heodemz.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

• https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

Request Chain 77

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/2603a4a3b7fcf8201253532b711ea9381d05772df9596754df28e38722fb0e729b5950068fd8753bb1848e32f9bbdfae/6cdcc4137e2adfd5f0374152adec4ec5 HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301225d0d474707fb22b54cf7b289

Request Chain 93

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/1ac83b1230f88769ca017917e1da5fdec5a97e47d1531818b7e18b72e67d097190b5c4c422eef37c4bdaf3a2e421dcfa/6811678ab238ddc115a04507bdaff92b HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301235d0dc572091e04c64b67b551

Request Chain 94

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/33deb008c0cffdaa1024995e6410b9f674b36ac05ba125cff5a2e953902ba8647e3ee7927d75e165991da830cac135ea/cd857616dd702b55ab0ac231f9b5284c HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301275d0dfb2f19b54b0e45af833a

Request Chain 95

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/a6969fc946ee31cc6c5e47f99ca22fedd6e86f0deb0b7308b08d2c22dd8752df51965b74a71b92b0f7c7c496f4ea24e8/5bf57b9a9ba8eafdf3053d885697a391 HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302015d0d281f29713c76416799b8

Request Chain 97

• https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/6d4bd377c9f13cf2d1a7fe5e6dd624bcee76b7fa317f95b3302b43018de4037d50b7331f51a34f26726d179067a16ccc/e9f9792665896c813c32a1b0de45de36 HTTP 302
• https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302125d0d9e6a53ded1594df6bc45

