobig x-powered-by PHP/7.3.27 cache-control no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukkBtRIbFqCr2al0w2yYKH%2FJpktHJHgBU4UMZ5pGdt4qAomTQ8EVC2tpAoJXCuQLrCmQpbRZcOAnNWyTg%2BYcVoZQ8B9KhlZDQVsZ6AJslccX1ZpY8qRdjAB5Z86gPGTzWFUX%2BbQAXDYGjfvcAxgTpUuvsWBp%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6c4379058a3d3742-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

prd-collector-anon.ex.co

URL

https://prd-collector-anon.ex.co/main/events

Domain

atrack.avplayer.com

URL

https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1640617793147&cid=61c1a028f359cd68f50bba5f&VERSION=4.111.2&AV_PAGE_LOAD_UID=42965914-ec62-45b0-8c4c-6c2edcb165f3&AV_CDIM4=42965914-ec62-45b0-8c4c-6c2edcb165f3&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default