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response heodemz.com/co-chau-gai-xinh-dep/	30 KB 8 KB	294ms 231ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.21 Resource Hash 1a638257e4a871d856d7f0339542564507a08cee753f432a11ee964d691533fa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status BYPASS cf-ray 84ee71a09a4f663e-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 02 Feb 2024 00:51:07 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDCjUA%2B28pX4WNAbClP3UuKauJC8%2Fl3BE6L632PmyPS74evu2EcB%2Fy8DTay1F9OGbyxEgt7yRbcTgr8vg5b%2BH0fH5RNyFWXvQU2EFa4KfmTzVID7eltRsCMVmn2C%2FzMiFgv46Iaguf9l9A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-powered-by PHP/7.4.21
GET H2	200	style.css heodemz.com/wp-content/themes/blocklru/	34 KB 9 KB	209ms 207ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/style.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9fe6799f795333f88a476b43fc6c053bcee69ec05708bfdc596c79e8781671e Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=39920 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 21 Nov 2022 18:41:08 GMT server cloudflare etag W/"9bf0-5edff660f1740-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BfLeVW6KnhbEJ6FB5wPF9wn4oe%2FmtrowhEeBIku6g5JRVmwlnA0vpdnZcwVWlD%2B%2FXDwL%2BTvD2WZlYLf03GGbf4WNw4fXFVSeIrbxYVdScN27EgjvVrIL0gQAEuDcAzgRMiKjVEF1YHpzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b5f663e-AMS expires Fri, 01 Mar 2024 01:00:26 GMT
GET H2	200	style-responsive.css heodemz.com/wp-content/themes/blocklru/	4 KB 2 KB	217ms 216ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/style-responsive.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96f3f941dbe53c83d536528e5faff5015e150c1856c5e674646cb4a27f0ae07e Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=4739 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Mar 2023 13:24:28 GMT server cloudflare etag W/"1283-5f7e1a996fafa-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqxsjuTvyjlzjG1RRXdAyM0vgFGlR9njrbfVuq5%2B0tJAaKZvOK4ARZLf9F6ojljirKEb3jbXNLtiKyDp%2FeHSEqOkw3Mj2j4fkZPvW1hlHgP4OKmJ%2FDggWqFwEanBRf4kGB2IvvQMiyflTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b61663e-AMS expires Mon, 05 Feb 2024 23:01:54 GMT
GET H2	200	style-video.css heodemz.com/wp-content/themes/blocklru/	12 KB 4 KB	218ms 217ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/style-video.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 610d36e39b35b271ea6ca0c21b5756d85595c5c4e09b20e86cb2f2a7437ac969 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=14011 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 04 Oct 2021 18:31:24 GMT server cloudflare etag W/"36bb-5cd8b1ec61700-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BFuj83L1mOw205MwYkMCMo%2FMJftyKYNq7JUSsSUw5KZ%2B%2B8pLQAHRcRJY3qVw8vzo8GMCa7S0%2BUMJSleAqVAZYyROM%2BvG301CWAcomOf626BLd%2BO2b4MEuWgmX1yGs2WaSjA9vKqa6VzvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b62663e-AMS expires Thu, 15 Feb 2024 02:55:53 GMT
GET H2	200	style.min.css heodemz.com/wp-includes/css/dist/block-library/	49 KB 7 KB	220ms 219ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-includes/css/dist/block-library/style.min.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ba4d19b1ce97694907eeb9dd53b0b9d8030da50a360a15297926874311f91b1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Mar 2023 13:18:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c2f3-5f7e1953b657e-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svKtMt6Ls1RSG3a3MyMN0GZLuruH%2BiCZNyoWVuzrKog5x0Ayks28AXKtK5iI6gIkLHUeSg4u1XvJkQwkwrY%2BieuuXABGNgMVgCtSH2igMeEqm7AsG5zYr4qxQs6rYUIGSY4TkQeLE25gCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b65663e-AMS alt-svc h3=":443"; ma=86400 expires Fri, 23 Feb 2024 20:13:12 GMT
GET H2	200	pagenavi-css.css heodemz.com/wp-content/plugins/wp-pagenavi/	237 B 538 B	188ms 187ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=374 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 04 Oct 2021 19:05:00 GMT server cloudflare etag W/"176-5cd8b96efcf00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngCfWya7GMl6sZoGXy3VJJFiWgSFWI2oIj97aAMRjxGpOHD%2B6NQKHVUVgiy56ik2teVGNx1Vm7KSeTgspkdzGQ2te%2B%2B5uXtXOuXrMPikDk%2F2%2FtrtHSN2Ala7q5Khu6IjcVa%2F%2FfkNVc%2B9QQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b67663e-AMS expires Sun, 11 Feb 2024 02:40:53 GMT
GET H2	200	buttons-dark.css heodemz.com/wp-content/themes/blocklru/awpt/css/	491 B 509 B	204ms 203ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/css/buttons-dark.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc5be110a424309f5b7e659f2ebb6d7f2540f93b6235ac3aa1431f8d610de8f1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=528 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:10:56 GMT server cloudflare etag W/"210-5ccfb80f5c000-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0%2BIPficyvHjdMnI%2BlPGDXUFV3TfE0KyFLU8z8Oglfr%2FHFWSuoR8mDYgepxuAHGirREO1wJDhuSvUwCBUrbDTByJxL83h5LxS%2BGHcXjBdnsT4bd4UmRkrf0xifBNYFu3YKYEQNbq8yJCdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b69663e-AMS expires Mon, 26 Feb 2024 23:57:05 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	60ms 24ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 935 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csi7nRS809XyXjDkTZal2UR5%2By7sliOLZDQMmYOhNu%2BlGi%2FEhZQC8pJDyN1UPrg3J8bLDlebzWoAQfkMLH%2Bw1nuPTpW1rurxNA3x9oHZwvvWiuLUBCwaI%2BOuUVi%2FcuUpsXIPnhvv0wxKL8Us0vWZaOwL"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84ee71a249581cd2-AMS expires Wed, 22 Jan 2025 00:51:07 GMT
GET H2	200	multi-select.css heodemz.com/wp-content/themes/blocklru/awpt/css/	2 KB 938 B	218ms 217ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/css/multi-select.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b486610700695e6dcdfec7892accd18d45765d42db1467673a7e5841213fc7e Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2378 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:11:12 GMT server cloudflare etag W/"94a-5ccfb81e9e400-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4FPofBk3B8RKON5tZ38%2BuaNXGMG2e1S3JOB%2BnjpDOCCygNfaAH2jM2HENMH1oCjst1yeyfM%2F%2FfE0jVRKxBMJEycB%2F8RKjhTAhJhwlmZkY06iPK8OkbBCZawPL0yTnQkKyj8OAULKNI5yg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b6a663e-AMS expires Tue, 13 Feb 2024 04:23:29 GMT
GET H2	200	new.css heodemz.com/wp-content/themes/blocklru/awpt/css/	10 KB 3 KB	345ms 344ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/css/new.css Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5f220fee0f8c4af80f8f46a541e213905aa7ca72704472c867d0bbfa1af0d09 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=10937 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 06 Oct 2021 08:17:06 GMT server cloudflare etag W/"2ab9-5cdaac58c6480-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0jheZ3zDNKX4PZArw2%2FznNj5%2FJKFeqt6PyDUg2sUxvviZj8yhl79ntvyhFcGm6qIleuiWZ1HrZPHHrkgTY6cEPgpvtzCc2YJTSjcoye6rqLSuEu7XUQeR81PFG3Eh0X%2BABgVsjjR1Qq0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b6b663e-AMS expires Thu, 08 Feb 2024 03:58:38 GMT
GET H2	200	jquery.auto-complete.css heodemz.com/wp-content/themes/blocklru/awpt/css/	519 B 609 B	205ms 204ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/css/jquery.auto-complete.css?ver=1.0.7 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5050af00e0302a930092caeebe4c0af502eaa7242e7cb0a331d7fadc42a1cfce Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=583 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:11:04 GMT server cloudflare etag W/"247-5ccfb816fd200-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRCFWwrWlX%2BTAf%2FmeXcDv8VmrE5xTVQpOrvKdcQDRTIrOPJKh8PogaoqkXD%2BHA1x609qV7NM9Bq%2BWFwjdGzch8AVRk9a1Jwf2Musezkwsn4CU%2FsGw2LcC%2BZK4JCMLu6kz0sdlxyKAlqnTA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 84ee71a21b6c663e-AMS expires Tue, 27 Feb 2024 00:52:56 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	189 KB 69 KB	92ms 38ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-252386100-1 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 24e2aa931ba8191ebef2cb06fd55e066df024b48cf4b5616506e882ce0fc67df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 69807 x-xss-protection 0 last-modified Fri, 02 Feb 2024 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 02 Feb 2024 00:51:07 GMT
GET H2	200	logopp.jpg heodemz.com/wp-content/uploads/2021/09/	20 KB 20 KB	200ms 199ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/2021/09/logopp.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b1118cad7f4b07078af93a21e3a14f06dc01a848001138fbdee98cba2f198b5 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT cf-cache-status HIT last-modified Tue, 28 Sep 2021 16:08:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4ece-5cd106d829b00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weSSU2jK4pVGa9u1OzPHn0UHo5A1XSCTD0kI6aYvm%2BPoff%2Fr6dvXcdve%2Bfik44orhwg8W%2FBeyiQ%2BTXYsjcEED7fFrkyLrYgqRZySPclaottzyR4zc%2FT94c6sYme8V%2BLsQ7RI7WwhpymU4g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71a21b6d663e-AMS alt-svc h3=":443"; ma=86400 expires Wed, 28 Feb 2024 23:19:57 GMT
GET H2	200	lazy.jpg heodemz.com/wp-content/uploads/	2 KB 2 KB	224ms 223ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/lazy.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d74ef48982c478f5ca668df0449cedca9dd1697ded58b7385b4beb2b1cdc903 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT cf-cache-status HIT last-modified Mon, 16 May 2022 20:06:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6bf-5df268e8e6040-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyTQqzyCqOGs1WNfj5z03rnEkbZRvDmv0mcXPiwlD4iEU%2BLOG1V%2BmtNkpqDaKzsDSBV1oHf7c2c3RM9C%2BabcX1wO7ewamBzRP5Mwdabm9UTaksG1H1RCmK2fCrl9beLKgTctZW8unhP%2FjA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71a22b80663e-AMS alt-svc h3=":443"; ma=86400 expires Sat, 24 Feb 2024 04:50:15 GMT
GET H2	200	400x300.jpg m.xlxx.news/img/	51 KB 51 KB	84ms 25ms	Image image/jpeg	2606:4700:3034::6815:28a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.xlxx.news/img/400x300.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:28a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT cf-cache-status HIT last-modified Wed, 31 Jan 2024 07:30:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 114751 etag "ca8c-61038dc35f2c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwJV49l4a8AWaffABI31QAgmHnhRga6qF1pEoF5xXAISLdnHwf6E0Ts73fg467V1Xy545dkw%2FONPDoJdFSZfbGcr6gSj43r%2FAr%2B3usS5U%2F194%2FIrDs4jwgFOencPlIcBlItivt9HvyKHnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 84ee71a49c850ae0-AMS alt-svc h3=":443"; ma=86400 content-length 51852
GET H3	200	jquery.js Show response heodemz.com/wp-includes/js/jquery/	95 KB 35 KB	202ms 201ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-includes/js/jquery/jquery.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=96873 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 06 Oct 2021 03:42:26 GMT server cloudflare etag W/"17a69-5cda6ef438c80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fycPk34YB7r57hAJe%2BbhxD9EofiNo6J95NPtq0klUDuUIanQuiG4YbpMXy9jP95fikHjAWdd%2BFrjwseIVgGv3k417UnA9ejwE%2FXZNyoVPjpWTLiN3eD7lNqiIBtpHOcM30awZRsqHE8BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a35ddd0c39-AMS expires Wed, 21 Feb 2024 05:25:02 GMT
GET H3	200	jquery-migrate.min.js Show response heodemz.com/wp-includes/js/jquery/	10 KB 4 KB	218ms 218ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Sep 2021 15:09:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2748-5ccfb7bf40300-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kw95Wu7wo6HqXVdjL3ifL%2BBPoEescqM%2B0Xq5UT54uCxexRf9GhqnMuPW%2F1OXlA1DpI%2FzIimJfjr0asZVXOuVVsYwco85tA6AWk3g2giEy1xSDQDugGkwvfmtPG2HUTkmKhks6eU2m%2BsdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a37dee0c39-AMS alt-svc h3=":443"; ma=86400 expires Wed, 14 Feb 2024 04:47:10 GMT
GET H3	200	post-like.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/	690 B 886 B	211ms 211ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/post-like.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cff16d34505d008ade0375fed450758df866aacd61ad57a4dc6f65172d3ff25 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=880 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:00 GMT server cloudflare etag W/"370-5ccfb8859d700-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG3QqVLyTPLiBV%2FKlOVXsUaKxBVliGS2VmE1EdFs2nGOljfJhgQR6idB2eBbDxFrvN91ETwDFAVYs9454E%2ByNKseP1%2FRWsz4xguIGhgcvcxuijqWIZOFVupSTD7HC53tGoYqzVsd7ITjhw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e700c39-AMS expires Mon, 12 Feb 2024 05:55:02 GMT
GET H3	200	app.js Show response heodemz.com/wp-content/plugins/mobi-player/player/	932 B 966 B	283ms 281ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/plugins/mobi-player/player/app.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9d9b3724629b3bf03296d26b0c76d3a8b3ff1fdf4986832faa809fb92a00bc4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1287 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:10:28 GMT server cloudflare etag W/"507-5ccfb7f4a8100-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BRRSiw0NAPYIcEj5Dxfp5oQnEWnO0M91nCBh3tMK%2FnY6I%2BcdLcdssuPw2TIyG4WwRPfqK0nfNef4Ja37ioTvSxSQPDQGhVr5Hi1PWe59H6NYU3cx6txLks%2BAiXFpJsdeHi7TsU44LWpRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e720c39-AMS expires Thu, 29 Feb 2024 02:31:35 GMT
GET H3	200	jquery.lazyload.min.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/lazy/	3 KB 2 KB	195ms 194ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/lazy/jquery.lazyload.min.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89868aa22e6982f24d81fdabec4264aec28042d4d940d86504fab329448a0f08 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT last-modified Sun, 28 Aug 2022 17:56:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d65-5e750dd0006ad-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOr%2FMjSeqOG5J8tilW%2F6g5IDSVFsQSeBFaoFwTtsdwDiaUrx0vC5zp2%2FM1FvAKMY6BvLuf9sF0TnTDgywOyoyf6UoprGO2lZEngZ8xtzXKGDeqyBw9k14FMrOonwxGMlEZ4z4sJQuULWHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e740c39-AMS alt-svc h3=":443"; ma=86400 expires Thu, 08 Feb 2024 01:10:37 GMT
GET H3	200	main.min.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	3 KB 2 KB	368ms 367ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/main.min.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 353b240920b450abb771561b30dfe2d32fa4dea76dd95d79d204c99bf4949c22 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Sep 2021 15:13:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c5e-5ccfb89a98880-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aicCdkh9WAprkk7HYC9tW3sox6GlhIT0yhGqgFmbtBjsRWZYJRZGu8WtV01CKzvXkrPf0KpgMRmVUSDHxY1D9GQKi39lW5W7PFbaHrMMQZPLoll2X%2BQwIsswCJRp%2F%2FcovVmgk5YELhFGSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e760c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 10 Feb 2024 02:04:04 GMT
GET H3	200	back-to-top.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	419 B 727 B	206ms 205ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/back-to-top.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d23f1d9d3b29050dd363dabf5f176f2eef5cc521ed085c65b70a2a97b86db13 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=634 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:12 GMT server cloudflare etag W/"27a-5ccfb8910f200-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgpBhvLb2h4KrxI6wPPQrThUtzcDi11J9JiWzF0DAfqbzu1YXBZ4QqRKII9ga1JKx%2BoAKedcQ2GxTCeb%2F5fEQk3Sk3uIhq74vmexI3XI2PRFEGyfNu7tOcRbrcQJ3qLCibghdCaN7KOo%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e840c39-AMS expires Mon, 26 Feb 2024 05:34:13 GMT
GET H3	200	tooltip.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	427 B 741 B	203ms 201ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/tooltip.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee63ba0316c31fb1fc3f72f6e735e8050f0bd8e7d8df27488b0a428cc53de71a Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:30 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} etag W/"1ab-5ccfb8a239a80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHrnO%2FGZRTVre2TRm2he5vil7VTR3Rv7BRTXCLBx%2FMBluwbTAG1WIT9nLygyjZvIwn9hTj7x6oGqEOTf9knHzvr60v5VAbfNfQG%2Bh4K9EUNKOaS%2Fi%2B1QXnzH0r27QkT0Dltk%2FyvK9kuDPA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e770c39-AMS alt-svc h3=":443"; ma=86400 expires Thu, 29 Feb 2024 02:34:12 GMT
GET H3	200	thumbs.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	515 B 812 B	215ms 214ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/thumbs.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8b0cf611f115264571e0f5ba4dc00a632821cdc44cf7a29d8f80cbbc9332228 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=516 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:26 GMT server cloudflare etag W/"204-5ccfb89e69180-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45eVbHYtjHo9ki6u%2BZMwdEB5e2HpYNL1nsTNFqm2GF8%2F3mrwMn8sDDCWBGLv5n35tDl69J8sjugHsvSBSRodDV8ObISnfh%2BCbuZKS1z3dWyv9QXRE3r2qI5%2FSfpP9GDJsif7LpMXSUfP6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e790c39-AMS expires Mon, 12 Feb 2024 00:55:23 GMT
GET H3	200	custom.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	129 B 640 B	1732ms 1731ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/custom.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 143057a65eb5b7cca540c7eab0e7636ba3e99f357e6e872dd0a4849abf9ae55b Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=192 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:14 GMT server cloudflare etag W/"c0-5ccfb892f7680-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQqlVrcG6nnemTqkgcZoKEBcsu1OLDqbmf0vhZ6WqJHDa2FZW9X7jJre3b17GQG8%2BLsCHtXAJ1r2vGQyEQYMm1MtbL%2B%2FnVOO3s7Ki185oapuRDzYgv%2BE3uiOUMFUzTn8um1by2SaGH4KYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e7b0c39-AMS expires Wed, 14 Feb 2024 08:31:47 GMT
GET H3	200	functions.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	1 KB 1 KB	231ms 230ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/functions.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2a8ff8130320f785b737a16fc53a1fcf646af4e3ff222ae0d90d78d07ae2e6a Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1100 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:18 GMT server cloudflare etag W/"44c-5ccfb896c7f80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p00%2BbD1V7KK%2BLVZsDVF6FYoL8AH02VM5wBsqmQfX2zdtgbM3Uqq7f79jeS125yiRelzg0cXDg8u9jMiMP5MweQgMMPIbUsT7jBdVZEyVeVuJEAPwE0UOKu5xA3v8bWlE1YkFB9EZnJG7bA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e7c0c39-AMS expires Thu, 15 Feb 2024 07:03:41 GMT
GET H3	200	jquery.multi-select.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/	11 KB 3 KB	212ms 211ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/jquery.multi-select.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ba1815592bcd27873ecdcf258170859a9a6b29fc5f0bcbae8274290e8c7e08 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=11149 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 06 Oct 2021 03:42:20 GMT server cloudflare etag W/"2b8d-5cda6eee7ff00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kV3Vr9Q7EaihkoPR4SeVsTxnQX04%2Bon%2B%2FmgbNVNSutQnlsL9C%2FuX9MFIoBT1iMoaRPrrcj1grkNbBdF%2BaPAEhbZQx61WFBIGhPxBbe%2FMbuPPW1Rlq71%2F8BBzeEOjIu0n3ZmsHbXjz4ltog%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e7d0c39-AMS expires Tue, 06 Feb 2024 02:35:07 GMT
GET H3	200	jquery.form.min.js Show response heodemz.com/wp-includes/js/jquery/	16 KB 6 KB	398ms 397ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-includes/js/jquery/jquery.form.min.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 984cf02a8dfc0e5f7d51a73b1b768a82b005bf389183b6d038022fc2ddd1f06c Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT last-modified Wed, 06 Oct 2021 03:57:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3e8f-5cda725257e80-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMOdi0LJ%2BS5ydRS2sKGJ63NKtzaqrUp8s%2Buh%2BzNbdI%2Fl8UmKKmisZQrEg71P9XCMrrm9mII1X%2FuKMiyTFVUTL4%2BPm2yX457qCu8lR6iHBrfOZri%2BeJ%2Bq0l1U5di4eLDRkUjomSie%2BGPmww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e7e0c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 24 Feb 2024 01:44:05 GMT
GET H3	200	ajax-comment.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/	546 B 859 B	219ms 218ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/ajax-comment.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 518553ea2e3387958992145ba8a9b6cd423a9369382fc68e8974082546d467f0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=936 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Mon, 27 Sep 2021 15:13:08 GMT server cloudflare etag W/"3a8-5ccfb88d3e900-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHpB%2FfzJL40v6bMfI%2Blb%2BANwRA%2BcJvydGtUub2uHx4%2BrE%2B6N2vgdoO4TXRPX2C20ENf5ttGDx0B5E2kON%2Fqp%2FuE1son91MF4W%2BecpEv3izbMA4Ng2ss54UL4OlyitBaGRFru9Zt0q7OyNQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e7f0c39-AMS expires Tue, 13 Feb 2024 04:23:30 GMT
GET H3	200	jquery.auto-complete.min.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/	4 KB 2 KB	2093ms 2092ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/jquery.auto-complete.min.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cece1097f127c3259563e9936c64b658830b75f606b503a191e52d39ac0a6556 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding br cf-cache-status HIT last-modified Mon, 27 Sep 2021 15:12:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f55-5ccfb87c14080-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WomDgHxJMtsQRC%2B2Fcn6ZNMNIXVmW4jAQZ5Q%2FhOm54qKB8mDSLgQsArSefNkqm17H8rnIIUfN1J5AgN1rWopuLFnqqm0BqARGbQwYGO8pBe5bgXulHkIyvhUxRLxcbOVGIdT0mDvgn%2FK6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e800c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 24 Feb 2024 04:50:15 GMT
GET H3	200	autocompleter.js Show response heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/	930 B 957 B	397ms 396ms	Script application/x-javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/js/jquery/autocompleter.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd74bb51d0a9c8b58b08bf13f8375146eb6a4a4c4bbfd078c4befbbaa5d160be Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1235 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 06 Oct 2021 06:33:40 GMT server cloudflare etag W/"4d3-5cda953a45900-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUlPH83LK7xShhak%2FcgNonSous5x2jb%2BMz%2Be41qFOASddxmChlMrG6Vqk5NoXvjphjtJcZqj%2FVL88KNpjRLCsi75ul44iVeo75GiX5ST2ZMSqdCaOeKFKInhDI%2BbDWqrrdFbTDWhYXTc6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=2592000 cf-ray 84ee71a43e820c39-AMS expires Tue, 27 Feb 2024 04:02:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	244 KB 85 KB	126ms 71ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-G1F07MZHML Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 19121512e42537597b7bb6b62c53876718a3f58324e70ef305f94d458daacc64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86508 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 02 Feb 2024 00:51:07 GMT
GET H2	200	728-90.gif imgyn.imageshh.com/vn-tu/	20 KB 0	3583ms 1242ms	Image image/gif	134.122.130.105 BCPL-SG BGPNET Gl...
General Check archive.org Show headers Download Go to Show image Full URL https://imgyn.imageshh.com/vn-tu/728-90.gif Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.130.105 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG), Reverse DNS Software nginx / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 05:40:13 GMT last-modified Thu, 01 Feb 2024 05:40:34 GMT server nginx etag "62a97e71-13630" x-cache HIT, policy, disk content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 79408 expires Sat, 02 Mar 2024 05:40:13 GMT
GET H2	200	MzM5 Show response play-01.sexapi.xyz/play/sv2/video/ Frame 6C87	19 KB 9 KB	112ms 38ms	Document text/html	2606:4700:3038::6815:ea46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-01.sexapi.xyz/play/sv2/video/MzM5 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.30 Resource Hash ddaa1b94df523730d325c52d31c3520b1b7c0310d4443855bf888e60fd3848f8 Request headers Referer https://heodemz.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=86400, must-revalidate, proxy-revalidate cf-cache-status HIT cf-ray 84ee71a4bcf4b918-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 02 Feb 2024 00:51:07 GMT expires Sat, 02 Mar 2024 13:39:47 GMT last-modified Thursday, 01-Feb-2024 13:39:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm%2BEcpUte9%2F584hswyGTQIalvPHPOKviwtsPv3FkAVmL9Vu9TXXvAnm%2BoWTQgi0SfGBIWpydsENFJ7JWy%2BszUARItppdVKLFLOgD2Kcu54HGwSIESgkuJS%2FedLIyrTQNKV5Ionaa10MM5BzixFpyRh0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.0.30
GET H3	200	lazy.jpg heodemz.com/wp-content/uploads/	2 KB 2 KB	829ms 829ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/lazy.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d74ef48982c478f5ca668df0449cedca9dd1697ded58b7385b4beb2b1cdc903 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT cf-cache-status HIT last-modified Mon, 16 May 2022 20:06:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6bf-5df268e8e6040-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71jfxUDEtFSvwLmFU0OyoQSgqJK3xG31OliEjOrR9JQgR3iA2KdADljTifCsXsu0H38qaEDrnRbI9hFyo4HtIC%2FY7kT9ms72zppkqsE%2BdmEVgQZQuIcDjHfb%2F80H0uxWuJsk6ghixzu%2FOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71a43e850c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 24 Feb 2024 04:50:15 GMT
GET H3	200	xv-button-bg.png heodemz.com/wp-content/themes/blocklru/awpt/css/images/	308 B 791 B	207ms 206ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/themes/blocklru/awpt/css/images/xv-button-bg.png Requested by Host: heodemz.com URL: https://heodemz.com/wp-content/themes/blocklru/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f60d72ee8ae053e3ba40312df062cbefc84fa6e98655ddf7f9c22826611ca11 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/wp-content/themes/blocklru/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT cf-cache-status HIT last-modified Sun, 08 Mar 2020 00:40:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"134-5a04d2341e400-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7k4uBe36WyEPoh8FZ2MZh97bWFZRAfuIym6fyZxSLVmToypSN1w15J1nyynBIoCo67ReHqT6i4ySARRfTMqxTkp48q3tr6H78Bx9tWFcRK3hYcvGV0%2B39LTP0KnmPAL8SvwhHWVexzgXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 cf-ray 84ee71a43e860c39-AMS alt-svc h3=":443"; ma=86400 expires Thu, 08 Feb 2024 05:54:57 GMT
GET DATA	200 OK	truncated /	380 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	57ms 39ms	Font application/octet-stream	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin https://heodemz.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5691160 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMA5V%2FCueC%2BUFsLVqKv1hbdB%2B3gOWST%2BbZCk8DHz%2BM5SvQXV5DixwiiGGyWDZl8TkSpBfuFuLae2x%2BURjvz5QFN%2BCKjNVxXzoxld1Jg7iNtdNVgNNwAfbwmf2VSxOu318Tk3OYQAiSJa1z9j6rIWCmq1"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84ee71a4693d1af8-AMS expires Wed, 22 Jan 2025 00:51:07 GMT
GET H2	206	video888.mp4 bf.333xbet.com/18881999/	32 KB 0	1634ms 158ms	Media video/mp4	216.180.227.70 BLUETECH-WAF
General Check archive.org Show headers Download Go to Full URL https://bf.333xbet.com/18881999/video888.mp4 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.180.227.70 , Virgin Islands (British), ASN47191 (BLUETECH-WAF, VG), Reverse DNS Software nginx / Resource Hash Request headers Referer https://heodemz.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=0- Response headers date Mon, 29 Jan 2024 14:16:57 GMT last-modified Fri, 02 Feb 2024 00:17:08 GMT server nginx etag "65a52197-2025870" access-control-allow-methods GET, POST, OPTIONS content-type video/mp4 access-control-allow-origin * x-cache HIT, server, disk cache-control max-age=2592000 Content-Range bytes 0-33708143/33708144 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 33708144 expires Wed, 28 Feb 2024 14:16:57 GMT
GET DATA	200 OK	truncated /	547 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	552 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	177 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	351 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	242 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 6C87	87 KB 88 KB	79ms 24ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 31 Jan 2024 03:58:55 GMT x-content-type-options nosniff age 161532 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89476 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 30 Jan 2025 03:58:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 6C87	244 KB 85 KB	46ms 45ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5TBWYGC60V Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 60afc083009f3913915fe2bad3fc3472223f21d12d01b52ecfc917295279658d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86508 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 02 Feb 2024 00:51:07 GMT
GET H2	200	promise-polyfill.js Show response play-01.sexapi.xyz/jwplayer/ Frame 6C87	4 KB 2 KB	24ms 24ms	Script application/x-javascript	2606:4700:3038::6815:ea46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-01.sexapi.xyz/jwplayer/promise-polyfill.js Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f0d8ebf5f423e0610678c8e80bfef35e22c3b83eab216cae69825bf80a79a03 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2475925 cf-polished origSize=6942 alt-svc h3=":443"; ma=86400 referrer-policy same-origin cf-bgj minify last-modified Thursday, 04-Jan-2024 08:44:34 GMT server cloudflare etag W/"1b1e-5e8ace07f2080-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYQ%2Fgk4YSUi7qXd6khhPAe3L9ZS1O%2FjQ00GyjyevIOT5bELy%2FPFl2BVdCHgElphWa76OkIHW6M4hQbKGLV%2BzcbKwIIINPVl50PbU2JyOdhO%2F7O5eZDY3LnmqokJ0IVopD20f%2FPBFJdzc7zTPPSOaWTU%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=86400, must-revalidate, proxy-revalidate cf-ray 84ee71a4fd28b918-AMS expires Sat, 03 Feb 2024 08:44:33 GMT
GET H2	200	devtools-detector.js Show response play-01.sexapi.xyz/jwplayer/ Frame 6C87	25 KB 5 KB	25ms 24ms	Script application/x-javascript	2606:4700:3038::6815:ea46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play-01.sexapi.xyz/jwplayer/devtools-detector.js Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ea46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9a5e230120ba86d4d170c254dfb0398ea007518a4ea1808c37c51f66a2aeadf Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2475925 cf-polished origSize=25716 alt-svc h3=":443"; ma=86400 referrer-policy same-origin cf-bgj minify last-modified Thursday, 04-Jan-2024 08:44:34 GMT server cloudflare etag W/"6474-5e8ace0daae00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxRpcGCbJrvMegK7IjnrTdrQUpFaUp8mfJqJCBP6BUb%2FzhuMcuXmMpv8lRO00aG9PprpuCmzCDs2VJKqLAL0PRiPr9DbEFm9n3ERHkAmNXJfwFX888vcxaW92DMtP6kFX4US8nd3WQGKIsRqkHnKFfQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=86400, must-revalidate, proxy-revalidate cf-ray 84ee71a4fd29b918-AMS expires Sat, 03 Feb 2024 08:44:34 GMT
GET H2	200	dmca-badge-w100-5x1-11.png images.dmca.com/Badges/ Frame 6C87	2 KB 3 KB	24ms 24ms	Image image/png	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://images.dmca.com/Badges/dmca-badge-w100-5x1-11.png?ID=4898a2d3-689b-4bab-8a79-0c0e477fd9d8 Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / ASP.NET Resource Hash 2292a183dd2a364653441cf13efd89138c43eab4dacbb35e9bc061b07c749be1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT cdn-edgestorageid 1082 x-powered-by ASP.NET cdn-cachedat 10/31/2023 18:59:54 cdn-pullzone 1574055 content-length 2390 last-modified Mon, 25 Jul 2016 19:39:16 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "70d0a63aace6d11:0" content-type image/png cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid dc196e49337f7f936e261f959814b376 accept-ranges bytes cdn-requestcountrycode NL link <https://dmca-images.azurewebsites.net/Badges/dmca-badge-w100-5x1-11.png?ID=c566a01f-b37b-45bf-953f-533e46600052>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/ Frame 6C87	465 B 844 B	97ms 23ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br cdn-edgestorageid 1080 x-powered-by ASP.NET cdn-cachedat 12/05/2023 19:29:27 cdn-pullzone 1574055 last-modified Fri, 21 Jun 2019 20:14:34 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"26b181f16d28d51:0" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid c136c664-112d-4533-8247-f90f6849ab39 cache-control public, max-age=31536000 cdn-requestid 2da8dc67553b01d4bccb29ece7b5a23e cdn-requestcountrycode NL link <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical" cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 80 KB	42ms 42ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V1RR6LN9FH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-252386100-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d90a8ff874373f94c4d003edeec508dca48c6987b8390b371dcb3ffe31d37408 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82210 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 02 Feb 2024 00:51:07 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	157ms 50ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-252386100-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 01 Feb 2024 23:48:09 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3778 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 02 Feb 2024 01:48:09 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 251 B	56ms 20ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-V1RR6LN9FH&gtm=45je41v0v9114813927za200&_p=1706835067551&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=996345968.1706835068&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1706835067&sct=1&seg=0&dl=https%3A%2F%2Fheodemz.com%2Fco-chau-gai-xinh-dep%2F&dt=C%C3%B4%20ch%C3%A1u%20g%C3%A1i%20xinh%20%C4%91%E1%BA%B9p&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=873 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V1RR6LN9FH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Fri, 02 Feb 2024 00:51:07 GMT server Golfe2 content-type text/plain access-control-allow-origin https://heodemz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	63c10c48ece898db240a2ced Show response play.play4db1.click/play/v2/ Frame 4F6D	8 KB 4 KB	238ms 74ms	Document text/html	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 081978812f03997373f4cfb140fe03eed6f240f7f4edf7f4ec8da8a854157219 Request headers Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=86400 cf-cache-status HIT cf-ray 84ee71a6d8e2661a-AMS content-encoding br content-type text/html; charset=utf-8 date Fri, 02 Feb 2024 00:51:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKUy22owctatRD4xH%2BePUrpBqQInvG84HeWeP8ZKXwV5gLoP3a1csMJ27x5QOeTAYfGNzgiLqbh5uL%2Bh0wbV%2FeI9N5V8Jhn7kMtooMv4Bkaz8o4yeMbAMgzTR2DBWC8s%2Bb%2BpZsesqMmOP8sP1Ey3u9gw"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 203 B	57ms 56ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=469745215&t=pageview&_s=1&dl=https%3A%2F%2Fheodemz.com%2Fco-chau-gai-xinh-dep%2F&ul=en-us&de=UTF-8&dt=C%C3%B4%20ch%C3%A1u%20g%C3%A1i%20xinh%20%C4%91%E1%BA%B9p&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1750463896&gjid=1636104996&cid=996345968.1706835068&tid=UA-252386100-1&_gid=1066861565.1706835068&_r=1&gtm=457e41v0za200&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=576150605 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://heodemz.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 02 Feb 2024 00:51:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://heodemz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ Frame 4F6D	86 KB 28 KB	23ms 23ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2663208 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27748 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15851" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08O4ZWfiAK2zX25yp4FAEA1QNsezCspNtP7QLdfiH%2BONaEYt%2FMVH49qBZQc%2FhxHlwdAiOJ8CQJq4xeTh5gjMu9%2FfzbdBqEdk87CmvkZ7BqN0EdjfcLItHliN%2B8RyrSwwfRilmFK8ccvbSZaUO3o%2Fo2De"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84ee71a7586e1cd2-AMS expires Wed, 22 Jan 2025 00:51:08 GMT
GET H2	200	socket.io.min.js Show response cdnjs.cloudflare.com/ajax/libs/socket.io/4.5.4/ Frame 4F6D	43 KB 12 KB	25ms 24ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.5.4/socket.io.min.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2412391 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 11798 last-modified Tue, 22 Nov 2022 21:33:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "637d400e-2e16" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZnFiMobNK1QpUu%2F71fSZ6GHcDqn%2BkWPx2CSth%2BYUfXaphit0WiyKWVIK%2FYsI%2BZmSTejo8BqtsSRIKRx8sXSdh1d8%2F09F%2B2AwAnAKAnaU%2BQ1QHxBxUmvDNNyhXXWiXSD5pS9QpkS7K6XFXYLbv1kfshf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84ee71a758701cd2-AMS expires Wed, 22 Jan 2025 00:51:08 GMT
GET H2	200	jwplayer.js Show response cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/ Frame 4F6D	111 KB 37 KB	62ms 27ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74989125e5098689ba79fe01185920f68d6784fa6063a50948be40d84e730aca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5598640 x-jsd-version 1.0.2 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230043-FRA, cache-ams21032-AMS x-jsd-version-type version server cloudflare etag W/"1bba4-kHqkJRBgveO9ddV0S7Xb+XQI8CM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA1cmEconJtznhWgOnkcNjJkeI%2FiloSEM6ri4WESvCYUns2WXVbVPZ15MNDBvX2WzbGAhWLngfyQNHwo4a937IjSbkZH2mwYhF6hBgQPp%2Bqz7GJmtXDzcr9wuG4TIGmWh%2BuJDzAOIjTvXiIEYjY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 84ee71a78aaf0eb3-AMS
GET H2	200	app_plhq_v7_rf.js Show response cdn.jsdelivr.net/gh/nvtuan95vn/plhq-js@main/ Frame 4F6D	3 KB 2 KB	58ms 23ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/nvtuan95vn/plhq-js@main/app_plhq_v7_rf.js Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5d5427ab786726d23f21ccf2cdd62df2643a01bdbc035edaff70b16e29d9478 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 13609 x-jsd-version main content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230062-FRA, cache-ams21024-AMS x-jsd-version-type branch server cloudflare etag W/"a61-wXD7xRZj/LHz/8sp3OHgUvB1ed4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gFVhx%2Fc5qFsj%2BCa5oJrvmpN0JeZl2ZM0H771f8m8GxZTPuBjfZIMFrBoDFn4YI3ykCGyS%2BLXsJ4JFiUana158wwK9AlDkv5wOq27JLvu9A%2FS5jnWwFXXRpr6j1V8kOGEqUESnQwORiWms8f3co%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 84ee71a78ab00eb3-AMS
GET H2	200	index.svg loading.io/mod/spinner/palette-ring/ Frame 4F6D	1 KB 914 B	67ms 23ms	Image image/svg+xml	2606:4700:20::681a:7b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://loading.io/mod/spinner/palette-ring/index.svg Requested by Host: play.play4db1.click URL: https://play.play4db1.click/play/v2/63c10c48ece898db240a2ced?sub=https://w3img.com/sub.vtt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:7b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 152b13c4b7f7db085d82b6967a4fc7a6f72a304bd576905d12f18f12f31ed5bd Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br cf-cache-status HIT last-modified Sat, 16 Nov 2019 08:17:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4640 etag W/"5dcfb096-418" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2wZDSHpp8Tv0D9ZecCHZ4vJsKlVWxUiIEQmMt%2BjuIHxWfuYJbpCNg6UdTMCCTudycuT9fT9bUzk4CBRfMG395uu7W3bRhakkbbGTzHnGuokG%2FS0DYLIx5MAvcEX0c0JnIEgaYbEk%2FM%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml vary Accept-Encoding cache-control max-age=14400 cf-ray 84ee71a798d60df3-AMS
GET H2	200	main.js Show response play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame 526B Redirect Chain https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js	7 KB 4 KB	21ms 20ms	Script application/javascript	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f5392809a797df2a471240b5b72a587b9dbf68534e674ef4b7aa5fe709a9c6b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb1SUFiR0Ptb3m7iML9GTA6sk2lfD9OztHp4KpaU83L47MNGejdyB0e0S0WxAMGnw0LNG7PqmDoQ175rmYkY1PxBn1xReiNagT2a0f8FUW1AQiNTNC4kn5CJYCWFLsZW%2BbrYXf8tf5tXHTsCX7CGIGc3"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 84ee71a7f993661a-AMS alt-svc h3=":443"; ma=86400 Redirect headers date Fri, 02 Feb 2024 00:51:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phgwy9WpdiOwFwAg1uJ2xTTKWPMWeyrRb2TRZgaUNLQG7gcE4wt7rO7FMzcrf6S3sRz414tZJMHEQSrMwyW9jbuf9Y%2F94uHGPaVPF1ivSTKzdtxgkv59442qAUcG0Re8is40Dm9gvkMGLs8G3P3LyEx%2B"}],"group":"cf-nel","max_age":604800} location /cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js access-control-allow-origin * cache-control max-age=300, public cf-ray 84ee71a7d97c661a-AMS alt-svc h3=":443"; ma=86400
GET H2	200	8807c09f.js Show response x7r3mk6ldr.com/aas/r45d/vki/1990706/ Frame 6C87	89 KB 34 KB	73ms 16ms	Script application/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Requested by Host: play-01.sexapi.xyz URL: https://play-01.sexapi.xyz/play/sv2/video/MzM5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e7eb454e9162eecb3cad84067792ce2ca224d4e24393f4ea5f0338e62757a379 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip last-modified Thu, 01 Feb 2024 15:03:32 GMT server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data etag W/"65bbb2c4-1634a" vary Accept-Encoding content-type application/javascript x-js-ab2 current timing-allow-origin *
GET H2	200	/ whos.amung.us/pingjs/ Frame 6C87	28 B 28 B	170ms 125ms	Image text/javascript	2606:4700:10::6816:4bab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whos.amung.us/pingjs/?k=psexapi&t=16749&c=d&x=https%3A%2F%2Fplay-01.sexapi.xyz%2Fplay%2Fsv2%2Fvideo%2FMzM5&y=https%3A%2F%2Fheodemz.com%2F&a=0&v=27&r=4896 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 84ee71a82dc80e48-AMS alt-svc h3=":443"; ma=86400 content-type text/javascript;charset=UTF-8
POST H2	200	63c10c48ece898db240a2ced Show response api-plhq.play4db1.click/apiv5/6382d2a6c281da76c6324db1/ Frame 4F6D	160 B 634 B	446ms 373ms	XHR application/json	2606:4700:3032::6815:5cdd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-plhq.play4db1.click/apiv5/6382d2a6c281da76c6324db1/63c10c48ece898db240a2ced Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5cdd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f92e42e4326e77572e7069b7dd1350ab7887a5eb9b1b40ca9cae03b4933511e Request headers Accept */* Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a0-ANfXOLk3w+iEuP8Ge3ifpTXgnfU" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k91fyJDy1OGEadFVsIYtilkpHfH3HmS27FUtGS2X5HnGKjhgZVup8tJJRrGxfkClLBw7CtlawZe1Zwt5pdFvaVNIoCTqMeXzpvvXNo4KjUe3WXg%2B09qIG8exiOWiiU%2BwL5g23xSguYCQCRGEl2IsOC2MTpRYOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://play.play4db1.click cf-ray 84ee71a85e3a0bc2-AMS alt-svc h3=":443"; ma=86400
GET H2	200	63c10c48ece898db240a2ced Show response api-view.vnstream.net/api/view/ Frame 4F6D	2 B 463 B	395ms 351ms	XHR text/html	2606:4700:3036::ac43:abda CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-view.vnstream.net/api/view/63c10c48ece898db240a2ced Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:abda , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept */* Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMILM98%2FlD9sLBhlWWzyDqQ2EEXZHzCeJsCLcyY0vBWckYbsuND9nEcVkxDMJfGkU8%2FkDC53UeC%2B7TGhSmHHvSCe59XLId%2FlxIqDuC%2BYW4rLHrmQuGGEfmwh3aTb%2FyYke05mEbjX7Ew87Wf7eZcgLYTjJmM%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin * cf-ray 84ee71a82e0b1c7d-AMS alt-svc h3=":443"; ma=86400
POST H3	200	84ee71a6d8e2661a Show response play.play4db1.click/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 526B	0 602 B	6499ms 6499ms	XHR text/plain	2606:4700:3031::ac43:c726 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.play4db1.click/cdn-cgi/challenge-platform/h/b/jsd/r/84ee71a6d8e2661a Requested by Host: play.play4db1.click URL: https://play.play4db1.click/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c726 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/json Response headers date Fri, 02 Feb 2024 00:51:14 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qncg3xAL%2Bt8x%2BUzYil1cjtD6VlUJW0hJtPqz7sfLaUxGlK9Hl1j62bntkSeKtE61RSHLuPmHMr3Yizh5qB3xGLvv5xjYUxxxIARkUjVi9c%2FkzUH%2BweVLBm%2ByLOCs3QO3C5MtxL3R2IwqZokJ0WPV5RrL"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 84ee71a87cf40b44-AMS alt-svc h3=":443"; ma=86400
POST H2	200	solid.gif x7r3mk6ldr.com/ Frame 6C87	43 B 638 B	18ms 18ms	Ping image/gif	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/solid.gif?z=1990706&nojs=0&abvar=0&febuild=1.0.196&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=801&y=801&md=0&afid=1800709003319296&eclog=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT x-route-id stats.tag.loaded server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 content-type image/gif
GET H2	200	1990706 Show response x7r3mk6ldr.com/get/ Frame 6C87	37 B 681 B	17ms 17ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://x7r3mk6ldr.com/get/1990706?zoneid=1990706&jp=_cl8th36ax4vy3xqe4gb9h8&nojs=0&abvar=0&febuild=1.0.196&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=801&y=801&md=0&afid=1800709003319296&eclog=0&im=0 Requested by Host: x7r3mk6ldr.com URL: https://x7r3mk6ldr.com/aas/r45d/vki/1990706/8807c09f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Request headers accept-language nl-NL,nl;q=0.9 Referer https://play-01.sexapi.xyz/play/sv2/video/MzM5 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript x-route-id config timing-allow-origin *
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame 4F6D	57 KB 17 KB	484ms 164ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/jwpsrv.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 59582c75d6c2b9e2b4bbf226db778d7211d60de3343c83c809ad5a59a322fc15 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip via 1.1 varnish age 859 x-cache HIT content-length 17364 x-served-by cache-bom4751-BOM last-modified Wed, 31 Mar 2021 15:14:24 GMT server AmazonS3 x-timer S1706835069.987201,VS0,VE0 etag "2d642e2770c705fe7a30a5a3a28396ea" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=900, immutable accept-ranges bytes x-cache-hits 2
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame 4F6D	299 KB 76 KB	482ms 163ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/jwplayer.core.controls.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 642eaf894d98b96a6a5cb024bdb7290f10ac18795913753f12c7d763cde6118b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip via 1.1 varnish age 10213318 x-cache HIT content-length 78058 x-served-by cache-bom4751-BOM last-modified Wed, 31 Mar 2021 15:14:16 GMT server AmazonS3 x-timer S1706835069.987189,VS0,VE0 etag "8a4d5ae80fa2e279c1019f7d7d25d615" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 266
GET		/ count-view.play4db1.click/socket.io/ Frame 4F6D	0 0
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame 4F6D	407 KB 112 KB	459ms 143ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.hlsjs.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 7e541dc051f497557a901c58cd37d06b566a9293a3e01729b847c08381ffe1c2 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:08 GMT content-encoding gzip via 1.1 varnish age 9404996 x-cache HIT content-length 114710 x-served-by cache-bom4751-BOM last-modified Wed, 31 Mar 2021 15:14:19 GMT server AmazonS3 x-timer S1706835069.987154,VS0,VE0 etag "e35ca39e19aa6ae45aef6633199a3ae6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 265
GET		sub.vtt w3img.com/ Frame 4F6D	0 0
GET H2	200	polyfills.webvtt.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame 4F6D	10 KB 4 KB	143ms 143ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/polyfills.webvtt.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6124e0547ee69515af89df540254d57aefe833365438b9f0814530113f875e90 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding gzip via 1.1 varnish age 16599678 x-cache HIT content-length 4390 x-served-by cache-bom4751-BOM last-modified Wed, 31 Mar 2021 15:14:18 GMT server AmazonS3 x-timer S1706835070.504596,VS0,VE0 etag "2f81a62846aa452f1db44cfaa9057857" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 36
GET H2	200	provider.cast.js Show response ssl.p.jwpcdn.com/player/v/8.20.1/ Frame 4F6D	25 KB 9 KB	141ms 141ms	Script application/javascript	2a04:4e42:200::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.cast.js Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 6e2e39ad3123a00a852b44b7d7aab70e1786cb5c6f10107296dcb196abd6794f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding gzip via 1.1 varnish age 10007194 x-cache HIT content-length 9014 x-served-by cache-bom4751-BOM last-modified Wed, 31 Mar 2021 15:14:19 GMT server AmazonS3 x-timer S1706835070.520426,VS0,VE0 etag "da5dccbaa1ffd9904b1bd9d7c47329c4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 130
GET H2	200	ef860738b066032f4877f5f53cbf76f9.m3u8 Show response m3u8-rd.play4db1.click/m3u8/v3/5/63c10c48ece898db240a2ced/1706836119/ Frame 4F6D	232 KB 232 KB	68ms 38ms	XHR text/plain	2606:4700:3032::6815:5cdd CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://m3u8-rd.play4db1.click/m3u8/v3/5/63c10c48ece898db240a2ced/1706836119/ef860738b066032f4877f5f53cbf76f9.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.20.1/provider.hlsjs.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5cdd , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cba6bd53023d40e3dc616dedc5d1fcb36f5c8454000665b380f11d2c9abab8e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"39e2c-eucdS+RjqfTAqbwKeY+cZDs8jQs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYnN1mshQtGCw9n%2FVmOMk1KZGscqp%2B5Fz9pUEs4QA8E9a5vPDw7zxWmcDY%2BcRtms2hHWIjNK5X0wxxkdoROCEDeZWciYO946Ht74ug9x7xao%2FrWnzjOKTKOgQXbqN2pY%2FmwaIu75tUAVfqwjisMZNuV94hdR"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://play.play4db1.click cache-control public, max-age=10799 accept-ranges bytes cf-ray 84ee71b04cf30bc2-AMS alt-svc h3=":443"; ma=86400 content-length 237100
GET		background_v2 cdn-01.w3img.com/images_cdn/ Frame 4F6D	0 0
GET H2	206	video888.mp4 bf.333xbet.com/18881999/	22 KB 22 KB	403ms 402ms	Media video/mp4	216.180.227.70 BLUETECH-WAF
General Check archive.org Show headers Download Go to Full URL https://bf.333xbet.com/18881999/video888.mp4 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.180.227.70 , Virgin Islands (British), ASN47191 (BLUETECH-WAF, VG), Reverse DNS Software nginx / Resource Hash 2ffd4a9dfe88f1d806644910ea5689baff4bd385a35ff6e524b67a1c75f1c8f0 Request headers Referer https://heodemz.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=33685504- Response headers date Mon, 29 Jan 2024 14:16:57 GMT last-modified Fri, 02 Feb 2024 00:17:08 GMT server nginx etag "65a52197-2025870" access-control-allow-methods GET, POST, OPTIONS content-type video/mp4 access-control-allow-origin * x-cache HIT, server, disk cache-control max-age=2592000 Content-Range bytes 33685504-33708143/33708144 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 22640 expires Wed, 28 Feb 2024 14:16:57 GMT
GET H2	200	202301225d0d474707fb22b54cf7b289 Show response p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame 4F6D Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/2603a4a3b7fcf8201253532b711ea9381d05772df9596754df28e38722fb0e729b5950068fd8753bb1848e32f9bbdfae/6cdcc4137e2adfd5f0374152adec4ec5 https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301225d0d474707fb22b54cf7b289	1 MB 1 MB	1145ms 1019ms	XHR image/png	2.16.241.4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301225d0d474707fb22b54cf7b289 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2.16.241.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-4.deploy.static.akamaitechnologies.com Software TLB / ImageX Resource Hash 64221f1f30db188d5c63fb75e286f67423d4d96dad02a3c12a77d553b0c6bd82 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-akamai-request-id 10b6ceee.1862bc99.20099d5c date Fri, 02 Feb 2024 00:51:10 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES x-tt-trace-id 00-240122120317BF129007F8D904778D7B-481199C495C69FFE-00 nw-session-id 202401201432206562E4EAB98D819D9962nk6pv12df x-powered-by ImageX x-cache TCP_MISS from a2-19-125-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 992,23.55.109.150, 995,2.19.125.196 server-timing cdn-cache; desc=HIT, edge; dur=996, origin; dur=0, inner; dur=2 x-length 1111336 content-length 1111336 last-modified Sat, 20 Jan 2024 14:32:21 GMT server TLB x-tt-logid 202401201432206562E4EAB98D819D9962 x-response-date Sat, 20 Jan 2024 14:32:21 GMT x-cache-remote TCP_MISS from a23-55-109-150.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) content-type image/png access-control-allow-origin * nw-session-trace 2024-01-20T14:32:21.954184604Z 123 x-request-ip fdbd:dc51:ff:1:1:245:40:109 cache-control max-age=30462095 x-tt-trace-host 011290438014b6fcf0ea6b00ac2e8dada74323b7e9ab70ae0c35a816906663272db4b74e0d115ab8831dffea92bc533c0e85f4a7fe213bf5b95e760099ad371cb5f0c527d621b1fc56eb8a996eb24bfe0245c6a749d1742d904c17f75fd076c3d6409ee20c8236f34f7a188e6bfef152e8d19c321c8494532c824fc6dacd4ab89b x-response-cinfo fdbd:dc51:ff:1:1:245:40:109 imagex-fmt png2png x-response-cache edge_hit timing-allow-origin * Redirect headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmsZjeWmbqXB6Z%2FxPD1nsPWImMs%2B3UrEwwJtUYFd9Yy9zAdEmh2DU91b709mG11oZFk9G7fPn3TxklbNGRMHn7gmFDnPqEzPrx%2FR5gt%2F79lUFWRmx7r72wdoFtiTpuFF98VRzk7UmemAE4ppbNvGTqFK"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301225d0d474707fb22b54cf7b289 cache-control public, max-age=3600 cf-ray 84ee71b0bd1e0b44-AMS alt-svc h3=":443"; ma=86400 content-length 105
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 4F6D	4 KB 2 KB	163ms 30ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/playhq_net_jwplayer@1.0.2/jwplayer/8.20.1/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 02 Feb 2024 00:51:09 GMT
GET H2	200	728-90.gif imgyn.imageshh.com/vn-tu/	20 KB 0	1488ms 1243ms	Image image/gif	134.122.130.105 BCPL-SG BGPNET Gl...
General Check archive.org Show headers Download Go to Show image Full URL https://imgyn.imageshh.com/vn-tu/728-90.gif Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 134.122.130.105 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG), Reverse DNS Software nginx / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 05:40:13 GMT last-modified Thu, 01 Feb 2024 05:40:34 GMT server nginx etag "62a97e71-13630" x-cache HIT, policy, disk content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 79408 expires Sat, 02 Mar 2024 05:40:13 GMT
GET H2	200	400x300.jpg m.xlxx.news/img/	51 KB 51 KB	25ms 24ms	Image image/jpeg	2606:4700:3034::6815:28a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://m.xlxx.news/img/400x300.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:28a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status HIT last-modified Wed, 31 Jan 2024 07:30:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 114753 etag "ca8c-61038dc35f2c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnNiPJeRrB%2BvzpbwrM%2FMu%2FViJQGdKhui1aIR4CBu1H4I6xv0RGHV%2FAkAkdMGgALAquS64qXxUqvuj0Yp1EmQHQ812uhVoc8n22A%2B%2F5esRbm2JBpsxfb1Mve51Xi%2FPAtVPy5p7l%2B5D85euA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=86400 accept-ranges bytes cf-ray 84ee71b15c610ae0-AMS alt-svc h3=":443"; ma=86400 content-length 51852
POST H3	404	admin-ajax.php Show response heodemz.com/wp-admin/	1 KB 1 KB	379ms 378ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://heodemz.com/wp-admin/admin-ajax.php Requested by Host: heodemz.com URL: https://heodemz.com/wp-includes/js/jquery/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee6df3f3a866e9985128b950c1f659f6d9120d4a509cd2cc4af5ec934b956994 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://heodemz.com/co-chau-gai-xinh-dep/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 02 Feb 2024 00:51:10 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-language,accept-charset,Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ba9XJwWv74cEJ12Ao0NWbejy5c%2Bi5inAhY9CtpFHxv53tF9urEsmkdL%2BmgyiVX0dkTCSxcm9Zy1lGWWWWhj9JXKIbgF6ubit%2FdCogmnXBRzBv7gnFNP5r8YU%2F1%2BazEo4NOT5wXeMZoumrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 content-language nl cf-ray 84ee71b16fa40c39-AMS alt-svc h3=":443"; ma=86400
GET H3	200	2527.jpg heodemz.com/wp-content/uploads/thumb/	11 KB 12 KB	225ms 225ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/thumb/2527.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6169cda5f2e46dca0c328fa05f4aa33abab99d43c25a9a767cad360afbea9676 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status MISS last-modified Mon, 30 Aug 2021 16:37:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2c21-5cac972835480-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UqjEO1LOpy6SXicyaNtZEY14aItuoT3AnZhY5QVh54Wqa9RibxR7OSZjj4UfQeSWxGU8yzT%2B6sSbzHwRA0OUzC703eZF85UmDIZK5oKOm4DIH0FDEDNLCWQBRF7hKB4EwBBdU%2Bop4J1bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71b17fa70c39-AMS alt-svc h3=":443"; ma=86400 expires Sun, 03 Mar 2024 00:51:09 GMT
GET H3	200	1503.jpg heodemz.com/wp-content/uploads/thumb/	9 KB 9 KB	347ms 346ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/thumb/1503.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6e981e7af613acfd83ebb0430efdbdd3e6774c8a081a270cc92dd35867f5f5d Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:10 GMT cf-cache-status HIT last-modified Mon, 30 Aug 2021 16:26:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2291-5cac94c3f3000-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eFRzf%2Bp8PWoAG3qQZ3cXHAp6RGyjTG7e8peVKeYKhdQdvi9McsaEsvKoIMlkdcKwssk%2BAEu8pPIHJWolw5bnJKksB587nVILu4jB0r033h0pnbUn0ewhuVeZY1YBkdhsVK%2Ba1Qrnsfu1A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71b17fa90c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 02 Mar 2024 07:18:51 GMT
GET H3	200	1616.jpg heodemz.com/wp-content/uploads/thumb/	9 KB 9 KB	194ms 193ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/thumb/1616.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c5fddd3f7741313c253aa79b3f5390c4ca22be1f7f4dd93ac31008312396452 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status HIT last-modified Mon, 30 Aug 2021 16:27:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2321-5cac9504cc900-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hWfMawFcQQJdpWx1VEvlaVop%2FEz93%2FZG77AJF2dsoqj%2BduxTZBVet1k8%2Be41o1NMd7S0RwkH%2BThllAnfLIN%2BxykYiZIbEhgfBNlhD9tccEAMjTbdp0NRS66DEo4stnRJUOd537VAxxDig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71b17faa0c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 02 Mar 2024 04:21:25 GMT
GET H3	200	4321.jpg heodemz.com/wp-content/uploads/thumb/	15 KB 15 KB	220ms 219ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/thumb/4321.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 286c3979655a31b4e5355f26eb0f0da1fcdf8920e568a6b56c973fc8c19cc51a Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status MISS last-modified Thu, 09 Sep 2021 05:51:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3ae3-5cb8997f61c00-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXD4IoPkWqj5RRcx8OfRjbI8Cza5bwWTqEokSykHuJ6oCTBJdTngMncRfiQtJjdAJ3fQ2GS9mZMNe61QYcHeRp18M3s5ueCC9EJpGkxsGv5C5dhgEZF9OtlFf75vuELJ8BHv2W%2BHOc7HbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71b17fab0c39-AMS alt-svc h3=":443"; ma=86400 expires Sun, 03 Mar 2024 00:51:09 GMT
GET H3	200	3663.jpg heodemz.com/wp-content/uploads/thumb/	10 KB 11 KB	227ms 227ms	Image image/jpeg	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://heodemz.com/wp-content/uploads/thumb/3663.jpg Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d789fd43189e2d0682750e93b4e4e321c11faff2fec8dc1eba604b46499bcea1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://heodemz.com/co-chau-gai-xinh-dep/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT cf-cache-status HIT last-modified Sat, 04 Sep 2021 00:50:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"28d8-5cb20ccbec680-gzip" vary Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7RVneRLMZLOm5Whow11qQUcocKyxCxsNkcBsbb7cMdXiwp%2FRBkZ67Rjawgm4DYdlpuH9fhPklo2Y1Vj2yIqn6PsVdtksakv%2FgkkG5l4%2BX0vyOUTcvrCP9vYLbPfuVYo6fv4z%2FuQYo6e%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 cf-ray 84ee71b17fac0c39-AMS alt-svc h3=":443"; ma=86400 expires Sat, 02 Mar 2024 21:15:44 GMT
GET H2	200	cast_framework.js Show response www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 4F6D	35 KB 12 KB	48ms 48ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Fri, 02 Feb 2024 00:51:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12197 x-xss-protection 0 last-modified Mon, 14 Nov 2022 23:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="chrome-dongle" vary Accept-Encoding report-to {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]} content-type text/javascript cache-control private, max-age=0 accept-ranges bytes expires Fri, 02 Feb 2024 00:51:09 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/121/ Frame 4F6D	50 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/121/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 17:33:00 GMT content-encoding gzip x-content-type-options nosniff age 26289 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14705 x-xss-protection 0 last-modified Mon, 27 Nov 2023 16:05:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Fri, 02 Feb 2024 17:33:00 GMT
GET H2	206	video888.mp4 bf.333xbet.com/18881999/	1 MB 0	158ms 158ms	Media video/mp4	216.180.227.70 BLUETECH-WAF
General Check archive.org Show headers Download Go to Full URL https://bf.333xbet.com/18881999/video888.mp4 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.180.227.70 , Virgin Islands (British), ASN47191 (BLUETECH-WAF, VG), Reverse DNS Software nginx / Resource Hash Request headers Referer https://heodemz.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=32768- Response headers date Mon, 29 Jan 2024 14:16:57 GMT last-modified Fri, 02 Feb 2024 00:17:08 GMT server nginx etag "65a52197-2025870" access-control-allow-methods GET, POST, OPTIONS content-type video/mp4 access-control-allow-origin * x-cache HIT, server, disk cache-control max-age=2592000 Content-Range bytes 32768-33708143/33708144 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 33675376 expires Wed, 28 Feb 2024 14:16:57 GMT
GET		/ count-view.play4db1.click/socket.io/ Frame 4F6D	0 0
GET H2	206	video888.mp4 bf.333xbet.com/18881999/	2 MB 0	257ms 257ms	Media video/mp4	216.180.227.70 BLUETECH-WAF
General Check archive.org Show headers Download Go to Full URL https://bf.333xbet.com/18881999/video888.mp4 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.180.227.70 , Virgin Islands (British), ASN47191 (BLUETECH-WAF, VG), Reverse DNS Software nginx / Resource Hash Request headers Referer https://heodemz.com/ Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Range bytes=1441792- Response headers date Mon, 29 Jan 2024 14:16:57 GMT last-modified Fri, 02 Feb 2024 00:17:08 GMT server nginx etag "65a52197-2025870" access-control-allow-methods GET, POST, OPTIONS content-type video/mp4 access-control-allow-origin * x-cache HIT, server, disk cache-control max-age=2592000 Content-Range bytes 1441792-33708143/33708144 accept-ranges bytes access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Content-Length 32266352 expires Wed, 28 Feb 2024 14:16:57 GMT
GET BLOB	200 OK	48dc5c8a-8bd6-44b3-b5b8-0d107ca317df https://play.play4db1.click/ Frame 4F6D	89 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://play.play4db1.click/48dc5c8a-8bd6-44b3-b5b8-0d107ca317df Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 54c1920b816b16770d0accd661fe7f2b14772165e61f9c99f1ecfcd2ee0e4333 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Length 90624 Content-Type text/javascript
GET H2	200	202301235d0dc572091e04c64b67b551 Show response p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame 4F6D Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/1ac83b1230f88769ca017917e1da5fdec5a97e47d1531818b7e18b72e67d097190b5c4c422eef37c4bdaf3a2e421dcfa/6811678ab238ddc115a04507bdaff92b https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301235d0dc572091e04c64b67b551	766 KB 768 KB	28ms 28ms	XHR image/png	2.16.241.4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301235d0dc572091e04c64b67b551 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2.16.241.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-4.deploy.static.akamaitechnologies.com Software TLB / ImageX Resource Hash e5527dd74d0ae5c7c146da5ce07b845887ba3cc69df4737e6cf483aae93399da Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-akamai-request-id 7b92643.2009a719 date Fri, 02 Feb 2024 00:51:12 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES x-tt-trace-id 00-240131091915987AE60F98D8C1EE09B5-171CA50D5B658E03-00 nw-session-id 2024012617040125469219B381D7C3C376x28v912df x-powered-by ImageX x-cache TCP_MISS from a2-19-125-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 5,2.19.125.196 server-timing cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, inner; dur=2 x-length 784780 content-length 784780 last-modified Fri, 26 Jan 2024 17:04:02 GMT server TLB x-tt-logid 2024012617040125469219B381D7C3C376 x-response-date Fri, 26 Jan 2024 17:04:02 GMT x-cache-remote TCP_HIT from a23-55-109-19.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-) content-type image/png access-control-allow-origin * nw-session-trace 2024-01-26T17:04:02.267114418Z 84 x-request-ip fdbd:dc51:4000:363:a::228 cache-control max-age=30989574 x-tt-trace-host 01f9336a32ad8cb53e51f151cca8d35e4def94791f8453afd18b05b76869ea016cb9494d0d2efe93d23d6b44628850f704033391992418340b87989048d3fa6bea8101640abac7752e43eae933d1c7505558936bb7a419c5a2c5ee3085f65d82de0587f66f67d0639aad8afa7b33f0c650eb1dac8c0b6359044bf0f4a67c76d405 x-response-cinfo fdbd:dc51:4000:363:a::228 imagex-fmt png2png x-response-cache edge_hit timing-allow-origin * Redirect headers date Fri, 02 Feb 2024 00:51:12 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A5c5fZ32tKgr%2FbVHWLVk3a1A811kJD5G2pfe5uMU5N0IXf3EfUnMSjpm1hnRPrsddI2MJ6UlfZU%2F06G4fxFC6C0MScfkv45dgwXnYdfnXMPxmXtMomie15DV4gn2a%2BM%2FTwMj8zlCufG0WzgYgNZ7P8o"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301235d0dc572091e04c64b67b551 cache-control public, max-age=3600 cf-ray 84ee71c12c5d0b44-AMS alt-svc h3=":443"; ma=86400 content-length 105
GET H2	200	202301275d0dfb2f19b54b0e45af833a Show response p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame 4F6D Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/33deb008c0cffdaa1024995e6410b9f674b36ac05ba125cff5a2e953902ba8647e3ee7927d75e165991da830cac135ea/cd857616dd702b55ab0ac231f9b5284c https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301275d0dfb2f19b54b0e45af833a	1 MB 1 MB	27ms 27ms	XHR image/png	2.16.241.4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301275d0dfb2f19b54b0e45af833a Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2.16.241.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-4.deploy.static.akamaitechnologies.com Software TLB / ImageX Resource Hash 6dc5a59b7948cf4a958af1ceacb371d3446a17174c982ecd8840ad3979131b9e Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-akamai-request-id 105e5149.2009a7bb date Fri, 02 Feb 2024 00:51:12 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES x-tt-trace-id 00-240131091916346FF9B9AB91AC71B430-32C02C8B46C9364C-00 nw-session-id 20240131091916346FF9B9AB91AC71B430hpbc213df x-powered-by ImageX x-cache TCP_MISS from a2-19-125-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) x-bdcdn-cache-status TCP_MISS x-parent-response-time 13,23.33.32.230, 3,2.19.125.196 server-timing cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, inner; dur=121 x-length 1115096 content-length 1115096 last-modified Wed, 31 Jan 2024 09:19:17 GMT server TLB x-tt-logid 20240131091916346FF9B9AB91AC71B430 x-response-date Wed, 31 Jan 2024 09:19:17 GMT x-cache-remote TCP_HIT from a23-36-161-31.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) content-type image/png access-control-allow-origin * nw-session-trace 2024-01-31T09:19:17.824065915Z 119 x-request-ip fdbd:dc53:2:793::14 cache-control max-age=31393531 x-tt-trace-host 01f9336a32ad8cb53e51f151cca8d35e4def94791f8453afd18b05b76869ea016ca0f8631a136599b268adf4be7c4c04c47a53a71c50858f1940faa0a8b0edacb857b0d6bfe862f08b096e46a8e81aa7a3b40eda43ab9aecf29f29a8861e6ce32f61cfb9dd439990c6323daa057f08d7ebdac4408b0d8db446b76046a6e05f6bbd x-response-cinfo fdbd:dc53:2:793::14 imagex-fmt png2png x-response-cache miss timing-allow-origin * Redirect headers date Fri, 02 Feb 2024 00:51:12 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1k1CUoltX73F%2BQftGKB8BiPqq0zfCrDl06k9cTTie2Mo5uETo0akGfH3rv4w0MVFrJ7YiBpm%2Ffav5UYVjaz04qbXOhUsw5l9dLkR0g%2BXKMHLojWOxkqmO%2BoqOeQntlKjBhBsZYAufzW8c7DCeh1ncGv"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202301275d0dfb2f19b54b0e45af833a cache-control public, max-age=3600 cf-ray 84ee71c20dca0b44-AMS alt-svc h3=":443"; ma=86400 content-length 105
GET H2	200	202302015d0d281f29713c76416799b8 Show response p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame 4F6D Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/a6969fc946ee31cc6c5e47f99ca22fedd6e86f0deb0b7308b08d2c22dd8752df51965b74a71b92b0f7c7c496f4ea24e8/5bf57b9a9ba8eafdf3053d885697a391 https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302015d0d281f29713c76416799b8	1 MB 1 MB	981ms 981ms	XHR image/png	2.16.241.4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302015d0d281f29713c76416799b8 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2.16.241.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-4.deploy.static.akamaitechnologies.com Software TLB / ImageX Resource Hash dc9a44a45ab63d88ddc97242e6fc01571eddad8d427d1eb0b2eabbddb5da7073 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-akamai-request-id f6ed5a1.164bfc9f.2009a814 date Fri, 02 Feb 2024 00:51:13 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES x-tt-trace-id 00-240201160055B9B88A4A29FF54C49ABD-63E9A9A630928971-00 nw-session-id 20240201160055B9B88A4A29FF54C49ABDt8hzh13df x-powered-by ImageX x-cache TCP_MISS from a2-19-125-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) x-bdcdn-cache-status TCP_MISS x-parent-response-time 956,23.55.109.156, 958,2.19.125.196 server-timing cdn-cache; desc=HIT, edge; dur=959, origin; dur=0, inner; dur=99 x-length 1131828 content-length 1131828 last-modified Thu, 01 Feb 2024 16:00:56 GMT server TLB x-tt-logid 20240201160055B9B88A4A29FF54C49ABD x-response-date Thu, 01 Feb 2024 16:00:56 GMT x-cache-remote TCP_MISS from a23-55-109-156.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) content-type image/png access-control-allow-origin * nw-session-trace 2024-02-01T16:00:56.167696144Z 96 x-request-ip fdbd:dc53:2:819::26 cache-control max-age=31504175 x-tt-trace-host 01324d7d68b0059e1fe3532bfa30c2a7fc6724972ac90a13a521e981671be871fa647023647eaecfdf11f647f71eeef17dded399917b91fb64057694c410968c46ceb6c77fa26fa2ed1d3082db97e9d9d191d3cde235a1fc52f4a777d81d46aa459915672df018dbe3489b8eef70e9def5 x-response-cinfo fdbd:dc53:2:819::26 imagex-fmt png2png x-response-cache miss timing-allow-origin * Redirect headers date Fri, 02 Feb 2024 00:51:12 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wwn7kcU1UHB%2B%2BwU4h2CUHVzSwYOUl2k2Nr6doFZYi%2Fq4P6KiZVqMug8Dlks9Iy5D7VWhqOMehJX5yIsbC21dW3DnEGC%2BROdMsCv0s%2FExLLNjpTnSX8p%2BvAuGd%2FnpZ09yf7EUkOD5EcVkgcW5Ek295Mzm"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302015d0d281f29713c76416799b8 cache-control public, max-age=3600 cf-ray 84ee71c2ae460b44-AMS alt-svc h3=":443"; ma=86400 content-length 105
GET		/ count-view.play4db1.click/socket.io/ Frame 4F6D	0 0
GET H2	200	202302125d0d9e6a53ded1594df6bc45 p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/ Frame 4F6D Redirect Chain https://play.play4db1.click/rdv1/6382d2a6c281da76c6324db1/6d4bd377c9f13cf2d1a7fe5e6dd624bcee76b7fa317f95b3302b43018de4037d50b7331f51a34f26726d179067a16ccc/e9f9792665896c813c32a1b0de45de36 https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302125d0d9e6a53ded1594df6bc45	48 KB 0	973ms 973ms	XHR image/png	2.16.241.4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302125d0d9e6a53ded1594df6bc45 Requested by Host: heodemz.com URL: https://heodemz.com/co-chau-gai-xinh-dep/ Protocol H2 Server 2.16.241.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-241-4.deploy.static.akamaitechnologies.com Software TLB / ImageX Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers x-akamai-request-id 5fbf4e4.25bbeb1a.2009b1ac date Fri, 02 Feb 2024 00:51:15 GMT x-tt-trace-tag id=16;cdn-cache=hit;type=static x-check-cacheable YES x-tt-trace-id 00-2402011350121109F35BB0B2227DC4EC-334A605E6697C2C0-00 nw-session-id 20240127170505BBEBF877A6101A439F7597wd512df x-powered-by ImageX x-cache TCP_MISS from a2-19-125-196.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) x-bdcdn-cache-status TCP_HIT x-parent-response-time 944,23.53.40.68, 951,2.19.125.196 server-timing cdn-cache; desc=HIT, edge; dur=951, origin; dur=0, inner; dur=2 x-length 1397284 content-length 1397284 last-modified Sat, 27 Jan 2024 17:05:06 GMT server TLB x-tt-logid 20240127170505BBEBF877A6101A439F75 x-response-date Sat, 27 Jan 2024 17:05:06 GMT x-cache-remote TCP_MISS from a23-53-40-68.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-) content-type image/png access-control-allow-origin * nw-session-trace 2024-01-27T17:05:06.467947548Z 132 x-request-ip fdbd:dc51:ff:1:1:245:41:180 cache-control max-age=31076003 x-tt-trace-host 012236fafd3fb7c953f4587c38136bc946a36f74826d2fb3d333cc9f9030bfd7db509cf4566d348d50d68606dc69570e9392fbae81a2d39b1cd472ab35cea1952e925133acef7acf78ca889dea5958b3c95aa54fe5c8a36e85f04dbe6b8a7cd981a18f9de024b41cd8a94f447e4a742798a0a45988f38f16a550c309dd09d48b30 x-response-cinfo fdbd:dc51:ff:1:1:245:41:180 imagex-fmt png2png x-response-cache edge_hit timing-allow-origin * Redirect headers date Fri, 02 Feb 2024 00:51:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LN5RDDno%2FlU72SdYhB3RoYs72NqyCgx71fOya2QKaOXrF0eElG6djdk6yrUtr8gURsRfOGMSjgiJHyI%2BVCAYadxGa%2FyUo89tb9vhKiUh5YpMzB97LwxXi%2BnpvGEMHw1wLYXJpBtcyXsgnKj1N1NDLBAg"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 location https://p16-ad-sg.ibyteimg.com/obj/ad-site-i18n-sg/202302125d0d9e6a53ded1594df6bc45 cache-control public, max-age=3600 cf-ray 84ee71d20d160b44-AMS alt-svc h3=":443"; ma=86400 content-length 105
GET		/ count-view.play4db1.click/socket.io/ Frame 4F6D	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

count-view.play4db1.click

URL

https://count-view.play4db1.click/socket.io/?EIO=4&transport=polling&t=OrdJ4Qk

Domain

w3img.com

URL

https://w3img.com/sub.vtt

Domain

cdn-01.w3img.com

URL

https://cdn-01.w3img.com/images_cdn/background_v2

Domain

count-view.play4db1.click

URL

https://count-view.play4db1.click/socket.io/?EIO=4&transport=polling&t=OrdJ4nE

Domain

count-view.play4db1.click

URL

https://count-view.play4db1.click/socket.io/?EIO=4&transport=polling&t=OrdJ5Mx

Domain

count-view.play4db1.click

URL

https://count-view.play4db1.click/socket.io/?EIO=4&transport=polling&t=OrdJ6JE